Research And Implementation Of Mutation And Scheduling Strategy For Directed Fuzzing

With the continuous development of the software and internet industries,program vulnerabilities and security issues are constantly emerging,making manual screening and vulnerability mining increasingly difficult.Fuzz testing,as an automated testing method,can effectively help software developers find security risks in programs.However,the increasing complexity of the programs leads to an increase in fuzz testing time.Therefore,directed fuzzing technology that can set target points in programs,guide test case variation,and more efficiently and purposefully mine specific program areas has been widely studied.However,the shortcomings in the test case selection,power calculation,and test case scheduling in existing directed fuzzing often lead to a decrease in the efficiency of directed mutation and vulnerability discovery.This paper explains these issues and proposes solutions as follows:1.In terms of test case selection and power calculation,this paper proposes an adaptive mutation strategy.Directed fuzzing often follow the selection conditions used in undirected fuzz testing,lacking consideration of directed factors.When calculating power,the annealing time of the simulated annealing algorithm needs to be set manually by the user,and many complex factors need to be considered,it is very difficult to set a reasonable time.Therefore,in the adaptive mutation strategy,which enriches test case selection,optimizes power calculation,and improves the ability of directed mutation by test case selection algorithm,power priority algorithm,and annealing factor selection algorithm,and improve the overall quality of test cases.2.In terms of test case scheduling,this paper proposes a deviation domain strategy.Since the test case backlog will lead to many valuable test cases not being executed and mutated.Therefore,in the deviation domain strategy,which selects,adjusts,and expands high-quality test cases from the test case queue for mutation,and improves the efficiency of vulnerability mining in the program while solving the problem of test case backlog.3.In response to the shortcomings of existing directed fuzzing in mutation and scheduling,this paper combines adaptive mutation strategy and deviation domain strategy,and based on AFLGO,developed the directed fuzzing system D_AFLGO.Experiments on test case distance distribution,test case quantity,crash discovery ability,and coverage were conducted on multiple programs using D_AFLGO,which showed that D_AFLGO has higher overall quality of generated test cases and more efficient in mining program vulnerabilities than AFLGO.