基于重点变异区域智能识别的模糊测试技术-《计算机技术与发展》

文章信息/Info

Title:: Fuzzing Testing Technology of Intelligent Recognition Based on Key Mutation Regions

Author(s):: DONG Yu-liang; DONG Bo; QIN Xiao-jun; GAN Shui-tao; State Key Laboratory of Mathematical Engineering and Advanced Computing,Wuxi 214125,China

Keywords:: fuzzing testing; data sampling; deep learning; vulnerability; binary programs

摘要:: 模糊测试技术是目前使用最广泛的软件脆弱性自动化检测技术之一,通过模糊测试研究人员发现了大量软件漏洞,但目前测试用例生成的盲目性仍是困扰模糊测试技术实用性的关键问题。针对此问题,提出了基于重点变异区域智能识别的二进制程序模糊测试技术。通过构建一个分布式采样模型 Sampling-AFL,获取测试用例与其对应的重点变异区域映射关系作为样本数据;采用 GRU、LSTM 等多种算法构建深度学习模型,训练种子重点变异区域预测模型;基于预测模型构建具备重点变异区域智能识别的二进制程序模糊测试工具 DL-AFL,使用预测结果指导测试用例的生成,以尽可能扩大对目标对象的代码覆盖能力和脆弱性检测能力。实验结果表明,该技术显著地提升了路径覆盖、边覆盖以及脆弱性检测能力。

Abstract:: Fuzzing testing is one of the most widely used software vulnerability detection technologies. Through fuzzing testing,a large number of software vulnerabilities have been discovered. However,the blindness of test cases generation is still a key problem that plagues the practicality of fuzzing testing. Aiming at this problem,we propose a binary program fuzzing testing based on intelligent recognition of key mutation regions. The mapping relationship between test cases and their corresponding key mutation regions is obtained as sample data through distributed sampling model,Sampling-AFL. The GRU,LSTM and other algorithms are used to construct the deep learning model to train the seed key mutation region prediction model. DL-AFL,a binary program fuzzing testing tool with intelligent recognition of key mutation regions,is constructed to make the prediction results guided the generation of test cases to maximize the code coverage and vulnerability detection capability of the target object. Experiment shows that this technique significantly improves path coverage,edge coverage,and vulnerability detection capabilities.