Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Afl-based fuzz testing mutation method and device

A technology of fuzz testing and mutation, applied in software testing/debugging, error detection/correction, instruments, etc., can solve problems such as increased resource consumption, and achieve the effects of low consumption, reduced variation, and easy implementation

Active Publication Date: 2022-02-22
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0011] In view of this, the present invention provides an AFL-based fuzzing mutation method and device, which can improve the efficiency of AFL, and can solve the problem of increased resource consumption caused by existing symbolic execution and taint analysis techniques

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Afl-based fuzz testing mutation method and device
  • Afl-based fuzz testing mutation method and device

Examples

Experimental program
Comparison scheme
Effect test

test Embodiment i

[0049] Therefore, the present invention utilizes the bitfip stage of the deterministic mutation stage to collect valid bytes. In this stage, all the bytes of the test case i are flipped one by one to generate the test case i', and if the test case i' triggers a new path, the flipped byte is considered to be a valid byte. Traditional AFL discards valid bytes after using them in the deterministic mutation stage. The additional operation required by the present invention is: to count valid bytes and maintain them in the valid byte table. In this way, valid bytes can be identified using the valid byte table during subsequent mutation operations.

[0050] However, in some special cases, the above operations will not be performed: if the input file is less than 128 bytes, all bytes are directly considered to be valid bytes. Or, when it is determined that the proportion of valid bytes in a test case exceeds a certain value (for example, 90%), then all the bytes in the test case are ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an AFL-based fuzzy test variation method and device, in which valid bytes of a test case are determined in the deterministic variation stage of AFL; in the deterministic variation stage, the mutated bytes are determined according to the information of the effective bytes, Do not mutate all invalid bytes; in the destructive mutation stage, guide the mutation according to the information of the valid bytes, if the currently randomly selected byte is a valid byte, it must be mutated; otherwise, give a small probability of mutation. Using the invention can improve the efficiency of AFL, and can solve the problem of increased resource consumption caused by the existing symbol execution and taint analysis technology.

Description

technical field [0001] The invention relates to the technical field of fuzz testing, in particular to an AFL-based fuzz testing variation method and device. Background technique [0002] With the advent of the information age, all kinds of software emerge in an endless stream, but the quality of software cannot be guaranteed. How to efficiently and quickly find the loopholes in related software has become a key problem to be overcome and researched by the industry and academia. As a mainstream technology of vulnerability mining, fuzz testing has attracted much attention due to its simple use, high vulnerability mining efficiency, and strong environmental adaptability. [0003] The fuzzer AFL is an open source fuzz testing tool developed by Google security engineer Michal Zalewski in 2013. AFL is an abbreviation of American Fuzzy Lop. It has low performance consumption and can efficiently mine possible security vulnerabilities. [0004] The core technology of AFL lies in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/36
CPCG06F11/3684G06F11/3688
Inventor 马锐王夏菁李斌斌薛静锋田东海
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com