University of Twente Student Theses
Fuzzing : A Comparison of Fuzzing Tools
Belle Lakshminarayan, Suhas (2023) Fuzzing : A Comparison of Fuzzing Tools.
|
PDF
3MB |
| Abstract: | It is critical to detect bugs or vulnerabilities in software because they can serve as an entry point for an attacker, potentially leading to serious consequences. These bugs or vulnerabilities could be the result of a programming error in the design of the software or program. Manually locating all bugs or vulnerabilities in the field of software security is an error-prone and complex task. These efforts can be reduced by a technique known as Fuzzing or Fuzz Testing, which is based on the ability to detect bugs or vulnerabilities by generating inputs of various types (valid, invalid, malformed, etc.) that are fed into the software and tested repeatedly. There are several Fuzzing Tools (Fuzzers) available that frequently succeed in identifying vulnerabilities. This work demonstrates the complete operation of three fuzzers, namely American Fuzzy Lop (AFL), LibFuzzer, and Angora Fuzzer, as well as a comparison of these fuzzers with program metrics such as code coverage, types of bugs or vulnerabilities detected, number of bugs detected, and execution speed, which in turn measures the fuzzer’s performance. |
| Item Type: | Essay (Master) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Programme: | Embedded Systems MSc (60331) |
| Link to this item: | https://purl.utwente.nl/essays/94591 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page