Research And Implementation Of Path Sensitive Fuzzing Technology Based On Edge Coverage

As the Internet develops so quickly,people in our modern society can’t leave the software and systems.Nevertheless,due to the rapid iterative updates that may generate many security holes,many network attackers and hackers frequently use security holes to conduct malicious attacks.These The number of vulnerabilities,the degree and type of damage,and the scope of impact all show a trend of worsening year by year.It can be seen that the reliability and robustness of complex software and systems in the current environment are issues that we should focus on,because this is not only related to our personal privacy and information security,but also to the whole society and even some important areas of the country.Such as national defense technology,space flight technology has a significant impact.Crashes and vulnerabilities might cause the security problems in software and systems,and fuzzing test proved to find them effectively.We detect some programs by providing some random or carefully constructed data to the target system or program through a fuzzing tool,that is,a fuzzer.In order to deal with the increasingly complex software and network environment,the research and optimization of fuzzing technology has become a very meaningful research topic.Aiming at the problems of missing edge coverage and unable to touch complex branch paths in the existing fuzzing test technology,this paper optimizes and changes the efficiency and accuracy of fuzzing test.The main research and work results are as follows:(1)Aiming at the problem that the existing fuzzing test cannot touch the more complex branch path,this paper investigates a large number of materials,focuses on the two technologies of dynamic symbolic execution and fuzzing test,and effectively combines them.Before the fuzzing test process starts,dynamic symbolic execution is used to increase the generation of test cases,so that test cases can be executed and cover deeper paths,It can also cover branches with complex conditions.(2)Aiming at the problem of missing edge coverage in the existing fuzzing technology,this paper focuses on the mutation stage of the seed,and combines the particle swarm optimization algorithm to optimize the probability distribution of each mutation operator to improve the quality of test cases after mutation,so that it can cover more edges of the program.(3)This paper investigates the mainstream fuzzing test framework AFL(American Fuzzy Lop),in the process of fuzzing test,from the perspective of how to select the next seed,from the execution time,the size of the seed,and whether it can trigger a new path as a consideration index,it is decided whether to set the seed as interesting and put it into the seed pool for the next loop to effectively improve the edge coverage.And in order to avoid invalid mutation,a seed energy allocation strategy is proposed to speed up the execution of fuzzing.(4)Finally,based on the research content of this paper,the optimized fuzzing test tool FuzzHunter is realized,and the visual system interface is built to complete the front and back-end interaction and visualization,which is convenient for the operation of the overall process of fuzzing test.In this paper,a comparative experiment is carried out on the classic data set LAVA-M.FuzzHunter has higher edge coverage and faster execution speed,and can find more vulnerabilities,which proves the effectiveness of the work done in this paper.