TY - GEN
T1 - Mining Attributed Input Grammars and their Applications in Fuzzing
AU - Pointner, Andreas
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Undetected errors in software systems are a common cause of vulnerabilities and security holes. Grammar Fuzzing is an effective method for testing these systems, but it has limitations such as lack of knowledge about the semantics of the program and difficulty obtaining grammar for these systems. To address these limitations, we propose an approach to automatically mine grammars, and enhance it with semantic rules and contextual constraints to create attribute grammars. These attribute grammars can then be used for fuzzing. Our preliminary results show that this automated extraction process is feasible, as we successfully applied it to an expression parser and were able to extract an attribute grammar representing the parser's functionality.
AB - Undetected errors in software systems are a common cause of vulnerabilities and security holes. Grammar Fuzzing is an effective method for testing these systems, but it has limitations such as lack of knowledge about the semantics of the program and difficulty obtaining grammar for these systems. To address these limitations, we propose an approach to automatically mine grammars, and enhance it with semantic rules and contextual constraints to create attribute grammars. These attribute grammars can then be used for fuzzing. Our preliminary results show that this automated extraction process is feasible, as we successfully applied it to an expression parser and were able to extract an attribute grammar representing the parser's functionality.
KW - Grammar Fuzzing
KW - Input Grammar Mining
KW - Semantic Grammar Enrichment
UR - http://www.scopus.com/inward/record.url?scp=85161957606&partnerID=8YFLogxK
U2 - 10.1109/ICST57152.2023.00059
DO - 10.1109/ICST57152.2023.00059
M3 - Conference contribution
AN - SCOPUS:85161957606
T3 - Proceedings - 2023 IEEE 16th International Conference on Software Testing, Verification and Validation, ICST 2023
SP - 493
EP - 495
BT - Proceedings - 2023 IEEE 16th International Conference on Software Testing, Verification and Validation, ICST 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 16th IEEE International Conference on Software Testing, Verification and Validation, ICST 2023
Y2 - 16 April 2023 through 20 April 2023
ER -