| With the continuous progress of science and technology and the continuous development of Internet technology,the number and scale of software systems are constantly expanding.Ensuring the quality of the software system is an urgent problem to be solved.As one of the effective ways to mine software vulnerabilities in the current software engineering field,fuzzing technology has a very significant effect in discovering potential software vulnerabilities.As one of the most representative tools in the current fuzzing field,the fuzzing tool AFL has helped software developers discover potential security vulnerabilities in many software projects.At the same time,AFL is also one of the most valuable research tools.Although AFL has outstanding advantages,there are still two disadvantages.First,AFL uses a random method to select the mutation positions of test cases,which reduces the quality and effectiveness of the test cases generated,which may lead to the generation of a large number of redundant test cases;second,AFL uses a random method to select test cases.The mutation operator reduces the code coverage of the test cases it generates,making it difficult to find deep-level software vulnerabilities.Therefore,this paper proposes two methods to solve the two shortcomings of the AFL fuzzy testing tool.First,this paper proposes to use neural network model to improve AFL mutation location selection for test cases.The main idea of this method is to collect a certain number of test cases as training samples and execute them in the original AFL tool.Then,the data set after execution is filtered to get the data set required by the training model.Finally,the neural network is trained according to the obtained training data,so as to predict the best variation location of test cases through the neural network,and improve the quality and effectiveness of generating test cases.Second,this paper proposes a mutation operator selection method based on exploration-utilization model.This method by initializing each position under each mutation operator returns probability,and continuously explore to perform to update each mutation probability value of the mutation operator,finally choose to return the mutation operator with the highest probability of mutation,to generate can effectively increase the code coverage of test cases of the software under test,found deep software vulnerabilities.In order to verify the effectiveness of the method proposed in this paper,this paper chooses four input file formats: readelf,readpng,mupdf,and libxml,and compares optimization for only the selection of mutation positions,optimization only for the selection of mutation operators,and both the performance of each in terms of input gain,number of crashes,and code coverage under optimization.The experimental results show that the method proposed in this paper helps to improve the quality and effectiveness of the generated test cases,thereby improving the code coverage of the software to be tested,and discovering software vulnerabilities more effectively. |
PDF Full Text Request