本文已被:浏览 2011次 下载 2172次
Received:February 21, 2017 Revised:March 09, 2017
Received:February 21, 2017 Revised:March 09, 2017
中文摘要: 在黑盒环境下,污点导向型模糊测试是挖掘指定脆弱代码区域潜在漏洞的重要技术.该技术将程序的输入当作污点值,使用动态污点跟踪技术定位与脆弱区域相关联的部分输入.随后的模糊测试阶段将只变异锁定的输入,从而避免了与脆弱区域无关的大量变异.然而,以往的研究并未对该技术的实际使用限制、效率提升做出系统、数学的分析.为了解决这一问题,本文采用14个CVE漏洞实例对该技术的适用范围进行基准测试与限制分析,将模糊测试过程抽象成几何分布以估计其效率提升与性能变化趋势.分析表明,在有元数据污点传播关系的漏洞挖掘中,该技术存在限制.同时,实验验证了效率估计公式具有良好的参考价值.
Abstract:The tainted-based directed fuzzing is an important technology to find bugs towards several given suspicious vulnerable code areas in black-box scenarios. It sets program's input as initial taints, uses dynamic taint tracing to locate the regions of input related to suspicious code areas. Then it only fuzzes the located input, thus avoids a large part of testing unrelated to the suspicious areas. But the existing researches haven't analyzed its real world challenges systematically and haven't evaluated its performance enhancement mathematically. To solve this problem, this paper uses 14 CVEs as benchmark to do its limitation analysis, abstracts the fuzzing as shifted geometric distribution to get performance enhancement equation and analyzes the performance variation trend. Analyses show that the tainted-based directed fuzzing has limitations on fuzzing bugs containing metadata relation in the taint propagation. And the experiments verify that the performance enhancement equation has a good reference value.
keywords: dynamic taint propagation black-box fuzzing vulnerability analysis bernoulli trials performance analysis
文章编号: 中图分类号: 文献标志码:
基金项目:
引用文本:
张岑,庄严,程绍银.污点导向型模糊测试的限制与性能分析.计算机系统应用,2017,26(11):45-51
ZHANG Cen,ZHUANG Yan,CHENG Shao-Yin.Analysis on the Limitation and Performance of Taint-Based Directed Fuzzing.COMPUTER SYSTEMS APPLICATIONS,2017,26(11):45-51
张岑,庄严,程绍银.污点导向型模糊测试的限制与性能分析.计算机系统应用,2017,26(11):45-51
ZHANG Cen,ZHUANG Yan,CHENG Shao-Yin.Analysis on the Limitation and Performance of Taint-Based Directed Fuzzing.COMPUTER SYSTEMS APPLICATIONS,2017,26(11):45-51
