Welcome to the seminar on "Comparing Fuzzing Techniques”! In this seminar, we want to build on the techniques from the “Generating Software Tests” book, which you have worked with extensively in the last semester. Our aim is to have all of you... Read more
Welcome to the seminar on "Comparing Fuzzing Techniques”! In this seminar, we want to build on the techniques from the “Generating Software Tests” book, which you have worked with extensively in the last semester. Our aim is to have all of you contribute to the book by evaluating some of the techniques and possibly even write a scientific paper about your results. We very much look forward to this seminar and hope you are as excited as we are.
Our first task will be to have a kick-off meeting, such that we can plan what to do and find a common date for our regular meetings. This kick off date will take place in CISPA at
Wednesday, April 17, 17:00
In preparation for the meeting, it won't hurt to take a look at the latest version of the book (at https://beta.fuzzingbook.org/) and already check out whether there would be areas that you find of particular interest. We are very open to suggestions regarding the subject of your particular task.
Did we say we are excited? Oh yes, we are. And we’re looking forward to see you soon!
Best wishes, and see you on Wednesday,
Andreas Zeller + Rahul Gopinath
Comparing Fuzzing Techniques
In this seminar, we evaluate automated test generation techniques (fuzzers) for their effectiveness and efficiency. We discuss and design evaluation criteria and apply them on a number of techniques from the book "Generating Software Tests" (https://www.fuzzingbook.org). Apart from reporting and presenting your results in the seminar, your evaluation results will be included in the book. If the results or techniques are novel (many of them are), we will also strive to publish them as a scientific paper, with you as co-author.
* Introduction to empirical techniques (all)
* Designing benchmarks (all)
* Defining common evaluation questions (all)
* Presenting empirical results (all)
* Selecting an individual fuzzing technique for evaluation
* Defining individual evaluation questions and parameters
* Conducting the evaluation
* Producing an evaluation report
* Presenting and discussing evaluation results
The fuzzers are implemented in Python and come as Jupyter Notebooks. You will also use Jupyter Notebooks for conducting the evaluation and presenting the final results, both as report and as presentation.
Requirements: You should have passed the lecture "Generating Software Tests" or have sufficient knowledge from the course.
Knowledge of Python and experience with Jupyter Notebooks is helpful, but can be acquired during the seminar.