In recent years, a method of black box security testing called “fuzzing” has come to be used widely. A tool for fuzzing detects vulnerability by executing trial runs of considerable variations of test data, which is considered to be effective to detect the vulnerability of a product to be tested. For example, fuzzing tools are used for uncovering latent vulnerability of the product such as a buffer overflow and an integer overflow. Note that in recent years, since fuzzing tools have become widely available to be used by anyone, a malicious person may easily uncover such latent vulnerability of a product.
Ideally, a product to be connected to a network should have robust security measures installed at the point of sale, in preparation for attacks coming from the network. However, it is often the case that vulnerability is newly uncovered after the products have been sold and transferred to consumers. Also, such a product may include various parts. Among these parts, some may include black box modules whose inside can be hardly investigated (modules whose source code cannot be inspected). Also, vulnerability may not be uncovered until the sold product is installed in a system of a purchaser. Also, even if vulnerability is uncovered in the sold products, update software corresponding to the vulnerability may need some time to be distributed. Therefore, it is urgently necessary to take measures for latent vulnerability of such products.
For example, there is a method for detecting vulnerability at an application program level, by scanning the source code of the application program automatically. Also, there is a method that accumulates or displays sets of data one by one, with which an operated application has terminated with an abnormal end, to analyze the cause of abnormality and to execute a recovering process. Also, there is a method that receives an e-mail message from a Post Office Protocol version 3 (POP3) server, and if determining that the e-mail message includes an error, registers a unique ID of the e-mail message, to refuse reception of e-mail messages having the same unique ID thereafter (see, for example, Patent Documents 1 to 3).