A novel memory usage guided fuzzing based on particle swarm optimization

IF 8.2 1区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Swarm and Evolutionary Computation Pub Date : 2024-10-17 DOI:10.1016/j.swevo.2024.101747

Shengran Wang , Jinfu Chen , Jianming Zhang , Saihua Cai , Wen Zhang , Jian Sun

{"title":"A novel memory usage guided fuzzing based on particle swarm optimization","authors":"Shengran Wang , Jinfu Chen , Jianming Zhang , Saihua Cai , Wen Zhang , Jian Sun","doi":"10.1016/j.swevo.2024.101747","DOIUrl":null,"url":null,"abstract":"<div><div>Fuzzing has become the focus of research in the field of software testing due to its advantages such as simple testing process, easy deployment, and easy reproduction of crashes. However, fuzzing also suffers from the disadvantages of poor test purpose and invalid generated seeds. To solve the above problems, researchers proposed the Memory Usage Guided Fuzzing (MUGF). To further optimize the performance of MUGF, this paper proposes a fuzzing method named Memory Usage Guided Fuzzing based on Particle Swarm Optimization (MUGF-PSO). MUGF-PSO will guide the selection of mutation operators for subsequent testing by learning the effectiveness of each mutation operators during previous testing. Specifically, MUGF-PSO regards each mutation operator as a particle in the particle swarm optimization algorithm, and the coverage change is regarded as an important factor to evaluate the seed’s local and global best position. In addition, the efficient selection probability distribution of mutation operator is constantly iteratively searched to make the MUGF tends to select the mutation operator that is more able to trigger new coverage. Furthermore, the MUGF-PSO is integrated into MemLock developed by MUGF, that is, MemLock-PSO is developed. We conduct a comparison experiment with 5 fuzzers (including AFL, MemLock, EcoFuzz, HavocMAB and Darwin), and the results show that MemLock-PSO is able to find more paths and crashes in 12 widely used program with different functions from 10 tools, with a significant gap of around 12 h. Meanwhile, the MemLock-PSO have a significant difference in the number of paths and crashes compared to other fuzzers with a good stability. Our work also proves the remarkable significance of applying swarm intelligence optimization algorithms in fuzzing in order to solve the problem of selection of mutation operators.</div></div>","PeriodicalId":48682,"journal":{"name":"Swarm and Evolutionary Computation","volume":"91 ","pages":"Article 101747"},"PeriodicalIF":8.2000,"publicationDate":"2024-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Swarm and Evolutionary Computation","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2210650224002852","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Fuzzing has become the focus of research in the field of software testing due to its advantages such as simple testing process, easy deployment, and easy reproduction of crashes. However, fuzzing also suffers from the disadvantages of poor test purpose and invalid generated seeds. To solve the above problems, researchers proposed the Memory Usage Guided Fuzzing (MUGF). To further optimize the performance of MUGF, this paper proposes a fuzzing method named Memory Usage Guided Fuzzing based on Particle Swarm Optimization (MUGF-PSO). MUGF-PSO will guide the selection of mutation operators for subsequent testing by learning the effectiveness of each mutation operators during previous testing. Specifically, MUGF-PSO regards each mutation operator as a particle in the particle swarm optimization algorithm, and the coverage change is regarded as an important factor to evaluate the seed’s local and global best position. In addition, the efficient selection probability distribution of mutation operator is constantly iteratively searched to make the MUGF tends to select the mutation operator that is more able to trigger new coverage. Furthermore, the MUGF-PSO is integrated into MemLock developed by MUGF, that is, MemLock-PSO is developed. We conduct a comparison experiment with 5 fuzzers (including AFL, MemLock, EcoFuzz, HavocMAB and Darwin), and the results show that MemLock-PSO is able to find more paths and crashes in 12 widely used program with different functions from 10 tools, with a significant gap of around 12 h. Meanwhile, the MemLock-PSO have a significant difference in the number of paths and crashes compared to other fuzzers with a good stability. Our work also proves the remarkable significance of applying swarm intelligence optimization algorithms in fuzzing in order to solve the problem of selection of mutation operators.

查看原文本刊更多论文

基于粒子群优化的新型内存使用引导模糊算法

模糊测试具有测试过程简单、易于部署和易于重现崩溃等优点，因此已成为软件测试领域的研究重点。然而，模糊测试也存在测试目的性不强、生成的种子无效等缺点。为了解决上述问题，研究人员提出了内存使用引导模糊（MUGF）。为了进一步优化 MUGF 的性能，本文提出了一种模糊方法，名为基于粒子群优化的内存使用指导模糊（MUGF-PSO）。MUGF-PSO 将通过学习每个突变算子在之前测试中的有效性，指导后续测试中突变算子的选择。具体来说，MUGF-PSO 将每个突变算子视为粒子群优化算法中的一个粒子，并将覆盖率变化视为评估种子局部和全局最佳位置的一个重要因素。此外，不断迭代搜索突变算子的有效选择概率分布，使 MUGF 更倾向于选择更能触发新覆盖的突变算子。此外，MUGF-PSO 还与 MUGF 开发的 MemLock 集成，即 MemLock-PSO。我们与 5 个模糊器（包括 AFL、MemLock、EcoFuzz、HavocMAB 和 Darwin）进行了对比实验，结果表明 MemLock-PSO 能够在 10 个工具的 12 个广泛使用的不同功能的程序中发现更多的路径和崩溃，差距显著，约为 12 小时。我们的工作还证明了将群智能优化算法应用于模糊处理以解决突变算子选择问题的重要意义。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Swarm and Evolutionary Computation COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCEC-COMPUTER SCIENCE, THEORY & METHODS

CiteScore

16.00

自引率

12.00%

发文量

169

期刊介绍： Swarm and Evolutionary Computation is a pioneering peer-reviewed journal focused on the latest research and advancements in nature-inspired intelligent computation using swarm and evolutionary algorithms. It covers theoretical, experimental, and practical aspects of these paradigms and their hybrids, promoting interdisciplinary research. The journal prioritizes the publication of high-quality, original articles that push the boundaries of evolutionary computation and swarm intelligence. Additionally, it welcomes survey papers on current topics and novel applications. Topics of interest include but are not limited to: Genetic Algorithms, and Genetic Programming, Evolution Strategies, and Evolutionary Programming, Differential Evolution, Artificial Immune Systems, Particle Swarms, Ant Colony, Bacterial Foraging, Artificial Bees, Fireflies Algorithm, Harmony Search, Artificial Life, Digital Organisms, Estimation of Distribution Algorithms, Stochastic Diffusion Search, Quantum Computing, Nano Computing, Membrane Computing, Human-centric Computing, Hybridization of Algorithms, Memetic Computing, Autonomic Computing, Self-organizing systems, Combinatorial, Discrete, Binary, Constrained, Multi-objective, Multi-modal, Dynamic, and Large-scale Optimization.