Improved fuzzy analysis methods

doi:10.16511/j.cnki.qhdxxb.2016.25.004

Abstract
Figures/Tables
References
Related Articles
Metrics

Download: PDF(965 KB)
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract Fuzzing testing is one of the most widely used and most effective methods for vulnerability detection. However, the traditional fuzzy analysis method is inefficient and works blindly. This paper describes a refining method that reduces the test sample size with the same code coverage. A weighted testing time model is used to give the better sample more time. A taint based exception analysis method is used to evaluate the severity of exceptions and to improve the vulnerability analysis efficiency. Comparisons with Peach show that this method improves the traditional fuzzy analysis method.

Keywords Fuzzing refining set vulnerability analysis

ZTFLH:

TP311.1

Issue Date: 15 May 2016

	Service

	E-mail this article
	E-mail Alert
	RSS
	Articles by authors

	MA Jinxin
	ZHANG Tao
	LI Zhoujun
	ZHANG Jiangxiao

Cite this article:

MA Jinxin,ZHANG Tao,LI Zhoujun, et al. Improved fuzzy analysis methods[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(5): 478-483.

URL:

http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2016.25.004 OR http://jst.tsinghuajournals.com/EN/Y2016/V56/I5/478

[1] 李红辉, 齐佳, 刘峰, 等. 模糊测试技术研究[J]. 中国科学:信息科学, 2014,44(10):1305-1322. LI Honghui, QI Jia, LIU Feng, et al. The research progress of fuzz testing technology[J].SCIENCE CHINA:Information Sciences, 2014,44(10):1305-1322. (in Chinese)
[2] 李伟明, 张爱芳, 刘建财, 等. 网络协议的自动化模糊测试漏洞挖掘方法[J]. 计算机学报, 2011, 2:242-255. LI Weiming, ZHANG Aifang, LIU Jiancai, et al. An automatic network protocol fuzz testing and vulnerability discover method[J].Chinese Journal of Computers, 2011, 2:242-255. (in Chinese)
[3] 李舟军, 张俊贤, 廖湘科, 等. 软件安全漏洞检测技术[J]. 计算机学报, 2015,4:717-732. LI Zhoujun, ZHANG Junxian, LIAO Xiangke, et al. Survey of software vulnerability detection techniques[J].Chinese Journal of Computers, 2015,4:717-732. (in Chinese)
[4] 杨丁宁, 肖晖, 张玉清. 基于Fuzzing的ActiveX控件漏洞挖掘技术研究[J]. 计算机研究与发展, 2012,49(7):1525-1532. YANG Dingning, XIAO Hui, ZHANG Yuqing. Vulnerability detection in activex controls based on fuzzing technology[J].Journal of Computer Research and Development, 2012,49(7):1525-1532. (in Chinese)
[5] 欧阳永基, 魏强, 王清贤, 等. 基于异常分布导向的智能Fuzzing方法[J]. 电子与信息学报, 2015,37(1):143-149. OUYANG Yongji, WEI Qiang, WANG Qingxian, et al. Intelligent fuzzing based on exception distribution steering[J].Journal of Electronics and Information Technology, 2015,37(1):143-149. (in Chinese)
[6] Rebert A, Cha S, Avgerinos T, et al. Optimizing seed selection for fuzzing[C]//Proceedings of the 23rd USENIX Conference on Security Symposium. San Diego, USA:USENIX Association, 2014:861-875.
[7] Wang T, Wei T, Gu G, et al. TaintScope:A checksum-aware directed fuzzing tool for automatic software vulnerability[C]//Proceedings of the 2010 IEEE Symposium on Security and Privacy. Washington D C, USA:IEEE, 2010:497-512.
[8] Wang T, Wei T, Lin Z, et al. IntScope:Automatically detecting integer overflow vulnerability in x86 binary using symbolic execution[C]//Proceedings of the 16th Network and Distributed System Security Symposium. San Diego, USA:Internet Society, 2010.
[9] 忽朝俭, 李舟军, 郭涛, 等. 写污点值到污点地址漏洞模式检测[J]. 计算机研究与发展, 2011,48(8):1455-1463. HU Chaojian, LI Zhoujun, GUO Tao, et al. Detecting the vulnerability pattern of writing tainted value to tainted address[J]. Journal of Computer Research and Development, 2011,48(8):1455-1463. (in Chinese)
[10] Christakis M, Godefroid P. Proving memory safety of the ANI windows image parser using compositional exhaustive testing[J].Lecture Notes in Computer Science, 2015,8931:373-392.
[11] Barr E T, Vo T, Le V, et al. Automatic detection of floating-point exceptions[C]//Proceedings of the 40th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages. New York, USA:ACM Press, 2013:549-560.
[12] Luk C, Cohn R, Muth R, et al. Pin:Building customized program analysis tools with dynamic instrumentation[C]//Proceedings of the ACM Conference on Programming Language Design and Implementation. New York, USA:ACM Press, 2005:190-200.
[13] Lueck G, Patil H, Pereira C. PinADX:An interface for customizable debugging with dynamic instrumentation[C]//Proceedings of the IEEE/ACM International Symposium on Code Generation and Optimization. New York, USA:ACM Press, 2012:114-123.
[14] Roy A, Hand S, Harris T. Hybrid binary rewriting for memory access instrumentation[C]//Proceedings of the ACM International Conference on Virtual Execution Environments. New York, USA:ACM Press, 2011:227-238.
[15] Skaletsky A, Devor T, Chachmon N, et al. Dynamic program analysis of microsoft windows applications[C]//Proceedings of the International Symposium on Performance Analysis of Software and Systems. New York, USA:IEEE Computer Society, 2010:2-12.
[16] Patil H, Pereira C, Stallcup M, et al. PinPlay:A framework for deterministic replay and reproducible analysis of parallel programs[C]//Proceedings of the IEEE/ACM International Symposium on Code Generation and Optimization. New York, USA:IEEE Computer Society, 2010:2-11.
[17] Bach M, Charney M, Cohn R, et al. Analyzing parallel programs with pin[J].Journal of Computer, 2010,43(3):34-41.

[1]	WANG Hongping, HU Yanzhu, ZHANG Yufeng, WANG Song. Analyzing the vulnerability of electrified transportation road networks[J]. Journal of Tsinghua University(Science and Technology), 2023, 63(10): 1584-1597.
[2]	ZHANG Mingyuan, WU Wei, SONG Yubo, HU Aiqun. Security level evaluation system for wireless local area network access devices[J]. Journal of Tsinghua University(Science and Technology), 2020, 60(5): 371-379.
[3]	ZHAO Gang, YU Yue, HUANG Minhuan, WANG Yuying, WANG Jiajie, SUN Xiaoxia. Test method for the font parser in PDF viewers[J]. Journal of Tsinghua University(Science and Technology), 2018, 58(3): 266-271.
[4]	ZOU Quanchen, ZHANG Tao, WU Runpu, MA Jinxin, LI Meicong, CHEN Chen, HOU Changyu. From automation to intelligence: Survey of research on vulnerability discovery techniques[J]. Journal of Tsinghua University(Science and Technology), 2018, 58(12): 1079-1094.
[5]	YI Shengwei, ZHANG Chongbin, XIE Feng, XIONG Qi, XIANG Chong, LIANG Lulu. Security analysis of industrial control network protocols based on Peach[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(1): 50-54.
[6]	CUI Baojiang, WANG Fuwei, GUO Tao, LIU Benjin. Research of taint-analysis based API in-memory fuzzing tests[J]. Journal of Tsinghua University(Science and Technology), 2016, 56(1): 7-13.
[7]	XIAO Qixue, CHEN Yu, QI Lanlan, GUO Shize, SHI Yuanchun. Detection and analysis of size controlled heap allocation[J]. Journal of Tsinghua University(Science and Technology), 2015, 55(5): 572-578.
[8]	Hongliang LIANG, Xiaoyu YANG, Yu DONG, Puhan ZHANG, Shuchang LIU. Parallel smart fuzzing test[J]. Journal of Tsinghua University(Science and Technology), 2014, 54(1): 14-19.

Viewed

Full text

Abstract

Cited

Shared

Discussed