@inproceedings{5137604874f94cdf8f15e27f10afddd3,
title = "FinFuzzer: One Step Further in Fuzzing Fintech Systems",
abstract = "Comprehensive testing is of high importance to ensure the reliability of software systems, especially for systems with high stakes such as FinTech systems. In this paper, we share our observations of the Ant Group's status quo in testing their financial services, specifically on the importance of properly transforming relevant external environment settings and prioritizing input object fields for mutation during automated fuzzing. Based on these observations, we propose FinFuzzer, an automated fuzz testing framework that detects and transforms relevant environmental settings into system inputs, prioritizes input object fields, and mutates system inputs on both environment settings and high-priority object fields. Our evaluation of FinFuzzer against four FinTech systems developed by the Ant Group shows that FinFuzzer can outperform a state-of-the-art approach in terms of line coverage in much shorter time. ",
keywords = "FinTech, Fuzzing, Software Testing",
author = "Qingshun Wang and Lihua Xu and Jun Xiao and Qi Guo and Haotian Zhang and Liang Dou and Liang He and Tao Xie",
note = "Funding Information: This work was supported by the Science and Technology Commission of Shanghai Municipality Grant (No. 20511102502). Liang Dou and Liang He are corresponding authors. Publisher Copyright: {\textcopyright} 2021 IEEE.; 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021 ; Conference date: 15-11-2021 Through 19-11-2021",
year = "2021",
doi = "10.1109/ASE51524.2021.9678675",
language = "English (US)",
series = "Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1111--1115",
booktitle = "Proceedings - 2021 36th IEEE/ACM International Conference on Automated Software Engineering, ASE 2021",
address = "United States",
}