一种高效的软件模糊测试种子生成方法

刘振岩; 张华; 刘勇; 杨立波; 王梦迪

doi:10.19665/j.issn1001-2400.20230901

您当前的位置：

首页 >

文章列表页 >

一种高效的软件模糊测试种子生成方法

计算机科学与技术&网络空间安全 | 更新时间：2024-06-03

- 一种高效的软件模糊测试种子生成方法
- Efficient seed generation method for software fuzzing
- 西安电子科技大学学报 2024年51卷第2期页码：126-136
- 作者机构：
  
  1. 北京邮电大学网络与交换技术国家重点实验室,北京 100876
  2. 青岛科技大学信息科学技术学院,山东青岛 266061
  3. 国网河北省电力有限公司,河北石家庄 050000
  4. 国网河北省电力有限公司信息通信分公司,河北石家庄 050000
- 作者简介：
  
  [ "刘振岩(2000—),男,北京邮电大学硕士研究生,E-mail:[email protected]; " ]
  张华(1978—),女,教授,E-mail:[email protected]
  [ "刘勇(1971—),女,副教授,E-mail:[email protected]; " ]
  [ "杨立波(1975—),男,高级工程师,E-mail:[email protected]; " ]
  [ "王梦迪(1993—),女,高级工程师,E-mail:[email protected]" ]
- 基金信息：
  
  国家自然科学基金(62072051)
- DOI：10.19665/j.issn1001-2400.20230901
  中图分类号： TP311
- 纸质出版日期：2024-4-20，
  
  网络出版日期：2023-10-7，
  
  收稿日期：2023-1-10，
扫描看全文
刘振岩, 张华, 刘勇, 等. 一种高效的软件模糊测试种子生成方法[J]. 西安电子科技大学学报, 2024,51(2):126-136.

Zhenyan LIU, Hua ZHANG, Yong LIU, et al. Efficient seed generation method for software fuzzing[J]. Journal of Xidian University, 2024,51(2):126-136.
刘振岩, 张华, 刘勇, 等. 一种高效的软件模糊测试种子生成方法[J]. 西安电子科技大学学报, 2024,51(2):126-136. DOI： 10.19665/j.issn1001-2400.20230901.

Zhenyan LIU, Hua ZHANG, Yong LIU, et al. Efficient seed generation method for software fuzzing[J]. Journal of Xidian University, 2024,51(2):126-136. DOI： 10.19665/j.issn1001-2400.20230901.

摘要

模糊测试技术作为当前软件工程领域用于挖掘漏洞的有效方式之一

其在发现软件潜在漏洞方面有着非常显著的效果。针对传统模糊测试技术中种子选择策略无法快速有效地生成高质量的种子集

导致变异生成的测试用例无法到达更深路径、触发更多安全漏洞的问题

基于改进生成对抗网络(GAN)提出了一个种子生成方法以实现高效模糊测试。通过优化LeakGAN网络结构提高生成种子的质量和多样性

引入编解码技术实现灵活扩展生成种子的类型

并显著提高了在不同输入格式下目标程序的模糊测试性能。实验结果表明

采取的种子生成策略在覆盖率、触发唯一崩溃等指标上有明显提升

并有效地提高了种子生成速度。文中选择了6个具有不同高度结构化输入的开源程序和不同的模糊测试工具来验证策略的有效性

相较原策略分支覆盖率平均增长约2.79%

并且多发现了约10.35%的唯一路径以及约86.92%的唯一崩溃。

Abstract

As one of the effective ways to exploit software vulnerabilities in the current software engineering field

fuzzing plays a significant role in discovering potential software vulnerabilities.The traditional seed selection strategy in fuzzing cannot effectively generate high-quality seeds

which results in the testcases generated by mutation being unable to reach deeper paths and trigger more security vulnerabilities.To address these challenges

a seed generation method for efficient fuzzing based on the improved generative adversarial network(GAN) is proposed which can flexibly expand the type of seed generation through encoding and decoding technology and significantly improve the fuzzing performance of most applications with different input types.In experiments

the seed generation strategy adopted in this paper significantly improved the coverage and unique crashes

and effectively increased the seed generation speed.Six open-sourced programs with different highly-structured inputs were selected to demonstrate the effectiveness of our strategy.As a result

the average branch coverage increased by 2.79%

the number of paths increased by 10.35% and additional 86.92% of unique crashes were found compared to the original strategy.

关键词

漏洞挖掘网络安全模糊测试深度学习

Keywords

vulnerability detectionnetwork securityfuzz testingdeep learning

references

ZHU X, WEN S, CAMTEPE S, et al. Fuzzing:A Survey for Roadmap[J]. ACM Computing Surveys(CSUR), 2022, 54(11s):1-36.

GOOGLE. OSS-Fuzz Issue Report Tracker(2022)[EB/OL].[2022-12-28]. https://bugs.chromium.org/p/oss-fuzz/issues/list. https://bugs.chromium.org/p/oss-fuzz/issues/listhttps://bugs.chromium.org/p/oss-fuzz/issues/list

REBERT A, CHA S K, AVGERINOS T, et al. Optimizing Seed Selection for Fuzzing[C]//Proceedings of the 23rd USENIX Security Symposium(USENIX Security 14). Berkeley:USENIX, 2014:861-875.

WANG J, CHEN B, WEI L, et al. Skyfire:Data-Driven Seed Generation for Fuzzing[C]//Proceedings of the 32nd IEEE Symposium on Security and Privacy(SP). Piscataway:IEEE, 2017:579-594.

WARTSCHINSKI L, NOLLER Y, VOGEL T, et al. VUDENC:Vulnerability Detection with Deep Learning on a Natural Codebase for Python[J]. Information and Software Technology, 2022,144:106809.

ZHANG L, WANG J, WANG W, et al. A Novel Smart Contract Vulnerability Detection Method Based on Information Graph and Ensemble Learning[J]. Sensors, 2022, 22(9):3581.

CAO S, SUN X, BO L, et al. MVD:Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks[C]//Proceedings of the 44th IEEE/ACM International Conference on Software Engineering(ICSE). Piscataway:IEEE, 2022:1456-1468.

杜李旭弘, 陈杰, 杨小雪. 一种结合GAN的定向口令猜测方案[J]. 西安电子科技大学学报, 2022, 49(3):129-136.

DU Lixuhong, CHEN Jie, YANG Xiaoxue. Targeted Password Guessing Scheme Combined with GAN[J]. Journal of Xidian University, 2022, 49(3):129-136.

GODEFROID P, PELEG H, SINGH R. Learn&Fuzz:Machine Learning for Input Fuzzing[C]//Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering(ASE). Piscataway:IEEE, 2017:50-59.

CHENG L, ZHANG Y, ZHANG Y, et al. Optimizing Seed Inputs in Fuzzing with Machine Learning[C]//2019 IEEE/ACM 41st International Conference on Software Engineering:Companion Proceedings(ICSE-Companion). Piscataway:IEEE, 2019: 244-245.

NICHOLS N, RAUGAS M, JASPER R, et al. Faster Fuzzing:Reinitialization with Deep Neural Models(2017)[J/OL].[2023-01-08]. https://arxiv.org/abs/1711.02807. https://arxiv.org/abs/1711.02807https://arxiv.org/abs/1711.02807

GOODFELLOW I, POUGET-ABADIE J, MIRZA M, et al. Generative Adversarial Networks[J]. Communications of the ACM, 2020, 63(11):139-144.

LYU C, JI S, LI Y, et al. SmartSeed:Smart Seed Generation for Efficient Fuzzing(2019)[J/OL].[2023-01-08]. https://arxiv.org/abs/1807.02606. https://arxiv.org/abs/1807.02606https://arxiv.org/abs/1807.02606

HU Z, SHI J, HUANG Y H, et al. GANFuzz:A GAN-Based Industrial Network Protocol Fuzzing Framework[C]//Proceedings of the 15th ACM International Conference on Computing Frontiers. New York: ACM, 2018:138-145.

JANG E, GU S, POOLE B. Categorical Reparameterization with Gumbel-Softmax(2017)[J/OL].[2023-05-30]. https://arxiv.org/abs/1611.01144. https://arxiv.org/abs/1611.01144https://arxiv.org/abs/1611.01144

GUO J, LU S, CAI H, et al. Long Text Generation via Adversarial Training with Leaked Information[C]//Proceedings of the 2018 AAAI Conference on Artificial Intelligence. Washington:AAAI, 2018:5141-5148.

SRIVASTAVA R K, GREFF K, SCHMIDHUBER J. Highway Networks(2015)[J/OL].[2023-01-08]. https://arxiv.org/abs/1505.00387. https://arxiv.org/abs/1505.00387https://arxiv.org/abs/1505.00387

GOOGLE. Google’sFuzzer Test Suite(2022)[EB/OL].[2022-12-28]. https://github.com/google/fuzzer-test-suite. https://github.com/google/fuzzer-test-suitehttps://github.com/google/fuzzer-test-suite

WANG M, LIANG J, ZHOU C, et al. Industrial Oriented Evaluation of Fuzzing Techniques[C]//Proceedings of the 14th IEEE Conference on Software Testing,Verification and Validation(ICST). Piscataway:IEEE, 2021:306-317.

LIU X, YOU W, ZHANG Z, et al. TensileFuzz:Facilitating Seed Input Generation in Fuzzing via String Constraint Solving[C]//Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis. New York: ACM, 2022:391-403.

MENENDEZ H D, CLARK D. Hashing Fuzzing:Introducing Input Diversity to Improve Crash Detection[J]. IEEE Transactions on Software Engineering, 2021, 48(9):3540-3553.

HERRERA A, GUNADI H, MAGRATH S, et al. Seed Selection for Successful Fuzzing[C]//Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis. New York: ACM, 2021:230-243.

LIANG J, JIANG Y, WANG M, et al. Deepfuzzer:Accelerated Deep Greybox Fuzzing[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 18(6):2675-2688.

ZALEWSKI M. American Fuzzy Lop(2017)[EB/OL].[2022-12-28]. http://lcamtuf.coredump.cx/afl. http://lcamtuf.coredump.cx/aflhttp://lcamtuf.coredump.cx/afl

FIORALDI A, MAIER D, EIBFELDT H, et al. AFL++:Combining Incremental Steps of Fuzzing Research[C]//Proceedings of the 14th USENIX Workshop on Offensive Technologies(WOOT 20). Berkeley:USENIX, 2020:1-12.

KLEES G, RUEF A, COOPER B, et al. Evaluating Fuzz Testing[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018:2123-2138.

YE A, WANG L, ZHAO L, et al. RapidFuzz:Accelerating Fuzzing via Generative Adversarial Networks[J]. Neurocomputing, 2021,460:195-204.

LI Y, JI S, LIU C, et al. V-Fuzz:Vulnerability Prediction-Assisted Evolutionary Fuzzing for Binary Programs[J]. IEEE Transactions on Cybernetics, 2020, 52(5):3745-3756

叶嘉羲. 面向软件漏洞自动挖掘的先进模糊测试关键技术研究[D]. 长沙: 国防科技大学, 2020.

浏览量

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

多尺度卷积结合Transformer的抑郁脑电分类研究

三维注意力增强的暴力场景检测算法

用于语义分割的自监督对比式表征学习

面向雷达行为识别的多尺度卷积注意力网络

软件定义网络中流规则安全性研究进展