###
:2019,28(1):17-24
←前一篇   |   后一篇→
本文二维码信息
码上扫一扫!
基于覆盖频率的模糊测试改进方法
(1.中国科学院 软件研究所 可信计算与信息保障实验室, 北京 100190;2.深圳大学 深圳南特商学院, 深圳 518060)
Improved Fuzz Testing Approach Based on Coverage Frequency
(1.Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China;2.Shenzhen Audencia Business School, Shenzhen University, Shenzhen 518060, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 422次   下载 198
投稿时间:2018-06-20    修订日期:2018-07-12
中文摘要: 模糊测试是当前检测程序错误的最主流、最有效的手段之一.模糊测试工具首先对种子文件进行变异,生成大量新输入文件,然后挑选新输入来执行目标程序,以触发程序中潜在的漏洞.当前对模糊测试的研究多着眼于改进变异算法,提高生成的新文件对目标程序代码的覆盖,忽略了备用种子文件的筛选策略对提高模糊测试覆盖率与测试效率的的贡献.针对该问题,我们提出了基于覆盖频率的种子文件筛选策略,在每次执行目标程序时,我们记录程序执行中覆盖过的路径边;根据边被执行次数的多少,我们将这些边分为低频边和高频边;对于包含了更多低频边且执行效率高的种子文件,我们给予更高的优先级.我们在模糊测试工具American Fuzzy Lop (AFL)实现了对应的算法,实验表明我们的算法有效提高了模糊测试的效率和代码覆盖率.
中文关键词: 自动测试  模糊测试  漏洞检测
Abstract:In recent years, fuzz testing has become one of the most popular and efficient methods to detect program bugs and vulnerabilities. By mutating seed files, fuzzing tools generate a large volume of test inputs, and feed them to the program under test in order to expose security weakness. Current researches mostly focus on improving the mutation algorithm to make newly generated files cover more target program codes. However, little attention had been paid to elaborately optimizing the policies to sort seed files to be fuzzed, which prioritizes the seed files with higher probability to cover new program spaces in the fuzzing process, and consequently improves the efficiency of fuzzing. Therefore, we proposed a coverage frequency based selection approach to guide the fuzzer to execute promising seed files first. To do so, we first kept tracking how many times each edge between two basic blocks has been executed by the target program in the fuzz testing. Based on the number that each edge has been executed, we then categorized them into high-frequency edges and low-frequency edges. Only seeds containing more low-frequency edges, as well as being executed very fast by the target program, were assigned with high priority. We implemented our method on American Fuzzy Lop (AFL), one of the most popular fuzzers and applied the modified AFL version to 5 real world programs. The result shows that our approach can improve both the efficiency of AFL and the code coverage explored in the target program.
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金(61471344)
引用文本:
傅玉,石东辉,张阳,程亮.基于覆盖频率的模糊测试改进方法.计算机系统应用,2019,28(1):17-24
FU Yu,SHI Dong-Hui,ZHANG Yang,CHENG Liang.Improved Fuzz Testing Approach Based on Coverage Frequency.COMPUTER SYSTEMS APPLICATIONS,2019,28(1):17-24

用微信扫一扫

用微信扫一扫