摘要
分析了在不同测试环境下灰盒模糊测试各个阶段的不适应问题,针对反馈获取、反馈处理和样本生成三个阶段机制存在的问题分别提出了自适应技术进行解决。针对样本生成机制存在的格式破坏缺陷,导致测试效率低下的问题,提出了样本格式修复技术;针对反馈获取机制存在的缺陷,导致部分进化样本被漏报的问题,提出了路径追踪位图自适应技术;针对反馈处理机制存在的缺陷,导致优选语料库效率较低的问题,提出了语料选择自适应技术。基于提出的理论实现了原型系统,该原型系统在针对MathType、unzip、binutils等软件进行测试时代码分支发现的效率提高了20%以上,解决了部分进化样本的漏报问题,发现了一些商用软件的漏洞。
This paper analyzes the problem of inadaptability in various stages of greybox fuzzing under different test envi- ronments, and proposes self-adaptive techniques to solve the problems existing in feedback acquisition, feedback processing and sample generation. Aiming at the defects of format destruction existing in the sample generation mechanism, resulting in low test efficiency, a sample format repair technique is proposed. For the problem that some defects in the feedback acquisition mechanism result in missed reports of some evolutionary samples, a trace bitmap adaptation technique is pro- posed. For the flaws in the feedback processing mechanism, resulting in a lower efficiency of the preferred corpus, a cor- pus selecting adaption technique is proposed. Based on the theory proposed in this paper, a demo system is realized. The efficiency of code branch discovery is improved by more than 20% when it tests the software such as MathType, unzip, binutils, etc. And the problem of missing reports of some evolutionary samples is solved. Some commercial software vul- nerabilities have been discovered based on the technology proposed in this paper.
作者
许航
赵世斌
朱俊虎
彭建山
林宏阳
XU Hang;ZHAO Shibin;ZHU Junhu;PENG Jianshan;LIN Hongyang(State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450002,China)
出处
《计算机工程与应用》
CSCD
北大核心
2019年第14期87-97,167,共12页
Computer Engineering and Applications
基金
国家自然科学基金(No.61502528)
关键词
灰盒模糊测试
自适应技术
样本格式修复
路径追踪位图
语料选择
greybox fuzzing test
adaptive technology
sample format repair technique
trace bitmap
corpus selecting
