基于轻度编码变异的模糊测试算法研究
首发时间:2019-12-26
摘要:网络空间安全的一个重要方向是软件安全,模糊测试(Fuzzing)是软件漏洞自动化检测的一种重要检测手段。为了更高效、更准确的检测软件漏洞,文中研究并提出了一种针对源码程序的模糊测试技术。针对白盒模糊测试技术中,样本变异存在一定的盲目性,导致变异效率低下的问题, 本文提出并实现了一种基于轻度编码变异的模糊测试样本生成算法。针对待测源码程序,依赖LLVM架构进行指令插桩和类比较指令hook,来获取模糊测试过程动态反馈信息。进而通过轻量级的编码来引导测试样本变异,生成能有效覆盖更多代码路径和分支的样本。实验结果表明, 基于轻度编码变异的模糊测试方法发现crash及发现新路径的能力均优于传统模糊测试工具AFL及AFLFast。
For information in English, please click here
Research on fuzzy test algorithm based on slight coding variation
Abstract:An important direction of network space security is software security. Fuzzing is an important detection method of software vulnerability automated detection. In order to detect software vulnerabilities more efficiently and accurately, this paper studies and proposes a fuzzy testing technique for source code programs. In order to solve the problem that the sample variation is blind in the white box fuzzy test technology, which leads to the low efficiency of the variation, a fuzzy test sample generation algorithm based on mild coding variation is proposed and implemented in this paper. For the source code program to be tested, it relies on LLVM architecture for instruction piling and class comparison instruction hook to obtain the dynamic feedback information of fuzzy testing process. Furthermore, the test samples are mutated through lightweight coding to generate samples that can effectively cover more code paths and branches. The experimental results show that the fuzzy test method based on slight coding variation is better than the traditional fuzzy test tools AFL and AFLFast in discovering crash and new path.
Keywords: Fuzzing Code Coverage Mutation algorithm Dynamic Analysis
基金:
引用
No.****
同行评议
共计0人参与
勘误表
基于轻度编码变异的模糊测试算法研究
评论
全部评论0/1000