| Today,people are becoming more dependent on software products.Along with this,the complexity of software products is getting higher and higher,and the damage caused by software vulnerabilities is also getting bigger and bigger.Therefore,the vulnerability detection of software products becomes imminent.Fuzzing technology is an effective way to detect software vulnerabilities.Based on this,this paper proposes a fuzzing method based on model constraints and particle swarm optimization.Firstly,the format of the samples is strictly constrained by the model constraint technology to reduce the generation of invalid samples.Second,the traditional particle swarm algorithm is improved to make the algorithm more convergent.So as to better guide the generation of samples,make the samples tend to the fragile path,and improve the testing efficiency.By drawing on these two technologies and combining source code instrumentation and static analysis,we have formed a software vulnerability detection scheme.This solution solves the shortcomings of traditional fuzzing methods such as large blindness,low degree of automation,and low vulnerability mining efficiency.Based on the previous technical investigation and research,this paper implements a software vulnerability detection prototype system based on a combination of model constraints and particle swarm optimization.By testing the three softwares,the results show that compared with the fuzzing framework of a single technology,the proposed scheme has significantly improved the efficiency of vulnerability mining and code coverage. |
PDF Full Text Request