模糊测试技术在发现真实程序漏洞中具有突出效果. 近年来, 模糊测试改进技术受到了相关学者的广泛关注, 大量的优化模糊测试工具被相继提出, 被提出的优化模糊测试工具多数结合了多种改进技术以期望达到更好的效果. 然而, 当前仍然缺乏对单一模糊测试改进技术的系统性评估与分析. 本文首先基于4个指标, 设计建立了一个针对单一模糊测试改进技术的评估体系, 然后基于所提出的评估体系, 对近年提出的先进模糊测试工具中集成的多个单一模糊测试改进算法进行了多组实验以评估不同改进技术类别中各个单一改进技术的改进效果, 并结合实验数据与实际算法设计和代码实现进行分析. 我们希望通过对单一模糊测试改进技术的评估与分析能够对未来的模糊测试改进研究工作提供帮助.
Fuzzing is outstanding in detecting vulnerabilities in real-world programs. In recent years, researchers have paid considerable attention to fuzzing improving techniques, and large numbers of optimized fuzzers were proposed. These fuzzers are usually combinations of more than one improving technique for better performance. However, systematic evaluation of individual fuzzing improving techniques is still to be conducted. In this study, we established an evaluation system for such techniques according to four metrics and used it to evaluate individual fuzzing improving algorithms integrated into recently proposed advanced fuzzers. Multiple groups of experiments were conducted to evaluate the effectiveness of each individual technique in each category of improving techniques, and the experimental data were comprehensively analyzed with the actual algorithm design and code implementation. We hope the evaluation of individual fuzzing improving techniques could help researchers develop more effective fuzzers in the future.