SymFuzz:一种复杂路径条件下的漏洞检测技术

当前漏洞检测技术可以实现对小规模程序的快速检测,但对大型或路径条件复杂的程序进行检测时其效率低下.为实现复杂路径条件下的漏洞快速检测,文中提出了一种复杂路径条件下的漏洞检测技术SymFuzz.SymFuzz将导向式模糊测试技术与选择符号执行技术相结合,通过导向式模糊测试技术对程序路径进行过滤,利用选择符号执行技术对可能...

SymFuzz:Vulnerability Detection Technology Under Complex Path Conditions

The current vulnerability detection technology can realize the rapid detection of small-scale programs,but it is inefficient when performing vulnerability detection on programs with large or complex path conditions.In order to achieve a rapid detection of vulnerabilities under complex path conditions,this paper proposes a vulnerability detection technology SymFuzz under complex path conditions.SymFuzz combines guided fuzzing technology and selected symbolic execution technology,filters program paths through guided fuzzing technology,and uses selected symbolic execution technology to solve paths that may trigger vulnerabilities.This technology first obtains program vulnerability information through static analysis.Then it uses guided fuzzy test technology to quickly generate test cases that can cover the vulnerability function.Finally,it executes symbolic execution on the path that can trigger the vulnerability within the vulnerability function to generate a test case that triggers the program vulnerability.This paper implements the prototype system of SymFuzz based on open source projects such as AFL and S2E.The comparison experiments show that SymFuzz significantly improves the effectiveness of vulnerability detection under complex path conditions compared with existing fuzzy testing techniques.