Research Article
Automatic Test Pattern Generator for Fuzzing Based on Finite State Machine
Algorithm 1
Response similarity comparison.
| Input: | | The HTTP response body message from the target server (invalid test cases) ; | | The HTTP response body message from the target server (valid test case) ; | | The designated threshold ; | | Output: | | Logical value | | 0:no/low injection risk; 1: high injection risk | | (1)if row.count() == row.count() then⊳ While responses and have same number of rows | | (2)similarity = NULL⊳ Initiate a similarity vector for storing row-by-row similarity results. | | (3)for in 1 to row.count() do | | (4)similarity = append(similarity, diff(, )⊳ Compare the similarity of the two responses line by line. | | (5)similarity.score = mean(similarity)⊳ Take the average of the similarity vector | | (6)else⊳ If the length of response is different, concatenate responses as strings for comparison. | | (7) = NULL | | (8) = NULL | | (9)for in 1 to row.count() do | | (10) = string.concat() | | (11)for in 1 to row.count() do | | (12) = string.concat() | | (13)similarity.score = 1 − (diff()) | | (14)return if (); |
|
