模糊测试中基于神经网络的敏感区域预测算法研究

张羿辰; 赵磊; 金银山

引用本文：

张羿辰,赵磊,金银山.模糊测试中基于神经网络的敏感区域预测算法研究[J].信息安全学报,2020,5(1):10-19 [点击复制]
ZHANG Yichen,ZHAO Lei,JIN Yinshan.Sensitive Region Prediction based on Neural Network in Fuzzy Test Algorithm Research[J].Journal of Cyber Security,2020,5(1):10-19 [点击复制]

本文已被：浏览 5316次下载 4040次	码上扫一扫！
模糊测试中基于神经网络的敏感区域预测算法研究
张羿辰^1,2, 赵磊^1,2, 金银山^1,2
0 字体:加大+\|默认\|缩小-
(1.武汉大学国家网络安全学院武汉中国 430072;2.武汉大学空天信息安全与可信计算教育部重点实验室武汉中国 430072)

摘要:

软件漏洞是造成计算机安全问题的根本原因，模糊测试技术由于其易扩展，高效的特性，是目前主流的漏洞检测技术之一。然而以往的模糊测试技术存在着对识别高结构样本失效以及盲变异效率低下的问题。针对这些问题，本文提出了基于神经网络的敏感区域预测的模糊测试方法。该方法以输入文件的某些区域的极小改变会引起程序行为较大改变的现象为出发点，引入了敏感区域概念，并引入了能够学习总结数据特征的神经网络方法检测敏感区域。在检测敏感区域的基础上，本文引入了增量学习策略，进行了变异策略的优化，使检测效率以及检测深度有更多提升。为了验证提出方法的有效性，本研究在三种热门格式文件PNG、TIFF、XML的处理软件上进行了实验，在模糊测试覆盖率上取得了8%~20%的提升，从而验证了本文方法的有效性和可行性。

关键词: 软件漏洞模糊测试敏感区域神经网络

DOI：10.19363/J.cnki.cn10-1380/tn.2020.01.02

投稿时间：2019-09-05修订日期：2019-11-26

基金项目:本课题得到国家自然科学基金（No.61672394）资助。

Sensitive Region Prediction based on Neural Network in Fuzzy Test Algorithm Research

ZHANG Yichen^1,2, ZHAO Lei^1,2, JIN Yinshan^1,2

(1.School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China;2.Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education, Wuhan University, Wuhan 430072 China)

Abstract:

Software vulnerabilities are the root cause of computer security problems. Due to highly efficiency and easy expansion, fuzzy test becomes the most widely used vulnerabilities detection technology. However, previous fuzzy test technology can not deal with highly-structed problems, and has low efficiency on blinding mutation. For these problems, this paper proposes a fuzzy test algorithm based on sensitive region prediction via Neural Network. This method takes the phenomenon of small changing of some regions causing great change on software behavior as starting point. We use the conception of sensitive region and use Neural Network which has great performance on learning data features to detect these regions. After sensitive region detection, this paper uses enhanced learning strategy and optimizes the mutation strategy which improve efficiency and depth of detection. In order to verify the validity of the proposed method, this study was conducted on the programs dealing with three widely used format file as PNG, TIFF and XML, and itshows 8%~20% improvement on fuzzing test coverage which verifies the validity and feasibility of proposed method.

Key words: software vulnerability fuzzy test sensitive region neural network