Research On Vulnerability Discovery Technology Based On Heap Memory Consumption

Today,the complexity of software programs continues to increase.The method of manually discovering vulnerabilities has gradually become unsuitable.After years of development,automated vulnerability discovery has gradually matured.Fuzzing has achieved good results in the field of vulnerability discovery and has provided a great contribution to software security.However,many existing fuzzing techniques are non-guided methods,which have defects in efficiency.Although there are guided vulnerability discovery solutions,the discovery of heap memory consumption vulnerabilities is not ideal.In order to solve the problem of heap memory consumption guided automated vulnerability discovery while taking into account system overhead and efficiency,this paper proposes a heap memory consumption guided vulnerability discovery model called Mem Con Fuzz.The main strategy of the proposed model is to be requirements–oriented,extract specific vulnerability features according to the requirements,and use the features to locate the code area through static analysis to get the potential vulnerability locations.At the same time,the potential vulnerability location is instrumented,the runtime tracking strategy is implemented in the fuzzy test process,and the path coverage information,the allocated memory information and the data dependency information are tracked.In this paper,a new seed priority selection strategy is proposed,which preferentially selects seeds that can cover more vulnerability features,which can effectively improve the efficiency of vulnerability discovery based on heap memory consumption.Based on the proposed model,this paper implements a heap memory consumption guided vulnerability discovery prototype system Heap Mem Fuzzer.This paper selects popular large-scale open source programs including jasper,readelf and openjpeg as test dataset.Experimental results show that Heap Mem Fuzzer has certain advantages in the number and time of discovering heap memory consumption vulnerabilities compared with the the state-of-the-art fuzzing systems AFL,Mem Lock and Perf Fuzz.At the same time,it also proves the effectiveness of the heap memory consumption guided vulnerability discovery model.