BArcherFuzzer:An Android System Services Fuzzier via Transaction Dependencies of BpBinder

By the analysis of vulnerabilities of Android native system services,we find that some vulnerabilities are caused by inconsistent data transmission and inconsistent data processing logic between client and server.The existing research cannot find the above two types of vulnerabilities and the test cases of them face the problem of low coverage.In this paper,we propose an extraction method of test cases based on the native system services of the client and design a case construction method that supports multi-parameter mutation based on genetic algorithm and priority strategy.Based on the above method,we implement a detection tool-BArcherFuzzer to detect vulnerabilities of Android native system services.The experiment results show that BArcherFuzzer found four vulnerabilities of hundreds of exception messages,all of them were confirmed by Google and one was assigned a Common Vulnerabilities and Exposures(CVE)number(CVE-2020-0363).

A Survey on Binary Code Vulnerability Mining Technology

With the increase of software complexity,the security threats faced by the software are also increasing day by day.So people pay more and more attention to the mining of software vulnerabilities.Although source code has rich semantics and strong comprehensibility,source code vulnerability mining has been widely used and has achieved significant development.However,due to the protection of commercial interests and intellectual property rights,it is difficult to obtain source code.Therefore,the research on the vulnerability mining technology of binary code has strong practical value.Based on the investigation of related technologies,this article firstly introduces the current typical binary vulnerability analysis framework,and then briefly introduces the research background and significance of the intermediate language;with the rise of artificial intelligence,a large number of machine learning methods have been tried to solve the problem of binary vulnerability mining.This article divides the current related binary vulnerabilities mining technology into traditional mining technology and machine learning mining technology,respectively introduces its basic principles,research status and existing problems,and briefly summarizes them.Finally,based on the existing research work,this article puts forward the prospect of the future research on the technology of binary program vulnerability mining.

Research on Network Security Algorithm based on ZigBee Technology

Paper study the MAC layer security mechanism and data frame structure in ZigBee protocol, improve the algorithm for random Fuzzing test technology, and test method of attack fusion boundary, structure of Fuzzing and the node clone, proposed a ZigBee routing protocol for the MAC layer security comprehensive detection algorithm. Fuzzing test show that the testing algorithm can not only greatly improve the test efficiency in Fuzzing, more than the structure of Fuzzing is increased by 50% in path coverage.

TOAST: Automated Testing of Object Transformers in Dynamic Software Updates

Dynamic software update(DSU)patches programs on the fly.It often involves the critical task of object transformation that converts live objects of the old-version program to their semantically consistent counterparts under the new-version program.This task is accomplished by invoking an object transformer on each stale object.However,a defective transformer failing to maintain consistency would cause errors or even crash the program.We propose TOAST(Test Object trAnSformaTion),an automated approach to detecting potential inconsistency caused by object transformers.TOAST first analyzes an update to identify multiple target methods and then adopts a fuzzer with specially designed inconsistency guidance to randomly generate object states to drive two versions of a target method.This creates two corresponding execution traces and a pair of old and new objects.TOAST finally performs object transformation to create a transformed object and detects inconsistency between it and the corresponding new object produced from scratch by the new program.Moreover,TOAST checks behavior inconsistency by comparing the return variables and exceptions of the two executions.Experimental evaluation on 130 updates with default transformers shows that TOAST is promising:it got 96.0%precision and 85.7%recall in state inconsistency detection,and 81.4%precision and 94.6%recall in behavior inconsistency detection.The inconsistency guidance improved the fuzzing efficiency by 14.1%for state inconsistency detection and 40.5%for behavior inconsistency detection.

DeltaFuzz: Historical Version Information Guided Fuzz Testing

With the widespread use of agile software development methods,such as agile and scrum,software is iteratively updated more frequently.To ensure the quality of the software,regression testing is conducted before new versions are released.Moreover,to improve the efficiency of regression testing,testing efforts should be concentrated on the modified and impacted parts of a program.However,the costs of manually constructing new test cases for the modified and impacted parts are relatively expensive.Fuzz testing is an effective method for generating test data automatically,but it is usually devoted to achieving higher code coverage,which makes fuzz testing unsuitable for direct regression testing scenarios.For this reason,we propose a fuzz testing method based on the guidance of historical version information.First,the differences between the program being tested and the last version are analyzed,and the results of the analysis are used to locate change points.Second,change impact analysis is performed to find the corresponding impacted basic blocks.Finally,the fitness values of test cases are calculated according to the execution traces,and new test cases are generated iteratively by the genetic algorithm.Based on the proposed method,we implement a prototype tool DeltaFuzz and conduct experiments on six open-source projects.Compared with the fuzzing tool AFLGo,AFLFast and AFL,DeltaFuzz can reach the target faster,and the time taken by DeltaFuzz was reduced by 20.59%,30.05%and 32.61%,respectively.