| Directed fuzzing is a kind of fuzzing technology which can quickly generate test cases to reach a given target area of the program and find vulnerabilities.This paper analyzes the characteristics and existing problems of exciting directed fuzzing technology,studies the key technologies of it and put forward solutions to the existing problems,improves the efficiency of directed fuzzing.Aiming at the problem that the current fuzzing technology is hard to achieve effective direction,a seed energy allocation strategy based on distance vector is proposed.The distance from seed to the target area is calculated,based on this,different quantities of energy are allocated to the seeds,and different quantities of test cases are generated to achieve the effective direction of fuzzing.Aiming at the problem of premature convergence of seeds in directed fuzzing,which results in the fuzzing falling into local optimum,a dynamic energy regulation technology based on ant colony algorithm is proposed,it dynamically regulates the energy of seeds in the fuzzing.It avoids the premature convergence of seeds,and improves the efficiency of directed fuzzing.Aiming at the low quality of test cases in directed fuzzing,a technology of testcase-generation based on concolic symbolic execution is proposed.By tracing the execution path of seeds and using concolic symbolic execution to assist the genetic variation of seeds,it increases the coverage ratio of target areas and tests the target area more deeply and effectively.This paper designs multiple sets of comparative experiments,the experiments demonstrate that the proposed method can test the target area more quickly and effectively,and it has strong application value.It proves the practicability of this research in the dield of actual vulnerability mining.Finally,this paper designs and implements AFL-Ant,a prototype system of directed fuzzing. |
PDF Full Text Request