If you’ve gone through my CanSecWest slides, I talk a lot about Field’s and how they are the fundamental units of protocols (network or file formats). The linkage information between the Field’s and across messages is a pretty powerful way to infer the cyclomatic complexity of the code that parses these messages. When generating test cases (fuzzing being one kind), we can leverage these structural and semantic linkages to generate systematic constraint violations that ultimately exercise the various branches taken in the parser.
-
RSS Feeds
Categories
- Advisories (23)
- Android (7)
- Announcements (22)
- Atlassian (1)
- Blitz (26)
- Cloud (32)
- CouchDB (22)
- DevOps (11)
- DLP (2)
- DoS (4)
- DPI (12)
- Drupal (1)
- EC2 (7)
- Firewall (7)
- Forensics (4)
- Fuzzing (14)
- Heroku (7)
- HTML5 (4)
- iPhone (11)
- IPS (11)
- IPv6 (11)
- jQuery (3)
- Netflix (7)
- New Relic (1)
- node.js (2)
- Outlook (1)
- pcapr (23)
- Performance (20)
- Rants (13)
- Redis (1)
- Release (4)
- Research (13)
- Mutations (9)
- SCADA (2)
- Scalability (15)
- Scale (19)
- Studio (32)
- Talk (3)
- Testing (38)
- Tools (28)
- C (5)
- C++ (3)
- JavaScript (8)
- Ruby (14)
- Training (4)
- Tropo (1)
- UI (3)
- Uncategorized (10)
- Video (7)
- Visualization (1)
- WAN Acceleration (1)
- Wireshark (7)
- xtractr (3)
-
Recent Posts
Archives
-
-
