Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and system for optimizing test samples in fuzzy test

A technology for test cases and tests, applied in software testing/debugging, computer security devices, error detection/correction, etc., can solve problems such as poor efficiency and attacks, achieve the effect of optimizing test cases and improving vulnerability detection efficiency

Active Publication Date: 2014-04-02
SIEMENS AG
View PDF3 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since software today has at least rudimentary mechanisms for checking the validity of input, overly specific "obfuscated" data that differs significantly from legitimate input will be easily detected and discarded
Also, in an RFT, it is very possible to have duplicate test cases, since some test cases have the same attack effect on the target software
Therefore, the main disadvantage of RFT is the poor efficiency

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for optimizing test samples in fuzzy test
  • Method, device and system for optimizing test samples in fuzzy test
  • Method, device and system for optimizing test samples in fuzzy test

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] This application will be described with respect to particular embodiments and with reference to certain drawings, but the application is not limited thereto, but only by the claims. The drawings described are only schematic and not limiting. In the drawings, the size of some of the elements may be exaggerated and not drawn on scale for convenience of illustration. Where an indefinite or definite article is used when referring to a singular noun eg "a", "an" and "the", this includes a plural of that noun unless expressly stated otherwise.

[0034] In previous studies on random fuzzing, two scales were most often used to evaluate the effectiveness of a collection of test cases, one scale is the probability of detecting at least one vulnerability (called the PF scale), and the other is the expected The number of detected vulnerabilities (called the EF scale). Although these two scales are very popular, they still have many shortcomings. For example, for the EF scale, a ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method, a device and a system for ranking test samples. The method comprises the following steps that the following steps are executed for one turn or several turns; each test samples in a plurality of test samples is used for testing a test object according to the ranging sequence of the test samples in an initial test sample set, the attacking effect of each test sample is monitored, and in addition, the priority of each test sample is determined according to the attacking effect corresponding to each test sample; the test samples in the initial test sample set are re-ordered again according to the determined priority of each test sample; the re-ordered test sample set obtained in the current turn can be used as the initial test sample set used in the execution process in the next turn.

Description

technical field [0001] The present invention generally relates to the technical field of software testing, and more specifically relates to optimizing test cases used in fuzz testing. Background technique [0002] Security testing of software (including application programs, communication software, etc.) is actually a detection in the software input space. The input space of software consists of all possible inputs to the software or combinations of all possible inputs. Exhaustive enumeration is the most extreme method to verify the correctness of software behavior. However, exhaustive enumeration is not feasible for most cases, because the input space of software programs is usually very large, and may even be infinite. [0003] Compared with the exhaustive method, fuzz testing (Fuzz Testing), as a random sample method, is a more feasible black-box testing method. Fuzz testing works by automatically providing random or semi-valid inputs (ie, test cases) to test objects (i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36
CPCG06F21/552G06F21/577G06F11/3688
Inventor 刘玉恒
Owner SIEMENS AG
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com