Fuzz Testing (Fuzzing) in Software Testing

Introduction

Fuzz testing, also known as fuzzing is a well-known quality assurance testing that is conducted to unveil coding errors and security loopholes in the software, networks, or operating systems.

Fuzz testing is an automated or semi-automated testing technique which is widely used to discover defects which could not be identified by traditional functional testing methods. It involves providing invalid input data or massive random data (known as fuzz to the system) in order to test the system with an attempt to crash it or failing the built-in code of the software under test. If a vulnerability is detected, then fuzzer is a software tool which is used to identify potential causes. Fuzzers know to work the best for identifying vulnerabilities which are prone to be exploited by buffer overflow, DOS (Denial of Service), SQL injection and cross-site scripting. Such schemes are often exploited by hackers with an intent to wreck the systems after compromising their security. Fuzz testing is often not much effective in dealing with security threats which do not cause program crashes i.e. viruses, spyware, Trojans, and keyloggers.

Fuzz testing concept is the brainchild of Barton Miller who developed it at the University of Wisconsin in 1989. Fuzz testing falls under the category of Security testing. Such security testing aims at providing high benefit-to-cost ratio as it is capable to unveil serious defects which can be easily overlooked during writing and debug software application. Fuzz testing helps to provide the complete picture of the overall system security, its quality, and effectiveness which cannot provide any room for hackers to show their miracles. Fuzz testing is often used in conjunction with beta testing, black box testing and other well known debugging methods to deliver the best results.

 

Fuzz Testing in Software Testing

 

Advantages of Fuzz Testing:

The following are the advantages of the Fuzz testing.

  • Fuzz testing aims to find the most serious security level fault or defect in the software application which will leave no room for the hackers to breath.
  • Fuzz testing, when used in conjunction with Black Box Testing, Beta Testing, and other debugging methods, provides the best testing results.
  • Fuzz testing helps to identify vulnerabilities which are prone to be exploited by buffer overflow, DOS (Denial of Service), SQL injection and cross-site scripting.
  • Fuzz testing is one of the best cost-effective testing techniques.
  • Fuzz testing falls under the category of security testing and this is where hackers look for a backdoor entry in order to find vulnerability of the system. Fuzz testing can completely block the hacker’s show.

 

Fuzz Testing Steps:

The following are the testing steps for the fuzz testing.

  • Identification of the target system.
  • Identification of the inputs.
  • Generation of the Fuzzed data.
  • Execution of the test by using fuzz data.
  • Monitoring the system behavior post-test execution.
  • Defects logging for any vulnerability detected.

 

Testing strategy for fuzz testing:

The following are the testing strategies which are applied to the software application.

  • Mutation-Based Fuzzers: Mutation based Fuzzers are used to alter existing data samples in order to create new test data. It is known to be very simple and straightforward approach. It begins with valid samples of protocol that keep mangling every byte or file.
  • Generation-Based Fuzzers: Generation based Fuzzers are used to define new data which is based on the input of the model. It begins generating input from the scratch based on the given specifications.
  • Protocol-based Fuzzers: Protocol-based Fuzzers are the most successful fuzzer which are known to have detailed knowledge of protocol format which is being tested. Here, the understanding depends on the given specifications. It comprises writing an array of the specification into the tool where it uses model-based test generation technique to go through the specification and add irregularity in the sequence, data contents, etc. It is also called syntax testing, robustness testing, grammar testing, etc. Fuzzer is capable to generate test cases from existing one. Alternatively, they can use valid as well as invalid inputs.

 

Types of defects detected by Fuzz Testing:

The following are the types of defects detected by Fuzz Testing.

  • Memory leaks and assertion failures: It is a methodology which is widely used for large sized software applications where defects are causing memory leaks.
  • Invalid input: Fuzzers are tools which aim to generate invalid input to be used for fuzz testing for testing error-handling routines. It is very important for the software that does not control its input. It is also known to automate negative testing.
  • Correctness defects: Fuzz testing can be used for detection of some types of “correctness” defects. It includes a corrupted database, poor search results, etc.

 

Fuzz Testing Tools:

Given below is the description of commonly used Fuzz Testing tools.

Fuzz Tool Description
Peach Fuzzera Peach Fuzzer is a Fuzzer tool that provides more robust and secured coverage than a scanner. It enables testers to detect known as well as unknown threads.
Spike Proxy Spike Proxy is a professional grade Fuzzer tool which helps to lookup application-level vulnerabilities especially in the web applications. It covers SQL Injection and cross-site-scripting vulnerabilities. It is completely based on open Python infrastructure. It is available for Linux and Windows platforms.
Webscarab Webscarab is a Fuzzer tool which is written in Java, as a result, it is portable to many platforms.  It is used to analyze web applications for vulnerabilities which communicate using HTTP and HTTPS protocols.
Burp Burp is a Fuzzer tool which is used as a security tool for Java-based web application. It helps in identifying vulnerabilities such as buffer overflow, cross-site scripting, SQL injection, etc. against Java-based web applications.
OWASP WSFuzzer WSFuzzer is a GPL’d program which is written in Python. GPL’d a program currently targets Web Services for Fuzz testing. OWASP WSFuzzer has the current version that targets HTTP based SOAP services.
AppScan AppScan is a Fuzzer tool that helps to scan and test all common web application vulnerabilities such as SQL-Injection, Cross-Site Scripting, Buffer Overflow, etc.

 

Conclusion

In this article, we discussed Fuzz testing, its utility and commonly used Fuzzer tools description. Fuzz testing is used to identify the most common vulnerabilities. It makes sure that application is more secure and robust. Using this won’t make your application completely defect free, but shows the presence of the bugs in the application under test.

Leave a Comment

Share This Post