Cybernetics And Systems Analysis logo
Editorial Board Announcements Abstracts Authors Archive
Cybernetics And Systems Analysis
International Theoretical Science Journal
-->

UDC 004.05, 004.42
O.O. Letychevskyi1, V.S. Peschanenko2, Y.V. Hryniuk3


1 V. M. Glushkov Institute of Cybernetics,
National Academy of Sciences of Ukraine,
Kyiv, Ukraine

oleksandr.letychevskyi@litsoft.com.ua

2 Kherson State University, Kherson, Ukraine

volodymyr.peschanenko@litsoft.com.ua

3 V.M. Glushkov Institute of Cybernetics,
National Academy of Sciences of Ukraine,
Kyiv, Ukraine

yaroslav.hryniuk@gmail.com

FUZZING TECHNIQUE AND ITS USAGE IN CYBERSECURITY TASKS

Abstract. The paper considers the technology of fuzzy testing, which involves testing software systems with the operating of critical or unexpected input data. An overview of the current state of the problem is made and the main systems of fuzzy testing are presented. The approach to the technology of fuzzy testing with the use of algebraic methods, in particular symbolic modeling, is considered. The “light weight” algorithm, which is designed to reduce the generation time of tests, is considered. The algorithm is implemented in the environment of the insertion modeling system and applied in testing older versions of systems developed in Linux.

Keywords: fuzzing, vulnerabily of software, symbolic modeling, behavior algebra, insertion model.


FULL TEXT

REFERENCES

  1. American Fuzzy Lop. URL: https://lcamtuf.blogspot.com/2014/10/bash-bug-how-we-finally -cracked.html.

  2. Synopsis. URL: https://www.synopsys.com/software-integrity/security-testing/fuzz-testing.html.

  3. Peach. URL: https://medium.com/csg-govtech/lifes-a-peach-fuzzer-how-to-build-and-use-gitlab -s-open-source-protocol-fuzzer-fd78c9caf05e.

  4. Syzkaller. URL: https://github.com/google/syzkaller/blob/master/docs/research.md.

  5. SAGE. URL: https://queue.acm.org/detail.cfm?id=2094081.

  6. Csmith. URL: https://srg.doc.ic.ac.uk/files/papers/compilerbugs-oopsla-19.pdf.

  7. Letychevsky O.O., Hryniuk Ya.V., Yakovlev V.M. Algebraic approach in formalizing vulnerabilities in binary code. Control Systems and Computers. 2019. N 6. P. 5–20.

  8. Letichevsky A. Algebra of behavior transformations and its applications. Structural Theory of Automata, Semigroups, and Universal Algebra. NATO Science Series II. Mathematics, Physics and Chemistry. Kudryavtsev V.B., Rosenberg I.G. (Eds.). 2005. Vol. 207. P. 241–272.

  9. Letychevskyi O., Peschanenko V., Radchenko V., Hryniuk Y., Yakovlev V. Algebraic patterns of vulnerabilities in binary code. Conference Proceedings of 2019 10th International Conference on Dependable Systems, Services and Technologies (DESSERT’2019) (June 5–7, 2019, Leeds, United Kingdom). IEEE, 2019. P. 70–73.

  10. Potienko S.V. Methods for forward and backward symbolic modeling of systems specified by basic protocols. Problemy programuvannya. 2008. N 4. p. 39–45.

  11. Letichevsky A.Ad., Letichevsky A.A., Godlevsky A.B., Peschanenko V.S., Potienko S.V. Properties of the predicate transformer of the VRS system. Kibernetika i sistemnyj analiz. 2010. N 4. P. 3–16.

  12. Letichevsky A., Letychevskyi O., Peschanenko V. Insertion modeling and its applications. Computer Science Journal of Moldova. 2016. Vol. 24, Iss. 3. P. 357–370.




© 2022 Kibernetika.org. All rights reserved.