Answered step by step
Verified Expert Solution
Question
1 Approved Answer
using Python programming language This project is based on a simple jpeg to bmp format conversion open source code called 'jpg2bmp.cpp. I modified it in
using Python programming language
This project is based on a simple jpeg to bmp format conversion open source code called 'jpg2bmp.cpp. I modified it in the similar way as what I introduced in lecture slides fuzzTest-example.ppt' by manually adding 8 bugs that cause the program to crash. When a bug is triggered, jpg2bmp program will crash with "segmentation fault" and print out "Bug #n triggered." in stderr where n is a number between 1 to 8 to indicate which bug has been triggered. I have compiled and generate the executable code jpg2bmp. This executable code can run under eustis 64 bit Linux machine. Once you upload this jpg2bmp binary code onto eustis machine and the example jpg file cross.jpg, you need to first change the jpg2bmp to be 'executable' by running command $chmod utx jpg2bmp Then by typing command: $./jpg2bmp cross.jpg cross.bmp It will convert the 'cross.jpg image file to the 'cross.bmp' image file. This example cross.jpg file is a tiny (808 bytes) jpeg format image, and you can use it to conduct mutation-based fuzzing. Fuzzing: The goal of this project is to implement a "fuzzer", or fuzz tester. Fuzz testing is one way of discovering security vulnerabilities in any code that processes potentially malicious input. A mutation-based fuzzer takes a valid input (such as the included cross.jpg file) for the target program, and works by creating random mutations/changes to generate new test cases. Mutation-based fuzzers are application independent, and so you do not need to have any knowledge about input format (i.e., jpeg format) accepted by the target progranm Implementation You need to code a mutation-based fuzzer to discover as many bugs (among those 8 manually inserted bugs) as you can. Each student may implement his/her own fuzzer in the programming language(s) of their choice (such as C, C++,Perl, Java, Python), as long as the fuzzer can be executed on the department's eustis machine Not all of the bugs will be equally easy to discover. Changing the way of mutation may help you discover additional bugs if your original fuzzer can only discover 3 or 4 bugs. This project is based on a simple jpeg to bmp format conversion open source code called 'jpg2bmp.cpp. I modified it in the similar way as what I introduced in lecture slides fuzzTest-example.ppt' by manually adding 8 bugs that cause the program to crash. When a bug is triggered, jpg2bmp program will crash with "segmentation fault" and print out "Bug #n triggered." in stderr where n is a number between 1 to 8 to indicate which bug has been triggered. I have compiled and generate the executable code jpg2bmp. This executable code can run under eustis 64 bit Linux machine. Once you upload this jpg2bmp binary code onto eustis machine and the example jpg file cross.jpg, you need to first change the jpg2bmp to be 'executable' by running command $chmod utx jpg2bmp Then by typing command: $./jpg2bmp cross.jpg cross.bmp It will convert the 'cross.jpg image file to the 'cross.bmp' image file. This example cross.jpg file is a tiny (808 bytes) jpeg format image, and you can use it to conduct mutation-based fuzzing. Fuzzing: The goal of this project is to implement a "fuzzer", or fuzz tester. Fuzz testing is one way of discovering security vulnerabilities in any code that processes potentially malicious input. A mutation-based fuzzer takes a valid input (such as the included cross.jpg file) for the target program, and works by creating random mutations/changes to generate new test cases. Mutation-based fuzzers are application independent, and so you do not need to have any knowledge about input format (i.e., jpeg format) accepted by the target progranm Implementation You need to code a mutation-based fuzzer to discover as many bugs (among those 8 manually inserted bugs) as you can. Each student may implement his/her own fuzzer in the programming language(s) of their choice (such as C, C++,Perl, Java, Python), as long as the fuzzer can be executed on the department's eustis machine Not all of the bugs will be equally easy to discover. Changing the way of mutation may help you discover additional bugs if your original fuzzer can only discover 3 or 4 bugsStep by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started