Fuzzing is a widely used method to find vulnerabilities or security holes in software systems. The goal of this dissertation project is to extend fuzzing by semantic aspects using attributed grammars. For this purpose it is necessary to be able to extract grammars with semantic aspects from existing software systems (input grammar mining). This makes it possible to test programs not only with syntactically, but also with semantically correct input. In this project, the state-of-the-art in the area of input grammar mining and fuzzing will be extended by semantic aspects.
Runtime: 01.01.2023 – 01.06.2025
PhD Student: Andreas Pointner
Funding: Austrian Research Promotion Agency (FFG) – Dissertation program of University of Applied Sciences Upper Austria