On the Effectiveness of Scheduling Fuzz Testing

Abstract

With the rapid development of software systems, exploiting software vulnerabilities to invade the system has largely increased. As a result, software security becomes vitally important. Since it is impossible to develop programs without bugs and it is inefficient to test program manually, we need a systematic software testing methods to verify if the software is with good quality. Black-box testing is a technique that can find bugs without the target program's source code, and normally copes with mutation fuzz testing. There are numerous fuzz testing tools freely available, but to find the maximum amount of unique bugs in limited interval of time is still a problem remained to be solved. In this paper we have used several scheduling algorithms to improve the fuzzer called FOE (Failure Observation Engine) to better improve the original fuzzing efficiency and produce maximum unique bugs in a given period of time.