一种高效的软件模糊测试种子生成方法

doi:10.19665/j.issn1001-2400.20230901

Abstract

Abstract:

As one of the effective ways to exploit software vulnerabilities in the current software engineering field,fuzzing plays a significant role in discovering potential software vulnerabilities.The traditional seed selection strategy in fuzzing cannot effectively generate high-quality seeds,which results in the testcases generated by mutation being unable to reach deeper paths and trigger more security vulnerabilities.To address these challenges,a seed generation method for efficient fuzzing based on the improved generative adversarial network(GAN) is proposed which can flexibly expand the type of seed generation through encoding and decoding technology and significantly improve the fuzzing performance of most applications with different input types.In experiments,the seed generation strategy adopted in this paper significantly improved the coverage and unique crashes,and effectively increased the seed generation speed.Six open-sourced programs with different highly-structured inputs were selected to demonstrate the effectiveness of our strategy.As a result,the average branch coverage increased by 2.79%,the number of paths increased by 10.35% and additional 86.92% of unique crashes were found compared to the original strategy.

Key words: vulnerability detection, network security, fuzz testing, deep learning

CLC Number:

TP311

LIU Zhenyan, ZHANG Hua, LIU Yong, YANG Libo, WANG Mengdi. Efficient seed generation method for software fuzzing[J].Journal of Xidian University, 2024, 51(2): 126-136.

Figures/Tables 11

References 29

[1]	ZHU X, WEN S, CAMTEPE S, et al. Fuzzing:A Survey for Roadmap[J]. ACM Computing Surveys(CSUR), 2022, 54(11s):1-36.
[2]	GOOGLE. OSS-Fuzz Issue Report Tracker(2022)[EB/OL].[2022-12-28]. https://bugs.chromium.org/p/oss-fuzz/issues/list.
[3]	REBERT A, CHA S K, AVGERINOS T, et al. Optimizing Seed Selection for Fuzzing[C]//Proceedings of the 23rd USENIX Security Symposium(USENIX Security 14). Berkeley:USENIX, 2014:861-875.
[4]	WANG J, CHEN B, WEI L, et al. Skyfire:Data-Driven Seed Generation for Fuzzing[C]//Proceedings of the 32nd IEEE Symposium on Security and Privacy(SP). Piscataway:IEEE, 2017:579-594.
[5]	WARTSCHINSKI L, NOLLER Y, VOGEL T, et al. VUDENC:Vulnerability Detection with Deep Learning on a Natural Codebase for Python[J]. Information and Software Technology, 2022,144:106809.
[6]	ZHANG L, WANG J, WANG W, et al. A Novel Smart Contract Vulnerability Detection Method Based on Information Graph and Ensemble Learning[J]. Sensors, 2022, 22(9):3581.
[7]	CAO S, SUN X, BO L, et al. MVD:Memory-Related Vulnerability Detection Based on Flow-Sensitive Graph Neural Networks[C]//Proceedings of the 44th IEEE/ACM International Conference on Software Engineering(ICSE). Piscataway:IEEE, 2022:1456-1468.
[8]	杜李旭弘, 陈杰, 杨小雪. 一种结合GAN的定向口令猜测方案[J]. 西安电子科技大学学报, 2022, 49(3):129-136.
	DU Lixuhong, CHEN Jie, YANG Xiaoxue. Targeted Password Guessing Scheme Combined with GAN[J]. Journal of Xidian University, 2022, 49(3):129-136.
[9]	GODEFROID P, PELEG H, SINGH R. Learn&Fuzz:Machine Learning for Input Fuzzing[C]//Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering(ASE). Piscataway:IEEE, 2017:50-59.
[10]	CHENG L, ZHANG Y, ZHANG Y, et al. Optimizing Seed Inputs in Fuzzing with Machine Learning[C]//2019 IEEE/ACM 41st International Conference on Software Engineering:Companion Proceedings(ICSE-Companion). Piscataway:IEEE, 2019: 244-245.
[11]	NICHOLS N, RAUGAS M, JASPER R, et al. Faster Fuzzing:Reinitialization with Deep Neural Models(2017)[J/OL].[2023-01-08]. https://arxiv.org/abs/1711.02807.
[12]	GOODFELLOW I, POUGET-ABADIE J, MIRZA M, et al. Generative Adversarial Networks[J]. Communications of the ACM, 2020, 63(11):139-144.
[13]	LYU C, JI S, LI Y, et al. SmartSeed:Smart Seed Generation for Efficient Fuzzing(2019)[J/OL].[2023-01-08]. https://arxiv.org/abs/1807.02606.
[14]	HU Z, SHI J, HUANG Y H, et al. GANFuzz:A GAN-Based Industrial Network Protocol Fuzzing Framework[C]//Proceedings of the 15th ACM International Conference on Computing Frontiers. New York: ACM, 2018:138-145.
[15]	JANG E, GU S, POOLE B. Categorical Reparameterization with Gumbel-Softmax(2017)[J/OL].[2023-05-30]. https://arxiv.org/abs/1611.01144.
[16]	GUO J, LU S, CAI H, et al. Long Text Generation via Adversarial Training with Leaked Information[C]//Proceedings of the 2018 AAAI Conference on Artificial Intelligence. Washington:AAAI, 2018:5141-5148.
[17]	SRIVASTAVA R K, GREFF K, SCHMIDHUBER J. Highway Networks(2015)[J/OL].[2023-01-08]. https://arxiv.org/abs/1505.00387.
[18]	GOOGLE. Google’sFuzzer Test Suite(2022)[EB/OL].[2022-12-28]. https://github.com/google/fuzzer-test-suite.
[19]	WANG M, LIANG J, ZHOU C, et al. Industrial Oriented Evaluation of Fuzzing Techniques[C]//Proceedings of the 14th IEEE Conference on Software Testing,Verification and Validation(ICST). Piscataway:IEEE, 2021:306-317.
[20]	LIU X, YOU W, ZHANG Z, et al. TensileFuzz:Facilitating Seed Input Generation in Fuzzing via String Constraint Solving[C]//Proceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis. New York: ACM, 2022:391-403.
[21]	MENENDEZ H D, CLARK D. Hashing Fuzzing:Introducing Input Diversity to Improve Crash Detection[J]. IEEE Transactions on Software Engineering, 2021, 48(9):3540-3553.
[22]	HERRERA A, GUNADI H, MAGRATH S, et al. Seed Selection for Successful Fuzzing[C]//Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis. New York: ACM, 2021:230-243.
[23]	LIANG J, JIANG Y, WANG M, et al. Deepfuzzer:Accelerated Deep Greybox Fuzzing[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 18(6):2675-2688.
[24]	ZALEWSKI M. American Fuzzy Lop(2017)[EB/OL].[2022-12-28]. http://lcamtuf.coredump.cx/afl.
[25]	FIORALDI A, MAIER D, EIBFELDT H, et al. AFL++:Combining Incremental Steps of Fuzzing Research[C]//Proceedings of the 14th USENIX Workshop on Offensive Technologies(WOOT 20). Berkeley:USENIX, 2020:1-12.
[26]	KLEES G, RUEF A, COOPER B, et al. Evaluating Fuzz Testing[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018:2123-2138.
[27]	YE A, WANG L, ZHAO L, et al. RapidFuzz:Accelerating Fuzzing via Generative Adversarial Networks[J]. Neurocomputing, 2021,460:195-204.
[28]	LI Y, JI S, LIU C, et al. V-Fuzz:Vulnerability Prediction-Assisted Evolutionary Fuzzing for Binary Programs[J]. IEEE Transactions on Cybernetics, 2020, 52(5):3745-3756
[29]	叶嘉羲. 面向软件漏洞自动挖掘的先进模糊测试关键技术研究[D]. 长沙: 国防科技大学, 2020.

目标程序	版本	种子类型	总代码行数/×10³	最大文件/比特	数据粒度/比特	字典规模	种子序列长度
Pcre 2	10.00	Regex	29	512	8	12 000	85
Guetzli	1.0.1	PNG	5.8	549	8	1 700	92
Libxml 2	2.9.2	XML	135	698	10	15 000	95
Libexif	0.6.21	JPEG	15	1 996	20	3 500	140
LibTIFF	4.0.4	TIFF	80	488	8	5 000	82
TCPdump	4.9.2	Pcap	93	512	8	10 000	85

模糊器	目标程序	分支覆盖率						唯一崩溃数量					唯一路径数量
模糊器	目标程序	Ori/%		OLG/%	ER/%	Mix/%	ER/%	Ori	OLG	ER/%	Mix	ER/%	Ori	OLG	ER/%	Mix	ER/%
AFL	Pcre 2		6.35	6.54	2.91	6.43	1.26	154	327	112.3	171	11.04	11 540	13 384	15.98	12 741	10.41
	Guetzli		1.81	1.86	2.76	1.86	2.76	0	0		0		746	859	15.08	1 077	44.30
	Libxml 2		5.94	6.26	5.39	6.31	6.23	6	16	166.7	13	116.7	2 357	2 530	7.32	2 846	20.75
AFL	Libexif		26.94	28.65	3.27	27.09	0.56	27	38	40.74	37	37.04	720	902	25.28	793	10.07
++	LibTIFF		22.58	21.69	-3.94	23.44	3.81	128	211	64.84	136	6.25	1 363	1 357	-0.48	1 407	3.26
	TCPdump		32.64	33.71	3.28	34.59	5.97	2	3	50.00	5	150.0	10 340	10 231	-1.06	10 491	1.46
	平均值		16.04	16.45	2.79	16.62	3.43	53	99	86.92	60	64.20	4 511	4 869	10.35	4 892	15.04

Efficient seed generation method for software fuzzing

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 11

References 29

Related Articles 15

Metrics

Comments

Recommended 0

[1]	ZHAI Fengwen, SUN Fanglin, JIN Jing. Study of EEG classification of depression by multi-scale convolution combined with the Transformer [J]. Journal of Xidian University, 2024, 51(2): 182-195.
[2]	DING Xinmiao, WANG Jiaxing, GUO Wen. Three-dimensional attention-enhanced algorithm for violence scene detection [J]. Journal of Xidian University, 2024, 51(1): 114-124.
[3]	LIU Bochong, CAI Huaiyu, WANG Yi, CHEN Xiaodong. Self-supervised contrastive representation learning for semantic segmentation [J]. Journal of Xidian University, 2024, 51(1): 125-134.
[4]	XIONG Wanyin, MAO Jian, LIU Ziwen, LIU Wenmao, LIU Jianwei. Advances in security analysis of software-defined networking flow rules [J]. Journal of Xidian University, 2023, 50(6): 172-194.
[5]	XIONG Jingwei, PAN Jifei, BI Daping, DU Mingyang. Multi-scale convolutional attention network for radar behavior recognition [J]. Journal of Xidian University, 2023, 50(6): 62-74.
[6]	ZHU Guangming,LU Zijie,FENG Jiawei,ZHANG Xiangdong,ZHANG Fengjun,NIU Zuoyuan,ZHANG Liang. Cause-effectgraph enhanced APT attack detection algorithm [J]. Journal of Xidian University, 2023, 50(5): 107-117.
[7]	DENG Yingchuan,ZHANG Tong,LIU Weijie,WANG Lina. COLLATE:towards the integrity of control-related data [J]. Journal of Xidian University, 2023, 50(5): 199-211.
[8]	HOU Yue,ZHENG Xin,HAN Chengyan. Traffic flow prediction method for integrating longitudinal and horizontal spatiotemporal characteristics [J]. Journal of Xidian University, 2023, 50(5): 65-74.
[9]	FAN Wentong,LI Zhenyu,ZHANG Tao,LUO Xiangyang. JPEG image steganalysis based on deep extraction of stego noise [J]. Journal of Xidian University, 2023, 50(4): 157-169.
[10]	WANG Yuhua,GAO Sheng,ZHU Jianming,HUANG Chen. Efficient deep learning scheme with adaptive differential privacy [J]. Journal of Xidian University, 2023, 50(4): 54-64.
[11]	WANG Juan,LIU Zishan,WU Minghu,CHEN Guanhai,GUO Liquan. Multi-scale object detection algorithm combined with super-resolution reconstruction technology [J]. Journal of Xidian University, 2023, 50(3): 122-131.
[12]	XIE Wen,HUA Wenqiang,JIAO Licheng,WANG Ruonan. Review on polarimetric SAR terrain classification methods using deep learning [J]. Journal of Xidian University, 2023, 50(3): 151-170.
[13]	ZHOU Shuo,ZHOU Yiqing,ZHANG Chong,XING Wang. ResNet enabled joint channel estimation and signal detection for OTFS [J]. Journal of Xidian University, 2023, 50(3): 19-30.
[14]	WANG Keyan,CHENG Jicong,HUANG Shirui,CAI Kunlun,WANG Weiran,LI Yunsong. Low-light image dehazing network with aggregated context-aware attention [J]. Journal of Xidian University, 2023, 50(2): 23-32.
[15]	LIU Bochong, CAI Huaiyu, YANG Shiyuan, LI Haotian, WANG Yi, CHEN Xiaodong. Lightweight semantic segmentation network for autonomous driving scenarios [J]. Journal of Xidian University, 2023, 50(1): 118-128.