ScienceGate Book Chapters
JOURNAL ARTICLE

REST API Fuzzing by Coverage Level Guided Blackbox Testing

Chung-Hsuan TsaiShi‐Chun TsaiShih-Kun Huang

Year: 2021 Journal:   2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS) Pages: 291-300
DOI: 10.1109/qrs54544.2021.00040
   Get Full-Text PDF    Get Analytical Report

Abstract

With the growth of web applications, REST APIs have become the primary communication method between services. In order to ensure system reliability and security, software quality can be assured by effective testing methods. Black box fuzz testing is one of the effective methods to perform tests on a large scale. However, conventional black box fuzz testing generates random data without judging the quality of the input. We implement a black box fuzz testing method for REST APIs. It resolves the issues of blind mutations without knowing the effectiveness by Test Coverage Level feedback. We also enhance the mutation strategies by reducing the testing complexity for REST APIs, generating more appropriate test cases to cover possible paths. We evaluate our method by testing two large open-source projects and 89 bugs are reported and confirmed. In addition, we find 351 bugs from 64 remote API services in APIs.guru. The work is in https://github.com/iasthc/hsuan-fuzz.

Keywords:
Fuzz testing Computer science Rest (music) Code coverage White-box testing Software quality Test suite Reliability (semiconductor) Test case Black box Software Reliability engineering Operating system Machine learning Artificial intelligence Software development Engineering

Metrics

14
Cited By
3.19
FWCI (Field Weighted Citation Impact)
16
Refs
0.94
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Software Testing and Debugging Techniques
Physical Sciences →  Computer Science →  Software
Software Reliability and Analysis Research
Physical Sciences →  Computer Science →  Software
Advanced Malware Detection Techniques
Physical Sciences →  Computer Science →  Signal Processing

Related Documents

JOURNAL ARTICLE

Investigating Coverage Guided Fuzzing with Mutation Testing

Ruixiang QianQuanjun ZhangChunrong FangLihua Guo

Year: 2022 Pages: 272-281
JOURNAL ARTICLE

Shepherd: High-Precision Coverage Inference for Response-guided Blackbox Fuzzing (Registered Report)

Tatsuaki SHIMIZURyuichi YoshizawaKaoru OtsukaYoshinori FUJIWARAYuichi Sugiyama

Year: 2025 Pages: 105-115
JOURNAL ARTICLE

Efficient Cross-Level Processor Verification using Coverage-guided Fuzzing

Niklas BrunsVladimir HerdtDaniel GroßeRolf Drechsler

Journal:   Proceedings of the Great Lakes Symposium on VLSI 2022 Year: 2022 Pages: 97-103
JOURNAL ARTICLE

Industry Practice of Coverage-Guided Enterprise-Level DBMS Fuzzing

Mingzhe WangZhiyong WuXinyi XuJie LiangChijin ZhouHuafeng ZhangYu Jiang

Year: 2021 Pages: 328-337
JOURNAL ARTICLE

CBGF: Callback Coverage Guided Fuzzing

Ho Young HwangDaesung Moon

Journal:   IEEE Access Year: 2025 Vol: 13 Pages: 68831-68840
© 2026 ScienceGate Book Chapters — All rights reserved.