基于控制流序位比对的智能Fuzzing测试方法

doi:10.3969/j.issn.1000-436x.2013.04.013

摘要/Abstract

摘要：

在国际前沿技术EFS（evolutionary fuzzing system）的研究基础上，提出基于控制流序位比对算法的智能Fuzzing 测试方法。根据遗传算法的内在属性演算得到基于序列比对的适应度函数，并有效地计算出需要搜索的程序逻辑空间。最后给出了该方法与2种传统Fuzzing方法的测试性能的实验结果比对，证明了该方法能够充分利用遗传算法属性中并行性进行智能地程序逻辑学习，具有逻辑覆盖面广、搜索导向性强的优点，能够提高漏洞挖掘能力。

关键词: 智能Fuzzing, 控制流, 遗传算法, 漏洞

Abstract:

Flowing the way introduced in the research of evolutionary fuzzing system (EFS),a smart fuzzing method was proposed based on the node comparison algorithm among control flow sequences.Through mapping program execution flow sequences onto the control flow sequences,the isomorphism relationship between dada search space and program logic space was established.The analyzed results prove that the method is capa of mining a mass of information from group data effectively,and is able to fully util ze the parallelism of genetic algorithm to guide the fuzzing test.

Key words: smart Fuzzing, control flow, gene algorithm, vulnerability

王颖,杨义先,钮心忻,谷利泽. 基于控制流序位比对的智能Fuzzing测试方法[J]. 通信学报, 2013, 34(4): 114-121.

Ying WANG,Yi-xian YANG,Xin-xin NIU,Li-ze GU. Smart Fuzzing method based on comparison algorithm of control flow sequences[J]. Journal on Communications, 2013, 34(4): 114-121.

图/表 12

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

图11

图12

参考文献 12

[1]	CHOI Y H , KIM H C , LEE D H . Tag-aware text file testing for security of a software system[A]. Procedings of International Conference on Convergence Information Technology[C]. I E Press, 2007. 2254-2259.
[2]	LIU Q X , ZHANG Y Q . TFTP vulnerability finding techniq based on fuzzing[J]. Computer Communications. Elsevier, 2008,31(14): 3420-3426.
[3]	姚洪波, 尹亮, 文伟平．基于FUZZING测试技术的Windows内核安全漏洞挖掘方法研究及应用[J]．信息网络安全, 2011,(12):9-16. YAO H B , YIN L , WEN W P . Based on the FUZZING lead to new mining method based on windows kernel vulnerability[J]. Netinfo Security, 2011,(12):9-16.
[4]	GODEFROID P , KLARLUND N , SEN K . DART:directed automated random testing[A]. Proce of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation[C]. 2005. 40-6.
[5]	FROID P G , EVIN L M Y D , et al. Automated whitebox fuzz testing[A]. Procof Network and Distributed Systems Security(NDSS)[C]. 2008. 151-166.
[6]	WANG T L , WEI T , GU G F , et al. TaintScope:a Checksum-aware directed fuzzing tool for automatic software vulnerabi ity detection[A]. The 31st IEEE Symposium on Security and Privacy[C]. Berkeley,California,USA, 2010.
[7]	DEMOTT J , ENBODY R , PUNCH B . Revolutionizing the field of grey-box attack surface testing with evolutionary Fuzzing[EB/OL]. , 2012.
[8]	COELLO C A , LAMONT G B , VELDHUIZEN A V . Evolutionary Algorithms for Solving Multi-Objective Problems[M]. New York: Springer-Verlag, 2007.
[9]	SPARKS S , EMBLETON S , et al. Automated vulnerability analysis:leveraging control flow for evolutionary input crafting[A]. Proc of Computer Security Applications Conference[C]. 2007. 477-486.
[10]	DALLMEIER V , KNOPP N , MALLON C , et al. Automatically generating test cases for specification mining[J]. IEEE Transactions on Software Engineering, 2012,38(2): 243-257.
[11]	KANG M G , MCCAMANT S , POOSANKAM P , et al. DTA++:dynamic taint analysis with targeted control-?ow propagation[A]. Network and Distributed Systems Security(NDSS)[C]. 2011.
[12]	NEEDLEMAN S B , WUNSCH C D . A general method applicable to the search for similarities in the amino acid sequence of two proteins[J]. Journal of Molecular Biology, 1970,48(3): 443-453.

[1]	唐明, 胡一凡. Load-to-store: store buffer暂态窗口时间泄露的利用[J]. 通信学报, 2023, 44(4): 64-77.
[2]	康海燕, 龙墨澜. 基于吸收马尔可夫链攻击图的网络攻击分析方法研究[J]. 通信学报, 2023, 44(2): 122-135.
[3]	张云涛, 方滨兴, 杜春来, 王忠儒, 崔志坚, 宋首友. 基于异构观测链的容器逃逸检测方法[J]. 通信学报, 2023, 44(1): 49-63.
[4]	杨宏宇, 杨海云, 张良, 成翔. 基于特征依赖图的源代码漏洞检测方法[J]. 通信学报, 2023, 44(1): 103-117.
[5]	邱航, 汤红波, 游伟, 赵宇, 柏溢. NFV中基于量子遗传算法的网络服务扩展算法[J]. 通信学报, 2022, 43(11): 44-52.
[6]	丛玉良, 孙闻晞, 薛科, 钱志鸿, 陈绵书. 基于改进的混合遗传算法的车联网任务卸载策略研究[J]. 通信学报, 2022, 43(10): 77-85.
[7]	黄桦烽, 苏璞睿, 杨轶, 贾相堃. 可控内存写漏洞自动利用生成方法[J]. 通信学报, 2022, 43(1): 83-95.
[8]	马博林, 张铮, 任权, 张高斐, 邬江兴. 软件异构冗余执行系统的安全能力分析[J]. 通信学报, 2021, 42(9): 1-11.
[9]	苏新, 薛淏阳, 周一青, 朱金秀. 面向海洋观监测传感网的计算卸载方法研究[J]. 通信学报, 2021, 42(5): 149-163.
[10]	黄小红, 张勇, 闪德胜, 钱叶魁, 韩璐, 李丹丹, 丛群. 基于多目标效用优化的分布式数据交易算法[J]. 通信学报, 2021, 42(2): 52-63.
[11]	秦佳伟, 张华, 严寒冰, 何能强, 涂腾飞. 上下文感知的安卓应用程序漏洞检测研究[J]. 通信学报, 2021, 42(11): 13-27.
[12]	张炳, 文峥, 赵宇轩, 王苧, 任家东. 双粒度轻量级漏洞代码切片方法评估模型[J]. 通信学报, 2021, 42(11): 233-241.
[13]	潘传幸, 张铮, 马博林, 姚远, 季新生. 面向进程控制流劫持攻击的拟态防御方法[J]. 通信学报, 2021, 42(1): 37-47.
[14]	卢毅,徐梦颖,周杰. 基于改进的免疫克隆蛙跳算法的多约束QoS路由优化研究[J]. 通信学报, 2020, 41(5): 141-149.
[15]	杨佳,付才,韩兰胜,鲁宏伟,刘京亮. 云环境下基于函数编码的移动应用克隆检测[J]. 通信学报, 2019, 40(8): 60-71.