| With the development of the Internet of Things and the increasingly severe network security environment,as an important gateway device,the security research and automatic vulnerability mining of wireless routers have become a major work for researchers.As a popular mining method in the industry,fuzzing has high practical value.However,the existing fuzzing for wireless router firmware has many problems and is inefficient.Based on the above background,this paper proposes a distributed fuzzing system based on data boundary segmentation and guided by Deep Reinforcement Learning.This system improves the efficiency of fuzzing of wireless router firmware programs from three aspects.Firstly,the hardware dependency repair technology for router firmware programs based on hardware interaction data is used to achieve a firmware simulation environment that is independent of hardware and reduces the loss of state space;Secondly,through data boundary segmentation technology,it is ensured that the deep reinforcement learning model obtains the maximum code coverage reward while generating samples that meet the format required by the tested program,reducing the exploration of invalid sample space;Finally,a distributed fuzzing framework based on multi queue sample pool structure and linear prediction is used to utilize the blank time slice caused by the communication between the tested program environment and the fuzzing terminal.Based on the above three aspects,we can jointly improve the efficiency of fuzzing.This paper designs and implements the proposed system,and through a series of comparative experiments which based on Fuzzer-Test-Suite test set and real programs and router firmware programs,it shows that the system proposed in this paper has higher code coverage and test efficiency than the traditional wireless router firmware program fuzzing system,which preliminarily verifies the feasibility and efficiency of the proposed system. |
PDF Full Text Request