信息网络安全 ›› 2021, Vol. 21 ›› Issue (10): 63-68.doi: 10.3969/j.issn.1671-1122.2021.10.009

• 入选论文 • 上一篇    下一篇

一种基于距离导向的模糊测试变异方法

吴佳明1(), 熊焰2, 黄文超2, 武建双3   

  1. 1.中国科学技术大学网络空间安全学院,合肥 230026
    2.中国科学技术大学计算机科学与技术学院,合肥 230026
    3.合肥天帷信息安全技术有限公司,合肥 230000
  • 收稿日期:2021-04-12 出版日期:2021-10-10 发布日期:2021-10-14
  • 通讯作者: 吴佳明 E-mail:lpwjm@mail.ustc.edu.cn
  • 作者简介:吴佳明(1997—),男,陕西,硕士研究生,主要研究方向为模糊测试、漏洞挖掘|熊焰(1960—),男,安徽,教授,博士,主要研究方向为网络安全、漏洞挖掘、形式化建模|黄文超(1982—),男,湖北,副教授,博士,主要研究方向为网络安全、漏洞挖掘、形式化建模|武建双(1984—),男,山西,硕士,主要研究方向为网络安全等级保护
  • 基金资助:
    国家自然科学基金(61972369);国家重点研发计划(2018YFB2100301)

A Distance-based Fuzzing Mutation Method

WU Jiaming1(), XIONG Yan2, HUANG Wenchao2, WU Jianshuang3   

  1. 1. School of Cyberspace Science and Technology, University of Science and Technology of China, Hefei 230026, China
    2. School of Computer Science and Technology, University of Science and Technology of China, Hefei 230026, China
    3. Hefei Tianwei Information Security Technology Co., Ltd., Hefei 230000, China
  • Received:2021-04-12 Online:2021-10-10 Published:2021-10-14
  • Contact: WU Jiaming E-mail:lpwjm@mail.ustc.edu.cn

摘要:

为解决现有的导向性灰盒测试工具生成的输入中能够到达目标代码段的输入占比较低的问题,文章提出一种基于距离导向的变异方法。该方法利用强化学习算法,以最小化新输入与目标代码段之间的距离为目标,使得导向性灰盒测试在生成输入时选择生成的新输入与目标代码段之间距离最小的修改动作,从而提高到达目标代码段的输入占比。文章实现了基于该变异方法的导向性灰盒测试工具,并与现有的导向性灰盒测试工具进行对比,结果表明,基于文中的变异方法的导向性灰盒测试工具能够有效提升到达目标代码段的输入占比。

关键词: 网络安全, 漏洞挖掘, 模糊测试

Abstract:

In order to solve the problem that the inputs generated by the existing directed greybox fuzzing tools account for a very low proportion of the input which can reach the target code segment, this paper proposed a distance-based mutation method. The mutation method proposed in this paper is based on a reinforcement learning algorithm which can minimize the distance between the new input and the target code segment. It could make the directed greybox fuzzing select the modification action that generates the new input with minimum distance to the target program locations, thereby increasing the proportion of inputs that can reach the target program locations. This paper implemented a directed greybox fuzzing tool based on this mutation method, and compare experiments with the existing directed greybox fuzzing tool. The experimental results shows that the directed greybox fuzzing tool based on the mutation method in this paper can effectively increase the proportion of inputs that can reach the target program locations.

Key words: network security, vulnerability mining, fuzzing testing

中图分类号: