摘要
随着灰盒模糊测试技术的发展,不同的模糊测试反馈技术被更多地使用和研究。英特尔处理器跟踪(Intel Processor Trace,Intel PT)技术是Intel提出的CPU执行指令跟踪功能。使用Intel PT技术可以得到CPU的执行指令信息,并以PT数据包的形式存放。PT解码器将PT数据包解析成为程序执行的控制流数据,从而得到模糊测试所需要的代码边界信息。通过研究比较当前公开的6种PT解码器解决方案,针对减少PT技术在模糊测试中的反馈开销和处理反馈信息不完整的问题,提出基于内核信息辅助的PT解码器并行调度优化技术。并通过实验证明了该技术的有效性和解码速度优势。
With the development of gray-box fuzzing technology,different fuzzing feedback technologies are widely used and researched.Intel processor trace(PT)technology is a program tracing function for CPU execution instructions proposed by Intel.By Intel PT technology,the execution instruction information of CPU can be obtained and stored in the form of PT packet.The PT decoder parses the PT data into the control flow data executed by the program,so as to obtain the code boundary information required by the fuzzing test.By studying and comparing the six currently disclosed PT decoder solutions,a parallel scheduling optimization technology for PT decoders based on kernel information is proposed,to reduce the feedback overhead of PT technology in the fuzzing test and handle the problem of incomplete feedback information.Experiments show the effectiveness and decoding speed advantage of this technology.
作者
林志强
彭建山
毕野川
LIN Zhiqiang;PENG Jianshan;BI Yechuan(State Key Laboratory of MaLhemaLical Engineering and Advanced CompuLing,Zhengzhou 450001,China)
出处
《信息工程大学学报》
2022年第3期351-358,共8页
Journal of Information Engineering University
基金
国家重点研发计划资助项目(2017YFB0802901)。
