Research On Directed Fuzzing For Vulnerability Verification

Network security problems become more and more serious with the increase of the number of vulnerabilities.Many enterprises are attacked by hackers,and the economic losses are difficult to count.The reason is that the vast majority of users lack an effective workflow for vulnerability discovery and verification,and are unable to regularly evaluate vulnerabilities in the software.An effective solution is to use directed fuzzing to try to find the input that triggers the vulnerability,so as to find and verify the vulnerability.At present,AFLGo is a mature directed fuzzing tool,but it has some problems.First,AFLGo places the newly added seeds at the end of the queue and takes the seeds from the queue in sequence.This method can not select more valuable seeds according to the relevant information of the tested program,and waste a lot of time on meaningless seeds,making the fuzzy efficiency low.Second,AFLGo adopts an equal mutation method for each byte in the seed file.The bytes in the seed file are not equivalent,and their contributions to the directed ambiguity test are different.The same mutation method will waste a lot of time on unimportant bytes,and the blur efficiency will be greatly reduced with the increase of seed file size.To solve the above problems,this paper improves the efficiency of vulnerability verification by improving the directed fuzzing technology.The main work of this paper is as follows.(1)A seed selection strategy and mutation strategy based on fusion probability and distance are proposed.In the "exploration" stage,the probability based seed selection strategy and path sensitive seed mutation strategy are adopted to improve the coverage;In the "utilization" stage,distance based seed selection strategy and distance sensitive seed mutation strategy are adopted to improve the orientation speed.(2)Implement the oriented fuzzy testing tool DSFuzz for vulnerability verification.On the basis of AFLGo,combined with the seed selection and mutation strategy proposed in this paper,a vulnerability verification oriented oriented fuzzy test prototype system DSFuzz is implemented,which includes the calculation of basic block probability,pile insertion,seed selection and mutation strategy.(3)The validity of DSFuzz tool is verified by experiments.Through comparative experiments with AFL and AFLGo tools,the coverage,orientation,vulnerability mining and vulnerability verification capabilities of DSFuzz tools are evaluated.In this paper,the implementation system DSFuzz can effectively improve the coverage and orientation ability of directed fuzzing,and can verify the vulnerabilities in the tested program.