Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Embedded firmware grey box fuzzy testing method based on character right variation and virtual instrumentation

A fuzzy testing and embedded technology, which is applied in software testing/debugging, electrical digital data processing, error detection/correction, etc., can solve the lack of methods for analyzing variation of embedded firmware input fields, test case generation and lack of orientation of variation , Reduce fuzz test execution efficiency and other issues, achieve the effect of improving speed and effect, reducing execution overhead, and improving efficiency

Pending Publication Date: 2021-12-24
SHANGHAI UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the existing AFL code instrumentation technology needs to repeatedly track the virtualization instructions of the code in the process of code translation and execution in a virtualized environment (such as QEMU), which greatly reduces the execution efficiency of fuzz testing.
In addition, AFL also lacks a means of analyzing mutations for embedded firmware input fields, resulting in a lack of orientation in the generation and mutation of test cases, which also affects the efficiency of fuzz testing from another aspect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Embedded firmware grey box fuzzy testing method based on character right variation and virtual instrumentation
  • Embedded firmware grey box fuzzy testing method based on character right variation and virtual instrumentation
  • Embedded firmware grey box fuzzy testing method based on character right variation and virtual instrumentation

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0039] see figure 1 , the gray-box fuzzing method for embedded firmware based on word weight variation and virtual instrumentation technology, which is characterized by the following steps:

[0040] 1) Word weight mutation: new test cases are generated based on the field weight test case mutation strategy;

[0041] 2) Virtual instrumentation: instrumentation during embedded firmware translation to obtain code execution information of the tested embedded firmware.

[0042]Build a virtual operating environment for the embedded firmware program under test, and perform fuzzing tests based on virtual instrumentation and test case generation based on word weight variation for the embedded firmware program in the virtual operating environment, which can efficiently obtain embedded firmware code coverage information Effectively exploit vulnerabilities in embedded firmware based on

Embodiment 2

[0044] This embodiment is basically the same as Embodiment 1, and the special features are as follows:

[0045] see Figure 1 to Figure 5 , said step 1) specifically includes the following steps:

[0046] Step 1.1, collecting and screening test cases, deleting redundant test cases, scoring the remaining test cases and adding them to the test case library of the tested embedded firmware program;

[0047] Step 1.2, select a test case T from the test case library i , to judge the test case T i Whether it has been split by field, if it has been split by field, go to step 1.4;

[0048] Step 1.3, the selected test case T i Divide it into different fields according to the input format of the tested firmware program, and assign variation weights to each field;

[0049] Step 1.4, for the test case T i To score, according to the test case T i The score determined by T i The number of new test cases generated;

[0050] Step 1.5. Randomly generate a number of mutations M c ,M c...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an embedded firmware grey box fuzzy testing method based on the word right variation and virtual instrumentation technology for embedded firmware vulnerability mining, and the speed and effect of embedded firmware vulnerability mining can be effectively improved. The method comprises the following steps: 1) word weight variation: generating a new test case by using a test case variation strategy based on field weight; 2) virtual instrumentation: acquiring code coverage information of the tested embedded firmware by using an instrumentation method during translation in an embedded firmware QEMU virtual simulation environment. The test case variation strategy based on the field weight can improve the quality and speed of test case iteration updating, the instrumentation method during embedded firmware QEMU virtual simulation environment translation can reduce the execution overhead of the tested embedded firmware during code coverage information statistics, and the combination of the two can greatly improve the efficiency of embedded firmware vulnerability mining.

Description

technical field [0001] The invention relates to a gray-box fuzzy testing method for embedded firmware based on word weight variation and virtual instrumentation technology, which is suitable for exploiting vulnerabilities in embedded device firmware, does not rely on embedded devices, and has high vulnerability mining efficiency and manual analysis. Features such as low dependence. Background technique [0002] Embedded devices are widely used in various industries due to their low power consumption and low cost. In recent years, with the development of basic supporting technologies such as communication technology, smart terminals, and cloud computing, the functions of embedded devices have become more and more abundant. Embedded devices are gradually replacing traditional non-embedded devices (such as sockets, lights, water meters, electricity meters, etc.), which brings great convenience to our work and life. Due to the lack of a unified specification for the developmen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36
CPCG06F11/3684G06F11/3688
Inventor 周鹏时磊
Owner SHANGHAI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com