Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Parallel fuzzy test method and system based on target point task division

A technology of fuzz testing and task division, applied in software testing/debugging, platform integrity maintenance, etc., can solve problems such as task conflicts, and achieve the effect of improving flexibility, meticulous task allocation, and solving task conflicts.

Pending Publication Date: 2022-04-12
HANGZHOU DIANZI UNIV
View PDF2 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the present invention, the fuzz tester is developed based on the aflgo framework, and a task division method based on target points is added to the parallelization model of aflgo to solve the problem of task conflicts that may exist in the original parallelization process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Parallel fuzzy test method and system based on target point task division
  • Parallel fuzzy test method and system based on target point task division
  • Parallel fuzzy test method and system based on target point task division

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] The technical solutions in the present invention will be fully described below in conjunction with the drawings in the embodiments of the present invention.

[0051] like figure 1 As shown, the overall steps of the parallel fuzzing method based on target point task division are divided into four stages, static code analysis stage, stub compilation stage, parallel fuzzing test stage, and target point vulnerability judgment stage.

[0052] The static code analysis stage is specifically: through the code defect static inspection tool cppcheck, statically analyze the software to detect code blocks that may have problems such as memory leaks, mismatched memory allocation and release, and buffer overflows, and build a set of target points. The set of target points (the set of code lines that may have the above-mentioned problems), wherein a single target point (any line of code) is represented as a basic block (file name, code line number).

[0053] The instrumentation compi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a parallelization fuzzy test method and system based on target point task division, and aims to solve the problem of task conflict in the existing parallelization fuzzy test. And detecting code blocks which possibly have problems through a static code analyzer, and generating a target point set. By constructing CG and CFGs, the affiliation of each basic block in software and the distance between each basic block and a corresponding target point are calculated, and the affiliation information and the distance information of the basic blocks are integrated into an executable file through instrumentation compiling. A target point set can be obtained when each fuzzy test instance is started, and variation testing is carried out on seeds belonging to the target point set. And analyzing the vulnerability generated by the parallelization fuzzy tester, judging whether the vulnerability exists at the target point or not, if so, stopping exploring the target point, and further turning to other target points to continue exploring. The method is suitable for an aflgo parallelization fuzzy test model, the implementation principle is simple, and the software vulnerability detection efficiency is high.

Description

technical field [0001] The invention belongs to the technical field of software automatic safety detection, and relates to a parallel fuzzy testing method and system based on target point task division. Background technique [0002] Software security testing is of great significance to the assurance of software quality. In order to improve the efficiency of software security testing, parallel fuzz testing methods can be used, but this technical method will have the problem of task conflicts. The task conflicts are mainly caused by two parts: 1. Since the seed selection strategies of each instance are similar , so it will be tested for similar code parts in the software, resulting in testing limited to a certain part of the software. 2. Multiple instances use the same seed mutation strategy to mutate seeds in similar seed queues, which will generate a lot of repeated test cases, resulting in a waste of test resources. [0003] In order to solve the problem of task conflicts...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36G06F21/57
Inventor 徐向华朱佳超陶泓宇
Owner HANGZHOU DIANZI UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products