The Cyber Reading Group is presenting a series of meetings discussing Cyber Security. The first topic is Fuzzing: The State of the Art.
You can download the paper for discussion here
The paper provided a general introduction to fuzzing as of 2012 and simply serves as a starting point to issues in vulnerability discovery using fuzzing. Fuzzing is a simple idea but made more sophisticated with notions of white-box fuzzing, generative fuzzers, grammar fuzzers, black-box mutational fuzzers and so on. An important fuzzer not covered in this paper is AFL which is state of the art if you have source code. We'll talk about that. Our readings will get more technical from this point.
We will spend ten minutes covering Lockheed-Martin's very useful model called the "Cyber Kill Chain". It's a conceptual framework that can help understand and organise thinking around what cyber operations and effects are, how an attacker thinks and operates and what a defender can do in terms of counter-measures.
Lockheed-Martin's Cyber Kill Chain
Wikipedia Cyber Kill Chain
If you are interested in attending contact Dr Shane Magrath