Reaserch And Implementation Of Vulnerability Mining Methods On Genetic Algorithm And Model Constraint

Fuzzy testing technology is the mainstream technology in the field of vulnerability mining currently.With the development of the technology,many intelligent technologies have been introduced into traditional fuzzy testing to improve test efficiency.The fuzzy technology based on model constraint can greatly improve the probability of producing effective test samples,but the variation process is lack of guidance and the data variation target is not clear,which leads to a low efficiency;The fuzzy technology based on feedback of path coverage information can give a variation direction to the variation process,but for the complex logic verification programs,this method's code penetration ability is weak.Besides,the above two methods both have a defect in code coverage,which is dependent on the initial samples too much.In other words,if there are no specific file structure types combination in the initial samples,there will be a very low possibility to cover the corresponding processing blocks in the fuzzing process.Based on the above background,this paper proposes a vulnerability mining method based on genetic algorithm and constraint model.The method uses the model constraint technology to create test samples effectively,and uses the fuzzy technology based on path feedback information to guide the direction of data variation.Besides,taking the advantages of genetic algorithm,we can enrich the diversity of file structure combinations in test samples,and generate high-quality test samples at the same time,which will improve the efficiency of fuzzy testing.We have designed and implemented a native framework called MogeFuzzer that based on genetic algorithm and model constraints.According to the analysis of PNG format software test shows that compared with the traditional blind fuzzy testing method and the fuzzy testing method based on model constraint,the method proposed in this paper has a great improvement in code coverage and test efficiency.Up to now,the framework has found multiple high-risk Oday vulnerabilities and two of them have been confirmed to enable remote arbitrary code execution.