Research Of Optimizing Fuzzing Method Based On Dynamic Taint Tracking

With the rapid development of the Internet, more and more web application vulnerabilities can be exploited by hackers, losses from vulnerabilities has increased significantly, therefore vulnerabilities has become one of the hottest research areas of security. And how to effectively mining security vulnerability is the key to security issues. Fuzzing is an important means of mining vulnerability. But the existing fuzzing methods have a common flaw: it requires a lot of test cases, exist redundant test cases, resulting in low efficiency test.For the deficiencies of the prior fuzzing, propose a optimizing fuzzing method based on dynamic taint tracking.The core idea of this method is that tracking executive process in the tested-side of each fuzzing test case by using dynamic taint tracking technology, record the execution path, then use the similarity algorithm to determine the path whether a similar path, which determine whether test case is redundancy or not. If the test case is redundancy, the next test can skip redundancy test case; if the test case is valid, use valid test case for parallel processing, improve efficiency of mining vulnerability using fuzzing.According to the proposed method, Build a parallelization of fuzzing system which was optimized, the system is mainly divided into the fuzz tester module, stain tracking module, similarity and parallel processing module processing module.Through to the FTP(File Transfer Protocol) protocol and HTTP(Hypertext Transfer Protocol)protocol for testing, the system can access all effective test cases of each protocol in fuzzing-side, these effective test cases to find exceptions are consistent with the non-optimized fuzzing system. Proved the correctness of optimizing fuzzing method based on dynamic taint tracking.