Unlock instant, AI-driven research and patent intelligence for your innovation.

Fuzz testing method based on path-aware mutation strategy

A fuzzy testing and mutation technology, applied in software testing/debugging, error detection/correction, instruments, etc., can solve problems such as insignificant effects, increased probability, and high overhead, saving time, avoiding excessive overhead, Avoiding the effects of dynamic analysis

Active Publication Date: 2022-06-17
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In order to solve the problem that the existing fuzzing method has too much overhead or increases according to the probability, and the effect of direct comparison of sample bytes is not obvious, the present invention provides a fuzzing method based on path-aware mutation strategy

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fuzz testing method based on path-aware mutation strategy
  • Fuzz testing method based on path-aware mutation strategy
  • Fuzz testing method based on path-aware mutation strategy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0041] In order to make the objectives, technical solutions and advantages of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are part of the present invention. examples, but not all examples. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

[0042] The main idea of ​​the present invention is to perceive the execution path of the sample through the fuzzer, identify the magic bytes on the path, and carry out targeted mutation, so as to realize the rapid breakthrough of the magic byte checkpoint. It is mainly divided into the following two parts:

[0043] 1. Instrumentation analysis. In the process of instrumenti...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a fuzzy testing method based on a path-aware mutation strategy. The method comprises: step 1: detecting the test program after the stub insertion, and judging whether a magic byte is detected: if so, then performing step 2; step 2: if detecting the magic byte, recording in the shared memory; step 3: Continue to detect the test program after instrumentation, and use a heuristic-based method to judge whether the magic byte is broken: if yes, add the magic byte and its offset to the global map; if not, go to step 4 ;Step 4: continue to detect the test program after the instrumentation, and judge whether it has been mutated by magic: if so, call the original mutation strategy to mutate, and return to step 1; if not, call the magic dictionary strategy to mutate, and return to step 1. The invention gets rid of the huge overhead problem caused by relying on the dynamic analysis technology to break through the checkpoint process, and can improve the efficiency of the fuzzy test.

Description

technical field [0001] The invention relates to the technical field of computing software security testing, in particular to a fuzzy testing method based on a path-aware mutation strategy. Background technique [0002] Fuzzing is an automated software testing technology that provides semi-valid data as input to the test program and monitors whether the program is abnormal. Because of its simplicity and efficiency, it is widely used in major software manufacturers and open source software development and testing, and this technology has found a large number of loopholes in various software. However, with the wide application of software security testing tools and the improvement of code security development awareness, vulnerabilities usually appear in more complex code structures. Existing fuzzing tests are effective in mining code vulnerabilities with relatively simple code structure, but it is often difficult to catch exceptions in the face of complex code structure. One ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F11/36
CPCG06F21/577G06F11/3644G06F2221/033
Inventor 魏强李锡星武泽慧
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU