Lyu et al., 2023 - Google Patents
{MINER}: A Hybrid {Data-Driven} Approach for {REST}{API} FuzzingLyu et al., 2023
View PDF- Document ID
- 10233984387762901851
- Author
- Lyu C
- Xu J
- Ji S
- Zhang X
- Wang Q
- Zhao B
- Pan G
- Cao W
- Chen P
- Beyah R
- Publication year
- Publication venue
- 32nd USENIX Security Symposium (USENIX Security 23)
External Links
Snippet
In recent years, REST API fuzzing has emerged to explore errors on a cloud service. Its performance highly depends on the sequence construction and request generation. However, existing REST API fuzzers have trouble generating long sequences with well …
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3696—Methods or tools to render software testable
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/40—Transformations of program code
- G06F8/41—Compilation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3604—Software analysis for verifying properties of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/50—Computer-aided design
- G06F17/5009—Computer-aided design using simulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/31—Programming languages or programming paradigms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
- G06N99/005—Learning machines, i.e. computer in which a programme is changed according to experience gained by the machine itself during a complete run
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lyu et al. | {MINER}: A Hybrid {Data-Driven} Approach for {REST}{API} Fuzzing | |
| Wu et al. | Combinatorial testing of restful apis | |
| Arcuri | RESTful API automated test case generation with EvoMaster | |
| Ispoglou et al. | {FuzzGen}: Automatic fuzzer generation | |
| Martin-Lopez et al. | RESTest: automated black-box testing of RESTful web APIs | |
| Eceiza et al. | Fuzzing the internet of things: A review on the techniques and challenges for efficient vulnerability discovery in embedded systems | |
| US10990516B1 (en) | Method, apparatus, and computer program product for predictive API test suite selection | |
| US8356353B2 (en) | System and method for simulating computer network attacks | |
| US9146829B1 (en) | Analysis and verification of distributed applications | |
| Cavalcante et al. | Statistical model checking of dynamic software architectures | |
| Bierma et al. | Andlantis: Large-scale Android dynamic analysis | |
| EP4359978A1 (en) | Detection of supply chain-related security threats to software applications | |
| Jauernig et al. | DARWIN: Survival of the fittest fuzzing mutators | |
| US8161329B2 (en) | Generating random sequences based on stochastic generative model having multiple random variates | |
| Heule et al. | Mimic: Computing models for opaque code | |
| Martin-Lopez | AI-driven web API testing | |
| Sottile et al. | Semi-automatic extraction of software skeletons for benchmarking large-scale parallel applications | |
| Choi | Model checking trampoline OS: a case study on safety analysis for automotive software | |
| US9804945B1 (en) | Determinism for distributed applications | |
| JP2015219906A (en) | Software verification method and processor | |
| Belhadi et al. | Random testing and evolutionary testing for fuzzing GraphQL APIs | |
| TWI626538B (en) | Infrastructure rule generation technology | |
| Zhao et al. | Alphuzz: Monte carlo search on seed-mutation tree for coverage-guided fuzzing | |
| Oaks | Java performance: in-depth advice for tuning and programming Java 8, 11, and beyond | |
| Chen et al. | Bootstrapping automated testing for RESTful web services |