Abstract
Fuzzing is a proactive method for discovering zero5day security flaws in software.
Fuzzing can be used in R&D, but also when deploying communication software. The system under test can be an enterprise solution, or it can be a consumer product such as a mobile phone or a set5top box for IPTV.
Without proactive tools, the traditional security measures are doomed to fail because they are only focused on defending from known attacks. Based on our experience with both academic and commercial fuzzing tools, we can show that 80% of software will crash when tested with negative testing.
