{"title":"用于输入解析程序的定向模糊器","authors":"Yubo He, Long Liu","doi":"10.1117/12.2682585","DOIUrl":null,"url":null,"abstract":"Directed greybox fuzzing aims to test specific code and has made many advances in several areas. However, most vulnerabilities of input parsing programs are triggered in the particular state of the program, so existing directed greybox fuzzing works face path explosion problem when they fuzz the input parsing program and need more ability to explore the particular state of the program. To address the above problem, we propose a call-relationship-based fitness function. The main idea is to use the function call relationship to guide directed fuzzing before reaching the target. Call-relationship-based fitness function extracts the function calls and call relationship from the program, uses an intra-procedural reachability analysis to get all concerned edges, and constructs the fitness function based on the edges. Based on the above method, we implemented the directed greybox fuzzing IPDF and evaluated it with the mainstream directed greybox fuzzers Beacon and AFLGo on real-world programs. Evaluation of IPDF showed that IPDF found vulnerabilities faster than the state-of-the-art directed greybox fuzzers. The experimental results showed that the speed of MDGF is 3.01 times faster than that of AFLGo and 1.15 times faster than Beacon.","PeriodicalId":177416,"journal":{"name":"Conference on Electronic Information Engineering and Data Processing","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"IPDF: directed fuzzer for input parsing program\",\"authors\":\"Yubo He, Long Liu\",\"doi\":\"10.1117/12.2682585\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Directed greybox fuzzing aims to test specific code and has made many advances in several areas. However, most vulnerabilities of input parsing programs are triggered in the particular state of the program, so existing directed greybox fuzzing works face path explosion problem when they fuzz the input parsing program and need more ability to explore the particular state of the program. To address the above problem, we propose a call-relationship-based fitness function. The main idea is to use the function call relationship to guide directed fuzzing before reaching the target. Call-relationship-based fitness function extracts the function calls and call relationship from the program, uses an intra-procedural reachability analysis to get all concerned edges, and constructs the fitness function based on the edges. Based on the above method, we implemented the directed greybox fuzzing IPDF and evaluated it with the mainstream directed greybox fuzzers Beacon and AFLGo on real-world programs. Evaluation of IPDF showed that IPDF found vulnerabilities faster than the state-of-the-art directed greybox fuzzers. The experimental results showed that the speed of MDGF is 3.01 times faster than that of AFLGo and 1.15 times faster than Beacon.\",\"PeriodicalId\":177416,\"journal\":{\"name\":\"Conference on Electronic Information Engineering and Data Processing\",\"volume\":\"31 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Conference on Electronic Information Engineering and Data Processing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1117/12.2682585\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Conference on Electronic Information Engineering and Data Processing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1117/12.2682585","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Directed greybox fuzzing aims to test specific code and has made many advances in several areas. However, most vulnerabilities of input parsing programs are triggered in the particular state of the program, so existing directed greybox fuzzing works face path explosion problem when they fuzz the input parsing program and need more ability to explore the particular state of the program. To address the above problem, we propose a call-relationship-based fitness function. The main idea is to use the function call relationship to guide directed fuzzing before reaching the target. Call-relationship-based fitness function extracts the function calls and call relationship from the program, uses an intra-procedural reachability analysis to get all concerned edges, and constructs the fitness function based on the edges. Based on the above method, we implemented the directed greybox fuzzing IPDF and evaluated it with the mainstream directed greybox fuzzers Beacon and AFLGo on real-world programs. Evaluation of IPDF showed that IPDF found vulnerabilities faster than the state-of-the-art directed greybox fuzzers. The experimental results showed that the speed of MDGF is 3.01 times faster than that of AFLGo and 1.15 times faster than Beacon.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
