Test case generating method and device for fuzz testing

A test case generation and test case technology, applied in software testing/debugging, error detection/correction, instruments, etc., can solve problems such as rejection of the system under test, and achieve the effect of comprehensive security testing

Inactive Publication Date: 2014-06-11
SIEMENS AG
View PDF4 Cites 22 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although this method takes into account the specific encoding method of some input data of the system under test, the randomized input data may still have a large difference in format from the normal input data, so it will also face the problems of the system under test. refusal question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Test case generating method and device for fuzz testing
  • Test case generating method and device for fuzz testing
  • Test case generating method and device for fuzz testing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The above characteristics, technical features, advantages and implementation methods of the present invention will be further described below by describing preferred embodiments in a clear and understandable manner in conjunction with the accompanying drawings.

[0028] Embodiments of the present invention propose a method for generating test cases for fuzz testing, such as figure 1 As shown, the method includes the following steps:

[0029] Step 101: Determine the grammatical structure of the input field according to the legal content of the input field of the system under test, and the grammatical structure of the input field includes special characters and their positions in the field.

[0030] In the embodiment of the present invention, the system under test may be software written using computer codes such as application programs and protocol implementations, and is collectively referred to as the system under test hereinafter.

[0031] According to specific appli...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a test case generating method and device for fuzz testing. The test case generating method comprises the steps of confirming grammatical structures of input fields according to legal contents of input fields of a tested system, wherein the grammatical structures of the input fields comprise special characters in the fields and positions of the special characters; generating abnormal use cases by adopting a set generating method and confirming grammatical structures of the abnormal use cases, wherein the grammatical structures of the abnormal use cases comprise special characters in the abnormal use cases and positions of the abnormal use cases; comparing the grammatical structures of the abnormal use cases with the grammatical structures of the input fields; if the grammatical structures of the abnormal use cases are identical to at least one special field in the grammatical structures of the input fields in position, the abnormal use cases are used as test cases of the tested system. By adopting the test case generating method and device for fuzz testing, the test cases for fuzz testing and input data of the tested system can have high similarity, and accordingly high-efficiency and comprehensive safe testing is achieved.

Description

technical field [0001] The invention relates to the technical field of software security testing, in particular to a method and device for generating test cases for fuzz testing. Background technique [0002] Black-box testing is a commonly used software security testing method. Its testing does not depend on the source code of the software program under test, and it can always detect security holes that are ignored by testers. It has been widely used in testing. [0003] Fuzz testing (fuzz testing) is a black box testing technology that appeared in the 1990s. This technology constructs some random or semi-random data (called fuzz) as the input of the tested software, and monitors the response and and / or status to determine if a security vulnerability exists in the software under test. As a black-box testing tool, fuzz testing is usually used in large-scale software development projects. Its advantages are: the cost of testing is relatively low, and it can be fully automat...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
CPCG06F11/3684
Inventor 唐文
Owner SIEMENS AG
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap