1. Field of the Invention
The present invention relates to a file mutation method and a system using file section information and mutation rules, and more particularly, to a file mutation method and a system using file section information and mutation rules and producing a test case for file fuzzing that is one of software vulnerability testing methods.
2. Description of the Related Art
Fuzzing is a representative black box testing method for checking a security weak point of software. According to the basic idea of the fuzzing, defects that software cannot fix can occur when various random data are inputted into software to perform numerous tests to detect abnormal behaviors during the tests. The kinds of the fuzzing are diversely classified depending on diverse targets and inputted data.
File fuzzing is a fuzzing method using a file as input data. The file fuzzing is largely divided into a file generating process, a file executing process, and an exception monitoring process. The file generating process generates a test case of the fuzzing. The file executing process sequentially executes the generated test cases through object software. The exception monitoring process detects and records abnormal behaviors such as an exception or error situation during execution. The present invention is one of file generating methods.
The file generating methods include creation and mutation. The creation generates a new file from nothing. The mutation mutates a portion of an original sample file and creates another file. The file generating method has the high degree of difficulty for realization and is limited to a specific file type. Furthermore, because an accurate analysis for a file format must be preceded to generate a meaningful test case, a file mutation method is generally used. However, many false positives occur because the file mutation method does not consider data correlations. Additionally, efficiency is decreased due to dependency of randomness, and computing resource is exceedingly wasted because mass test cases need to be created and tested.