| With the rapid development of software technology,more and more attention has been paid to its security.Software vulnerability mining,especially binary software vulnerability discovery has become the focus and difficulty of network security research.At present,the vulnerability discovery tools for Linux platform software matures,while the Windows platform software lacks a set of efficient vulnerability discovery system.Therefore,to improve the efficiency of Windows binary software vulnerability discovery,a set of efficient fuzzing testing technology scheme has become a focus and hot topic of current security researchers.This paper firstly summarizes the existing software vulnerability analysis technology,discusses the description method of software from two aspects of static and dynamic,the reasons for the common vulnerability types and occurrence were analyzed,and the common software vulnerabilities discovery technology and the trend of development in the future are discussed.Secondly,according to the previous analysis of software vulnerabilities and its causes,this paper implements the location of software dangerous code region based on static analysis.On this basis,this paper puts forward a strategy of scoring test cases according to the static code characteristics of software and the dynamic information of software execution,and improves the validity of test case generation in fuzzing test.Finally,based on the characteristics of Windows binary software,combined with AFL test tool,a method named AFLow is presented for the efficient Windows binary software fuzzing test,and through experiments its validity has been proved.The main contents of this paper are as follows:(1)A fuzzing test technique combined with static analysis is proposed.Based on the analysis of the causes of the known buffer vulnerabilities,this paper summarizes the common static features of these vulnerabilities on the binary code level.Then,according to its static characteristics,static analysis method is used to locate the sensitive code region.According to the distance between the basic block and the dangerous code area,the sensitivity of the basic block can be described,and the weights are iteratively updated and corrected by the feedback results of the dynamic test.Using static analysis weights as auxiliary information can be used as the basis for scoring test cases,which can prompt the test cases to evolve in the direction closer to the dangerous code area,deeper in the testing depth,and high path coverage.(2)Design and complete a memory fuzzing test system AFLow for Windows software.In this paper,with the help of advanced strategy of AFL,combined with the system characteristics of Windows platform,based on the in memory fuzzing test method,AFL is transplanted to the Windows platform,and the AFLow vulnerability mining system is proposed.The system uses dynamic Taint Analysis to locate the test area,which improves the automation level of the in memory fuzzing test.The effectiveness of the proposed fuzzing test system AFLow is proved by experiment on typical real software vulnerabilities discovery. |
PDF Full Text Request