Distributed fuzzing for software vulnerability discovery
Maalim, Farhiya Osman
MetadataShow full item record
Information Security is concerned with effectively protecting the confidentiality, integrity and availability of data. Software bugs/defects threaten these three elements of information security. By failing to identify and focus upon the root causes of risks such as software vulnerabilities, there is a danger that the response to Information Security compromises become solely reactive. Fuzzing is a software testing technique that is used to discover software vulnerabilities. The project undertaken is a Distributed Fuzzer that runs on multiple computing environments in the cloud. The advantage of distributed fuzzing compared to regular fuzzing is the ability to run multiple test cases concurrently thus increasing the efficiency of fuzzing. The aim of this project is to improve fuzzing in order to increase the efficiency of discovering vulnerabilities and software defects. This will ultimately increase the security of a software/application. The research study was accomplished by using Ansible as a system orchestration tool to run AFL Fuzzers on multiple computing environments in the cloud. The results were collected and presented in this study.