| With the advent of the software era,the combination of software and various fields becomes more closely.However,as the software architecture becomes more and more complex,the security problems in the software field become more serious.In order to further improve software quality and maintain software security,researchers are committed to the study of a variety of software testing techniques,such as Fuzzing.Fuzzing has become the focus of research in the field of software testing because of its advantages such as simple testing process,easy deployment and easy recurrence of crashes.However,Fuzzing also has some disadvantages,such as poor test purpose and ineffective seed generation.To solve these problems,researchers proposed Coverage-guided Greybox Fuzzing(CGF)and Memory Usage Guided Fuzzing(MUGF).In order to further optimize the performance of the two methods,a fuzzing seed schedule method based on particle swarm optimization and multi-factor optimization is proposed to optimize the two methods respectively.Specifically,the main work of this thesis is described as follows:(1)Aiming at the problem that it is difficult for the power schedule based on CGF to use the code complexity information experienced in the process of seed execution to guide seed energy allocation and thus limit coverage improvement,A Coverage-guided Greybox Fuzzing based on Multifactorial Power Schedule(CGF-MPS)is proposed in this thesis.The concept of time complexity is firstly introduced to help CGF understand the complexity of code experienced in the process of seed execution,and a time complexity power schedule is proposed to collect the time complexity information generated in the process of seed execution,and then help CGF power schedule to allocate the energy required by seeds.Then,the CGF-MPS is proposed to integrate the existing optimization methods of CGF with the time complexity power schedule so as to jointly improve the efficiency of fuzzing.In order to verify the effectiveness of CGF-MPS,three advanced fuzzers are integrated in this thesis,and eight programs with different functions and wide applications are tested.The experimental results showed that both the number of paths and the number of crash triggers increased to a certain extent,and a significant gap opened in about 12 hours.(2)Aiming at the problem that random selection of mutation operator in MUGF leads to limited efficiency improvement of fuzzing,Memory Usage Guided Fuzzing based on Particle Swarm Optimization(MUGF-PSO)is proposed in this thesis.MUGF-PSO help MUGF learn the effectiveness of mutation operator(the ability to generate new seeds and trigger new coverage after mutation operator selection),so as to improve MUGF’s testing ability.Each mutation operator is regarded as a particle in the particle swarm optimization algorithm,and the coverage change is regarded as an important factor to evaluate the seed’s local and global optimal position,and the efficient selection probability distribution of mutation operator is constantly iteratively searched,so that MUGF tends to select the mutation operator that is more able to trigger new coverage.In addition,MUGF-PSO is integrated into Mem Lock developed by MUGF,that is,Memlock-PSO is developed,and a comparison experiment is conduct with Mem Lock.The results showed that Mem Lock-PSO was able to find more paths and crashes in10 widely used program with different features from 11 tools,with a significant gap of around12 hours.(3)In order to realize the automatic testing function of the two optimization strategies and verify the effectiveness of the two optimization strategies,a fuzzing optimization prototype system,FUZZ-SY,was designed and implemented.The prototype system includes target program building module,multi-factor optimization power schedule module,particle swarm optimization mutation schedule module and experimental analysis module... |
PDF Full Text Request