Model Based Automatic Fuzzing Script Generation

Knowledge based fuzzing techniques generally have some shortcomings of heavy workload in writing scripts.A model based automatic fuzzing script generation method was proposed.Firstly data format is represented by the higherorder attribute grammars,and uniform data representation which is irrelevant to the test environments can be obtained.Secondly,the grammar model is used to parse the sample data and build the grammar parsing tree.Lastly,the relationship between the parsing tree and the test logic is built,which can be used to generate test script automatically.Experimental results indicate that the method can generate effective test scripts automatically to discover potential vulnerabilities in software.