基于函数调用深度的AFL改进

2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP) Pub Date : 2021-12-17 DOI:10.1109/ICCWAMTIP53232.2021.9674138

Tiankai Li, Jian-Pin Li, Xi He

{"title":"基于函数调用深度的AFL改进","authors":"Tiankai Li, Jian-Pin Li, Xi He","doi":"10.1109/ICCWAMTIP53232.2021.9674138","DOIUrl":null,"url":null,"abstract":"Fuzzing is a technology that can automatically discover the vulnerabilities of the target program. It generates test cases from the seeds and runs the target program, monitors the abnormal behavior of the target program, and then discovers test samples that can trigger the vulnerabilities. As one of the cornerstones of the fuzzing field, American Fuzzy Lop (AFL) has been widely studied by industry and academia because of its high efficiency and strong practicability. After an in-depth study of AFL and its improved version AFLFast, it is found that gray-box fuzzing tools represented by AFL are more concerned with edge coverage and do not use function call depth as one of the indicators. This paper introduces the function call depth as one of the coverage indicators, optimizes the non-deterministic mutation stage of AFL, and developed a demo deepAFL. Experiments are carried out on the LAVA-M test set. The results show that the effectiveness of seeds and the efficiency of fuzzing are improved.","PeriodicalId":358772,"journal":{"name":"2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"An Improvement of AFL Based On The Function Call Depth\",\"authors\":\"Tiankai Li, Jian-Pin Li, Xi He\",\"doi\":\"10.1109/ICCWAMTIP53232.2021.9674138\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Fuzzing is a technology that can automatically discover the vulnerabilities of the target program. It generates test cases from the seeds and runs the target program, monitors the abnormal behavior of the target program, and then discovers test samples that can trigger the vulnerabilities. As one of the cornerstones of the fuzzing field, American Fuzzy Lop (AFL) has been widely studied by industry and academia because of its high efficiency and strong practicability. After an in-depth study of AFL and its improved version AFLFast, it is found that gray-box fuzzing tools represented by AFL are more concerned with edge coverage and do not use function call depth as one of the indicators. This paper introduces the function call depth as one of the coverage indicators, optimizes the non-deterministic mutation stage of AFL, and developed a demo deepAFL. Experiments are carried out on the LAVA-M test set. The results show that the effectiveness of seeds and the efficiency of fuzzing are improved.\",\"PeriodicalId\":358772,\"journal\":{\"name\":\"2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)\",\"volume\":\"51 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCWAMTIP53232.2021.9674138\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCWAMTIP53232.2021.9674138","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

模糊测试是一种能够自动发现目标程序漏洞的技术。它从种子生成测试用例并运行目标程序，监视目标程序的异常行为，然后发现可以触发漏洞的测试样本。作为模糊测量领域的奠基石之一，美国Fuzzy Lop (AFL)以其高效率和较强的实用性得到了工业界和学术界的广泛研究。通过对AFL及其改进版本AFLFast的深入研究，发现以AFL为代表的灰盒模糊工具更关注边缘覆盖率，而没有将函数调用深度作为指标之一。本文引入函数调用深度作为覆盖指标之一，对AFL的不确定性突变阶段进行了优化，并开发了一个deepAFL演示。在LAVA-M试验台上进行了实验。结果表明，该方法提高了种子的有效性和模糊处理的效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Improvement of AFL Based On The Function Call Depth

Fuzzing is a technology that can automatically discover the vulnerabilities of the target program. It generates test cases from the seeds and runs the target program, monitors the abnormal behavior of the target program, and then discovers test samples that can trigger the vulnerabilities. As one of the cornerstones of the fuzzing field, American Fuzzy Lop (AFL) has been widely studied by industry and academia because of its high efficiency and strong practicability. After an in-depth study of AFL and its improved version AFLFast, it is found that gray-box fuzzing tools represented by AFL are more concerned with edge coverage and do not use function call depth as one of the indicators. This paper introduces the function call depth as one of the coverage indicators, optimizes the non-deterministic mutation stage of AFL, and developed a demo deepAFL. Experiments are carried out on the LAVA-M test set. The results show that the effectiveness of seeds and the efficiency of fuzzing are improved.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2021 18th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP)

自引率

0.00%

发文量