Software vulnerability analysis method of variant multi-dimensional input based on Fuzzing technology

An analysis method and vulnerability technology, applied in the field of software vulnerability analysis, which can solve problems such as combinatorial explosion

Inactive Publication Date: 2010-12-29
中国人民解放军总参谋部第五十四研究所
View PDF2 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The current knowledge-based Fuzzing technology can only implement one-dimensional mutation operation, that is, it can only implement mutation operation on a single input element at a time, that is, it can only implement mutation operation on a single input element at a time and then generate test cases, because if multi-dimensional Muta

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software vulnerability analysis method of variant multi-dimensional input based on Fuzzing technology
  • Software vulnerability analysis method of variant multi-dimensional input based on Fuzzing technology

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The present invention will be described in detail below in conjunction with the accompanying drawings and embodiments.

[0023] The software vulnerability analysis method based on fuzzing technology with variable multi-dimensional input is realized through the following main modules: scheduling engine, XFuzzing tool module, program analyzer module (Program Analyzer), data mapping module (Data Mapper) and GAMutator operator. The overall frame diagram of the software vulnerability analysis method based on fuzzing technology and variable multi-dimensional input is as follows figure 1 As shown, the program analysis module, data mapping module, GAMutator, and program monitoring module all communicate through the database, and there is a one-to-many relationship between the engine and the agent, so that the Fuzzing test can be performed on the target program concurrently, thereby improving the accuracy of the Fuzzing test. efficiency.

[0024] The scheduling engine is respon...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a software vulnerability analysis method of variant multi-dimensional input based on a Fuzzing technology, which belongs to the field of software testing. The method comprises the following steps of: firstly determining the position of an unsafe function, then establishing the influence relation between an input element and the unsafe function, and finally varying the software vulnerability in the triggering program of the corresponding input element. The invention can be used for analyzing the software vulnerability unanalyzed by the current Fuzzing technology without causing combinatorial explosion.

Description

Technical field [0001] The invention involves a software vulnerability analysis method, especially a software vulnerability analysis method based on multi -dimensional inputs based on Fuzzing technology. Background technique [0002] From 1989 to early 2002, the Fuzzing technology is essentially random testing technology. Most of the test data is randomly generated malformation data. Random testing technology is difficult to in -depth testing software, and there is no higher code coverage.EssenceIn order to improve software vulnerability analysis capabilities, the Fuzzing test shows two different development directions: knowledge -based Fuzzing technology and FUZZING technology based on software testing technology.In 2002, for the first time, the knowledge and agreement knowledge of the file format were proposed into the structure of the FUZZZING technology test case, which greatly improved the effectiveness of the Fuzzing test case. The tools developed by SPIKE found many unknow...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/36
Inventor 郭世泽孙乐昌肖奇学吴志勇牛伟戴卫国陈衍玲陈果于璐王啸天沈玮甄涛
Owner 中国人民解放军总参谋部第五十四研究所
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap