| Nowadays,attackers use software vulnerabilities to carry out infiltration attacks as an important means of network attacks.While the size and complexity of software are rapidly increasing,not only is the number of vulnerabilities increasing,but their forms are diversifying.Vulnerability has become an important factor in network attack and defense.Therefore,automatic vulnerability discovery has become critical to ensure software security.It is based on the initial input,i.e.,a seed,to generate mutated test cases as new inputs of a tested program in the next execution loop.Although there have been remarkable achievements in terms of the number of discovered vulnerabilities,the reduction of time cost is still inadequate.Therefore,in order to improve the efficiency of the fuzzing,it is necessary to find more inputs that can cause the program to crash within a certain period of time.The main research contents of this paper are as follows:(1)This article first conducts a static analysis on the binary file,extracts the corresponding function call graph(CG)and control flow graph(CFG),and calculates the basic distance based on the function call graph and control flow graph.Block distance to prepare for the subsequent fuzzing phase.Then based on the AFLGo fuzzing framework,an efficient fast convergence algorithm is proposed.This algorithm is combined with the simulated annealing algorithm to form a new energy scheduling method,and a greybox vulnerability discovery model is proposed.IDVM.The model can allocate energy to seeds more quickly based on the basic block distance and fast convergence algorithm,so that in the sample selection stage,more energy can be allocated to seeds closer to the target location,and seeds far away from the target location can be screened out.(2)Based on the proposed greybox vulnerability discovery model IDVM,this paper realizes the ID VS oriented vulnerability discovery prototype system by combining AFLGo-oriented greybox fuzzing framework.Because the LAVA-M data set is widely used in vulnerability analysis and evaluation of various tools in the field of discovery,ID VS also adopted this data set as a comparison standard with other vulnerability discovery tools.Through their tests in the LAVA-M,IDVS found a total of more than forty preset vulnerabilities in the LAVA-M.And compared with the two mainstream vulnerability discovery tools,AFLGo and VUzzer,IDVS can detect more inputs that cause the program to crash in the same time,which fully demonstrates that IDVS has significantly improved the efficiency of vulnerability discovery. |
PDF Full Text Request