Mining Attributed Input Grammars and their Applications in Fuzzing

Research output: Chapter in Book/Report/Conference proceedingsConference contributionpeer-review

Abstract

Undetected errors in software systems are a common cause of vulnerabilities and security holes. Grammar Fuzzing is an effective method for testing these systems, but it has limitations such as lack of knowledge about the semantics of the program and difficulty obtaining grammar for these systems. To address these limitations, we propose an approach to automatically mine grammars, and enhance it with semantic rules and contextual constraints to create attribute grammars. These attribute grammars can then be used for fuzzing. Our preliminary results show that this automated extraction process is feasible, as we successfully applied it to an expression parser and were able to extract an attribute grammar representing the parser's functionality.

Original languageEnglish
Title of host publicationProceedings - 2023 IEEE 16th International Conference on Software Testing, Verification and Validation, ICST 2023
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages493-495
Number of pages3
ISBN (Electronic)9781665456661
DOIs
Publication statusPublished - 2023
Event16th IEEE International Conference on Software Testing, Verification and Validation, ICST 2023 - Dublin, Ireland
Duration: 16 Apr 202320 Apr 2023

Publication series

NameProceedings - 2023 IEEE 16th International Conference on Software Testing, Verification and Validation, ICST 2023

Conference

Conference16th IEEE International Conference on Software Testing, Verification and Validation, ICST 2023
Country/TerritoryIreland
CityDublin
Period16.04.202320.04.2023

Keywords

  • Grammar Fuzzing
  • Input Grammar Mining
  • Semantic Grammar Enrichment

Fingerprint

Dive into the research topics of 'Mining Attributed Input Grammars and their Applications in Fuzzing'. Together they form a unique fingerprint.

Cite this