Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software fuzzy test method

A fuzzing and software testing technology, applied in software testing/debugging, error detection/correction, instruments, etc., to solve the problem of not being able to clearly understand the internal logic of the target under test, not optimizing test data use cases, and low code coverage and other problems, to achieve the effect of improving code coverage, reducing the scale of detection data, and reducing the mutation space

Active Publication Date: 2019-09-03
NAT UNIV OF DEFENSE TECH
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] (1) The test efficiency is low, because the fuzz test cannot clearly understand the internal logic of the target under test, resulting in a large amount of invalid test data
[0006] (2) The code coverage rate is low, and the generation of existing fuzzy test cases depends on a limited production technology, and the test data cases are not optimized once they are generated

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software fuzzy test method
  • Software fuzzy test method
  • Software fuzzy test method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] The specific implementation manners of the present invention will be described in detail below in conjunction with the accompanying drawings.

[0046] Fuzz testing: Discovering a large number of unknown security vulnerabilities is a fast and effective dynamic vulnerability analysis technology that has been widely used in the industry.

[0047]Fuzz test generation technology: how to construct detection data that is easy to trigger abnormal operations of vulnerabilities.

[0048] Software vulnerability is one of the main causes of information security problems. How to effectively analyze the vulnerabilities has become the focus of research in the field of information security. For undisclosed complex data formats, the current fuzz testing methods basically use random mutation of normal detection sample data to generate detection data. Because the detection data is generated too blindly, it seriously restricts the ability and efficiency of fuzzing tools. The reason is t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a software fuzzy test method, which comprises the following steps of: extracting and establishing a detection data sample based on an adaptive approximation vulnerability model(AAMV) based on historical data, test cases and log information acquired in a software test stage; dynamically analyzing vulnerability-related input elements in the detection data sample based on thefine-grained stain, and generating input data based on the detection data sample; and generating high coverage probe data based on mixed symbols of the input data. An adaptive approximation vulnerability model AAMV based on a tree structure is provided, detection data generation is guided, and the software vulnerability analysis effect is improved. Fine-grained stain analysis is carried out to find out fragile point related input elements, and variation space of the input elements is reduced. The code coverage rate of the fuzzy test technology is improved. According to the multi-dimensional detection data generation technology based on the OMMutator operator, the detection data scale is greatly reduced under the condition that the hit rates of fragile points are the same.

Description

technical field [0001] The invention belongs to the field of software fuzzy detection and relates to a fuzzy testing method based on an adaptive approximation vulnerability model. Background technique [0002] Fuzz testing has discovered a large number of unknown security vulnerabilities. It is a fast and effective dynamic vulnerability analysis technology and has been widely used in the industry. According to a survey by BSIMM, the nine leading security product teams they surveyed are all using fuzzing technology. The survey in the field of commercial fuzzing also shows that 80% of leading service providers and equipment manufacturers are using fuzzing technology. testing technology. For example, in Microsoft's products, 20%-25% of the security vulnerabilities found before the official release are analyzed by fuzz testing. [0003] At present, there is no uniform definition of fuzz testing. Some people call it fuzz testing, while others call it hash testing. The present ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36
CPCG06F11/3684G06F11/3688
Inventor 戚兰兰陆余良潘祖烈施凡黄晖赵军丁璐
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com