计算机工程与应用2019,Vol.55Issue(14):87-97,167,12.DOI:10.3778/j.issn.1002-8331.1806-0002
灰盒模糊测试自适应技术研究
Greybox Fuzzing Adaptive Technology Research
摘要
Abstract
This paper analyzes the problem of inadaptability in various stages of greybox fuzzing under different test envi-ronments, and proposes self-adaptive techniques to solve the problems existing in feedback acquisition, feedback processing and sample generation. Aiming at the defects of format destruction existing in the sample generation mechanism, resulting in low test efficiency, a sample format repair technique is proposed. For the problem that some defects in the feedback acquisition mechanism result in missed reports of some evolutionary samples, a trace bitmap adaptation technique is pro-posed. For the flaws in the feedback processing mechanism, resulting in a lower efficiency of the preferred corpus, a cor-pus selecting adaption technique is proposed. Based on the theory proposed in this paper, a demo system is realized. The efficiency of code branch discovery is improved by more than 20% when it tests the software such as MathType, unzip, binutils, etc. And the problem of missing reports of some evolutionary samples is solved. Some commercial software vul-nerabilities have been discovered based on the technology proposed in this paper.关键词
灰盒模糊测试/自适应技术/样本格式修复/路径追踪位图/语料选择Key words
greybox fuzzing test/adaptive technology/sample format repair technique/trace bitmap/corpus selecting分类
信息技术与安全科学引用本文复制引用
许航,赵世斌,朱俊虎,彭建山,林宏阳..灰盒模糊测试自适应技术研究[J].计算机工程与应用,2019,55(14):87-97,167,12.基金项目
国家自然科学基金(No.61502528). (No.61502528)
