Software Testing | Fuzz Testing
Fuzz Testing is a Software Testing technique which uses invalid, unexpected or random data as input and then check for exceptions such as crashes and potential memory leaks. It is a automated testing technique that is performed to describe the system testing processes involving randomized or distributed approach. During fuzz testing, system or software application can have a lot of different bugs or glitches related to data input. Barton Miller at the University of Wisconsin in 1989 firstly developed the fuzz testing.
Objective of Fuzz Testing:
The objective of the Fuzz Testing is:
- To check the vulnerability of the system or software application.
- To detect the security faults and defects.
- To determine the defects in effective cost.
Phases of Fuzz Testing:
- Identify Target System:
Th system or the software application which is going to be tested is marked. That system is know as the target system. Target system is identified by testing team.
- Identify Inputs:
Once the target system is set after that the random inputs are created for the purpose of the testing. These random test cases are used as inputs to test the system or software application.
- Generate Fuzzed Data:
After getting the random inputs i.e. unexpected and invalid, these invalid and unexpected inputs are converted into the fuzzed data. Fuzzed data is basically random input in form of fuzzy logic.
- Execute the test using fuzzed data:
Now using the fuzzed data testing process is performed. Basically in this section, the code of program or the software is executed by giving the random input i.e. fuzzed data .
- Monitor System Behavior:
After the execution of the system or the software application, operated for crashes or any other exceptions like potential memory leaks. System behavior is tested under the random input.
- Log Defects:
In the last phase defects are identified and these defects are fixed in order to get the better quality system or software application.
Types of defects detected by Fuzz Testing:
1. Number Fuzzing 2. Character Fuzzing 3. Application Fuzzing 4. Protocol Fuzzing 5. File Format Fuzzing
Advantages of Fuzz Testing:
- It ensures the software security.
- It detects the defects including crashes and potential memory leaks.
- It is less time consuming.
Disadvantages of Fuzz Testing:
- It is not able to provide complete security of the system.
- It is not effective for dealing with security threats that don’t have viruses, bugs or program crashing cause.
- It detects simple faults and threats.
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.