###
计算机系统应用英文版:2019,28(5):10-17
本文二维码信息
码上扫一扫!
基于文件格式信息的改进模糊测试方法
(中国科学院 软件研究所 可信计算与信息保障实验室, 北京 100190)
File-Type-Based Method to Improve Fuzz Testing
(Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing 100190, China)
摘要
图/表
参考文献
相似文献
本文已被:浏览 2101次   下载 2411
Received:December 05, 2018    Revised:December 25, 2018
中文摘要: 本文针对盲目变异的模糊测试策略带来的效率低下的问题,综合程序控制流图、输入种子样本特征、异常样本发现、模糊测试器路径反馈等信息,提出一种更为有效的种子输入变异策略.本文通过不断监控种子文件在目标程序中的执行路径,并引入污点分析的方法,以建立起新增执行路径的起始语句与种子文件中关键字节的一对多映射关系.最终本文将根据这种映射关系对种子文件中的能够增加路径覆盖的字节进行变异,以期得到更有效率的模糊测试结果.我们的实验表明,增加定向变异之后的模糊测试器在代码覆盖率,以及模糊测试的效率上都有较为显著的提升.
Abstract:To solve the problem of low efficiency caused by random mutation, a more effective mutation strategy is proposed in this study. The proposed approach synthesizes different kinds of information to help the Fuzzer mutate seed file, i.e., the CFG of program, the characteristics of input seed file, the information of abnormal input detection, and the branch courage of the Fuzzer. Based on this strategy, we design a new Fuzzer which continuously monitors the execution path of each seed file used as input of target program. Meanwhile, as most path constraints depend on only a few bytes in the input, periodical byte-level taint tracking will be necessary in the whole fuzzing process. After all this, we can infer a one-to-many mapping relation between the new execution path and key bytes in seed files, which can highlight the target start-end tuples of the seed file with more possibility to explore new branches in the target program to mutate. The result shows our design can improve the branch coverage of target program and the efficient of Fuzzing.
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金(61471344)
引用文本:
刘天鹏,程亮,张阳,佟思明.基于文件格式信息的改进模糊测试方法.计算机系统应用,2019,28(5):10-17
LIU Tian-Peng,CHENG Liang,ZHANG Yang,TONG Si-Ming.File-Type-Based Method to Improve Fuzz Testing.COMPUTER SYSTEMS APPLICATIONS,2019,28(5):10-17