CN110162472A - A kind of method for generating test case based on fuzzing test - Google Patents
A kind of method for generating test case based on fuzzing test Download PDFInfo
- Publication number
- CN110162472A CN110162472A CN201910378248.4A CN201910378248A CN110162472A CN 110162472 A CN110162472 A CN 110162472A CN 201910378248 A CN201910378248 A CN 201910378248A CN 110162472 A CN110162472 A CN 110162472A
- Authority
- CN
- China
- Prior art keywords
- test sample
- test
- tested program
- sample
- generation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3684—Test management for test design, e.g. generating new test cases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3692—Test management for test results analysis
Abstract
The present invention provides a kind of method for generating test case based on fuzzing test, it mainly include six steps, present invention is mainly applied to be as a file format the bug excavation of the software of input, pitching pile is carried out to tested program that is, the case where realizing record tested program operation branch;Meanwhile the result of operation can judge according to the return parameters of kernel, and the generation of test sample is instructed using the execution route of program.Pass through the metadata and data in bit flipping distinguishing tests sample, the subsequent mutation operation of different probability is carried out to metadata and data, avoid the test of a large amount of useless samples, reduce system resource overhead, improve the speed of fuzzing test, to promote discovering software vulnerabilities performance, bug excavation more efficiently is carried out to application software such as office software and browsers.
Description
Technical field
The present invention relates to computer information safety technique field, specifically a kind of test case based on fuzzing test
Generation method.
Background technique
Application software on computer or smart machine has been a part of our daily lifes, is widely used in religion
It educates, in economy, national defence etc. field, such as web browser, player, Document processing software that people are commonly used.But
Since software can there is a problem of in some functional, safeties in the process in design, and software vulnerability is generally existing
's.It is shown according to domestic authoritative institution national information security breaches shared platform (CNVD) data statistics, software vulnerability quantity
In growth state.
Since the loophole in software is easy to be utilized by attacker, moreover, new loophole is taken from being published to be utilized now
Between it is also shorter and shorter, may greatly be brought to user the problem of can not expecting.Therefore, discovering software vulnerabilities and precognition software leakage
The relevant issues such as hole, for promoting user experience, guaranteeing that user network secure context is of great significance.
There are the methods of static analysis, dynamic analysis, fuzzing now for the major technique of discovering software vulnerabilities.It is static
Analysis mainly in the case where not allowing program to run, passes through morphological analysis, syntactic analysis, control stream, data analysis stream etc.
Technology analyzes code, and Validation Code whether there is defect.Dynamic analysis are by the shape in observation program operation process
State, such as content of registers, function implementing result, memory service condition, analytic function function, code logic etc., excavating may
Existing loophole.The essence of Fuzzing technology is a kind of random test thought, is tested tested software program stochastic inputs
Sample, while the operating condition of monitoring of software carries out potential loophole in excavation program.
Theoretically, in fuzzing test, if all possible input can be traversed, centainly it can be found that in software
Potential loophole, but impossible all inputs of exhaustion in reality, therefore the generation high degree of random test sample determines
Fuzzing test tests sample as a result, still blindly generating in fuzzing test, there is a large amount of invalid test case
Problem reduces the performance of fuzzing test.
Summary of the invention
It is an object of that present invention to provide a kind of method for generating test case based on fuzzing test, to solve fuzzing
The problem of test sample is blindly generated in test.
To reach above-mentioned purpose, the following technical solutions are proposed by the present invention:
A kind of method for generating test case based on fuzzing test, comprising the following steps:
Step 1: pitching pile being carried out to tested program, each basic block in tested program is marked by random number;
Step 2: sample will be tested all test sample is concentrated to be sent into tested program and tested, and with random number scale
Record execution route of each test sample in tested program;
Step 3: filtering out test sample and concentrate optimal test sample, and calculate the test sample in tested program
Optimal test sample is denoted as first generation test sample by the occurrence of execution route;Wherein: the optimal test sample is
Refer to and concentrates the smallest test sample of assessed value by being calculated in test sample;The occurrence refers to each test sample
The numerical value that execution route in tested program obtains after treatment;
Step 4: mutation operation being carried out to first generation test sample, generates new test sample, and by first generation test specimens
Example is concentrated from test sample and is removed;
Step 5: all new test samples being sent into tested program, and record all new test samples with random number
Execution route in tested program, and calculate the specific of execution route of all new test samples in tested program
Value;
Step 6: compare the occurrence of the execution route of first generation test sample and new test sample in tested program,
Second generation test sample is filtered out, test sample is added and concentrates.
Step 7: the test sample concentrated to test sample repeats step 2 to step 6, until newly-generated all test specimens
The execution road of program of the occurrence of execution route of the example in tested program with previous generation test sample in tested program
The occurrence of diameter is identical, stops repeating;Wherein, second generation test is denoted as by the new test sample that first generation test sample generates
Sample is denoted as third generation test sample by the new test sample that second generation test sample generates, and so on.
Code pitching pile technology is used in the step 1, carrys out the basic block in recognizer.When program carries out pitching pile, explanation
A new basic block is detected, at this point, generating mark of the random number as the basic block.To base each in tested program
This block is identified using a random number, for recording execution route of the test sample in tested program.
Basic block refers to the statement sequence that tested program sequence executes, only one entrance of each basic block and one go out
Mouthful, it executes Shi Congqi entrance and enters, exited from its outlet.It is all when basic block can guarantee that program runs to the basic block
Code will be all performed.
Further, in the step 3, the algorithm of the occurrence of execution route of the sample in tested program is tested are as follows:
Use tbIndicate that the first generation tests sample,Indicate tbIn quilt
Execution route in ranging sequence, uses tbIndicate that the first generation tests sample,Indicate tb?
Execution route in tested program represents the occurrence of execution route with key, usesIt indicatesOccurrence,
Wherein, (Pbi< < 1) it indicates PbiOne is moved to left,It indicates PbiAfter moving to left one
Again with Pb(i+1)Exclusive or, i=1,2,3 ..., m.
Work as PbiWhen value difference,Value is just different;Pbi< < 1 is represented PbiOne is moved to left, its object is to areas
That divides tested program executes sequence.
Further, in the step 3 assessed value calculation method are as follows:
P=Etime×Fsize,
Wherein, P indicates assessed value, FsizeIndicate the file size of test sample, EtimeIndicate test sample in tested program
The time of middle test execution, P is smaller, indicates that test sample is more excellent.
Delay due in fuzzing is tested, testing the size of the file of sample and the execution of test sample can shadow
Therefore the speed for ringing fuzzing test utilizes test specimens example file size FsizeWith execution time EtimeProduct P as the sample
The evaluation criteria of example, product is smaller, and test sample is more appropriate for fuzzing test.Therefore selection test sample concentrates P value most
Small test sample is as optimal test sample.
Further, in the step 4 mutation operation the following steps are included:
Step a: first generation test sample is subjected to bit flipping, distinguishes the metadata and data of first generation test sample;
Step b: with different probability to meta-data section and data portion carry out respectively plus and minus calculation, replacement, insertion, with
Machine variation and hinged processing, generate new test sample;Wherein, high to the probability of metadata processing, to the probability of data processing
It is low.
Due to the test sample generated after data portion mutation operation, a possibility that causing program exception very little, so right
Meta-data section carries out subsequent mutation operation with lower probability, so that the generation of invalid new test case is reduced, into
And promote the performance of fuzzing test.
Further, metadata and data method are distinguished in the step a are as follows:
To the first generation test sample each carry out turning operation one by one, if overturning after test sample in tested program
In execution route there is no execution route of the test sample in tested program after variation, or overturning to turn over previous position
Execution route after turning in tested program is identical, then it is assumed that the position belongs to data;
If after execution route and its previous bit flipping of the test sample after overturning in tested program in tested program
Execution route change, then it is assumed that the position belongs to metadata.
Further, the step of second generation test sample is screened in the step 6 is as follows:
Step (1): t is usedbIt indicates that the first generation tests sample, uses Ts={ t1, t2... ti..., tnIndicate tbWhat is generated is all
New test sample
Step (2): from Ts={ t1, t2... ti..., tnSelect a new test sample ti;WithIndicate tbTested
Execution route in program is usedIndicate tiExecution route in tested program calculatesWithOccurrence;
Step (3): compareWithOccurrence, it is right if not identicalWithHash processing is carried out, is then stored,
And new test sample is denoted as second generation test sample, it is added to test sample and concentrates;Conversely, then without any processing;
Step (4): to Ts={ t1, t2... ti..., tnIn remaining new test sample repeat step (2) and step
(3)。
Further, the Hash processing is completed by hash function, specific algorithm are as follows:
Indicate that the occurrence of execution route, n indicate total digit of key with key, i indicates the i-th bit in key.
Further, it is concentrated in test sample, the second generation is denoted as by the new test sample that first generation test sample generates
Sample is tested, the new test sample for having second generation test sample to generate is denoted as third generation test sample, and so on.
The utility model has the advantages that
(1) present invention has carried out one to the bits per inch evidence in test sample when first generation test sample is made a variation
Fixed mutation operation ensure that the diversity for generating test sample, avoids and blindly generates test sample.
(2) the invention proposes the recognition methods of metadata and data, and carry out different probability to metadata and data
Mutation operation solves in fuzzing test there are generations of a large amount of invalid test cases, improves the property that fuzzing is tested
Energy.
It should be appreciated that as long as aforementioned concepts and all combinations additionally conceived described in greater detail below are at this
It can be viewed as a part of the subject matter of the disclosure in the case that the design of sample is not conflicting.
Can be more fully appreciated from the following description in conjunction with attached drawing present invention teach that the foregoing and other aspects, reality
Apply example and feature.The features and/or benefits of other additional aspects such as illustrative embodiments of the invention will be below
Description in it is obvious, or learnt in practice by the specific embodiment instructed according to the present invention.
Detailed description of the invention
Attached drawing is not intended to drawn to scale.In the accompanying drawings, identical or nearly identical group each of is shown in each figure
It can be indicated by the same numeral at part.For clarity, in each figure, not each component part is labeled.
Now, example will be passed through and the embodiments of various aspects of the invention is described in reference to the drawings, in which:
Fig. 1 is system flow chart of the invention;
Fig. 2 is the method for the present invention flow chart;
Fig. 3 is that sample mutation operation flow chart is tested in the present invention;
Fig. 4 is system framework figure of the invention.
Specific embodiment
In order to better understand the technical content of the present invention, special to lift specific embodiment and institute's accompanying drawings is cooperated to be described as follows.
Various aspects with reference to the accompanying drawings to describe the present invention in the disclosure, shown in the drawings of the embodiment of many explanations.
Embodiment disclosed by the invention need not be defined on including all aspects of the invention.It should be appreciated that a variety of designs presented hereinbefore
And embodiment, and those of describe in more detail below design and embodiment can in many ways in any one come
Implement, this is because conception and embodiment disclosed in this invention are not limited to any embodiment.In addition, disclosed by the invention
Some aspects can be used alone, or otherwise any appropriately combined use with disclosed by the invention.
As shown in connection with fig. 1, the present invention proposes a kind of method for generating test case based on fuzzing test, main to apply
In the bug excavation for the software for being as a file format input, operating condition of the sample in tested program is tested by monitoring, into
And it determines the mutation operation carry out to test sample and chosen new test sample.Pitching pile is carried out to tested program, i.e., in quilt
The basic block of ranging sequence is inserted into probe, records tested program operating path, meanwhile, the result of operation can be according to the return of kernel
Parameter judges.
Embodiment 1:
As shown in connection with fig. 2, a kind of method for generating test case based on fuzzing test, comprising the following steps:
Step 1: pitching pile being carried out to tested program, each basic block in tested program is marked by random number;
Step 2: sample will be tested all test sample is concentrated to be sent into tested program and tested, and with random number scale
Record execution route of each test sample in tested program;
Step 3: filtering out test sample and concentrate optimal test sample, and calculate the test sample in tested program
Optimal test sample is denoted as first generation test sample by the occurrence of execution route;Wherein: the optimal test sample is
Refer to and concentrates the smallest test sample of assessed value by being calculated in test sample;The occurrence refers to each test sample
The numerical value that execution route in tested program obtains after treatment;
Step 4: mutation operation being carried out to first generation test sample, generates new test sample, and by first generation test specimens
Example is concentrated from test sample and is removed;
Step 5: all new test samples being sent into tested program, and record all new test samples with random number
Execution route in tested program, and calculate the specific of execution route of all new test samples in tested program
Value;
Step 6: compare the occurrence of the execution route of first generation test sample and new test sample in tested program,
Second generation test sample is filtered out, test sample is added and concentrates.
Step 7: the test sample concentrated to test sample repeats step 2 to step 6, until newly-generated all test specimens
The execution road of program of the occurrence of execution route of the example in tested program with previous generation test sample in tested program
The occurrence of diameter is identical, stops repeating;Wherein, second generation test is denoted as by the new test sample that first generation test sample generates
Sample is denoted as third generation test sample by the new test sample that second generation test sample generates, and so on.
As a kind of technical optimization scheme of the invention, code pitching pile technology is used in the step 1, is come in recognizer
Basic block.When program carries out pitching pile, illustrate to detect a new basic block, at this point, generating a random number as the base
The mark of this block.Basic block each in tested program is identified using a random number, is existed for recording test sample
Execution route in tested program.
Basic block refers to the statement sequence that tested program sequence executes, only one entrance of each basic block and one go out
Mouthful, it executes Shi Congqi entrance and enters, exited from its outlet.It is all when basic block can guarantee that program runs to the basic block
Code will be all performed.
As a kind of technical optimization scheme of the invention, in the step 3, execution road of the sample in tested program is tested
The algorithm of the occurrence of diameter are as follows:
Use tbIndicate that the first generation tests sample,Indicate tbIn quilt
Execution route in ranging sequence represents the occurrence of execution route with key, usesIt indicatesOccurrence,
Wherein, (Pbi< < 1) it indicates PbiOne is moved to left,It indicates PbiAfter moving to left one
Again with Pb(i+1)Exclusive or, i=1,2,3 ..., m.
Work as PbiWhen value difference,Value is just different;Pbi< < 1 is represented PbiOne is moved to left, its object is to areas
That divides tested program executes sequence.
As a kind of technical optimization scheme of the invention, the calculation method of assessed value in the step 3 are as follows:
P=Etime×Fsize,
Wherein, P indicates assessed value, FsizeIndicate the file size of test sample, EtimeIndicate test sample in tested program
The time of middle test execution, P is smaller, indicates that test sample is more excellent.
Delay due in fuzzing is tested, testing the size of the file of sample and the execution of test sample can shadow
Therefore the speed for ringing fuzzing test utilizes test specimens example file size FsizeWith execution time EtimeProduct P as the sample
The evaluation criteria of example, product is smaller, and test sample is more appropriate for fuzzing test.Therefore selection test sample concentrates P value most
Small test sample is as optimal test sample.
As a kind of technical optimization scheme of the invention, the mutation operation in the step 4 the following steps are included:
Step a: first generation test sample is subjected to bit flipping, distinguishes the metadata and data of first generation test sample;
Step b: with different probability to meta-data section and data portion carry out respectively plus and minus calculation, replacement, insertion, with
Machine variation and hinged processing, generate new test sample;Wherein, high to the probability of metadata processing, to the probability of data processing
It is low.
Due to the test sample generated after data portion mutation operation, a possibility that causing program exception very little, so right
Meta-data section carries out subsequent mutation operation with lower probability, so that the generation of invalid new test case is reduced, into
And promote the performance of fuzzing test.
As a kind of technical optimization scheme of the invention, metadata and data method are distinguished in the step a are as follows:
To the first generation test sample each carry out turning operation one by one, if overturning after test sample in tested program
In execution route there is no execution route of the test sample in tested program after variation, or overturning to turn over previous position
Execution route after turning in tested program is identical, then it is assumed that the position belongs to data;
If after execution route and its previous bit flipping of the test sample after overturning in tested program in tested program
Execution route change, then it is assumed that the position belongs to metadata.
The step of second generation test sample is screened as a kind of technical optimization scheme of the invention, in the step 6 is as follows:
Step (1): t is usedbIt indicates that the first generation tests sample, uses Ts={ t1, t2... ti..., tnIndicate tbWhat is generated is all
New test sample
Step (2): from Ts={ t1, t2... ti..., tnSelect a new test sample ti;WithIndicate tbTested
Execution route in program is usedIndicate tiExecution route in tested program calculatesWithOccurrence;
Step (3): compareWithOccurrence, it is right if not identicalWithHash processing is carried out, is then stored,
And new test sample is denoted as second generation test sample, it is added to test sample and concentrates;Conversely, then without any processing;
Step (4): to Ts={ t1, t2... ti..., tnIn remaining new test sample repeat step (2) and step
(3)。
As a kind of technical optimization scheme of the invention, the Hash processing is completed by hash function, specific algorithm are as follows:
Indicate that the occurrence of execution route, n indicate total digit of key with key, i indicates the i-th bit in key.
It as a kind of technical optimization scheme of the invention, concentrates, is generated by first generation test sample new in test sample
Test sample be denoted as the second generation test sample, have the second generation test sample generate new test sample be denoted as the third generation test
Sample, and so on.
In above-described embodiment, test sample is when testing tested program, by a son of tested program fork into
Journey is completed.Test sample opens up one section of one's own memory headroom in subprocess, stores the first generation in the space
Test sample, operation test sample process be exactly that the subprocess (being equivalent to tested program) constantly reads this section of memory headroom
Value and execution, read subprocess state, constantly by parent process then to judge whether tested program exception occurs.Subprocess
Operating status is different, then the return value that parent process is read is also different.When the return value that parent process is read is -1, show
The reason of fork subprocess fails, and artificial judgment is needed to malfunction (such as memory headroom is insufficient, and test environment is incorrect etc.);Return value
When being 0, show subprocess normal operation;When return value is 1, it is abnormal to show that subprocess occurs.At this time, it may be necessary to by being deposited in subprocess
The test sample of storage reads and records, and shows that the sample may cause program exception.
As shown in connection with fig. 3, mutation operation mainly includes position: overturning, plus and minus calculation, replacement, insertion, random variation and hinged
Six stages, i.e. six stages of bitflip, arithmetic, interest, dictionary, havoc and splice.Wherein
Bitflip be to test sample carry out bit flipping operation, respectively with 1/2/4/8/16/32 for basic unit, by original position into
Row inversion operation, i.e., 0, which becomes 1,1, becomes 0.Arithmetic operation and is given using byte/word/dword as basic unit
Threshold value A RITH_MAX (the plus-minus upper limit), carries out plus and minus calculation and generates new test sample.Interest is usually that will cause
The number of spilling is replaced the data in original test sample as a whole.Dictionary mainly considers that file generally can
Use particular value as the mark (token) of data starting block certain several byte, the stage will test or the token of user into
Row is replaced/is inserted into original test sample.Havoc can be considered as the random incorporation to above-mentioned several mutation operations;splice
It is to carry out being spliced to form new test sample by two test samples.
As shown in connection with fig. 4, fuzzing system contains engine, agency and target program three parts mainly to complete software
Bug excavation, wherein engine section is responsible for the generation of sample and the calling of target program, tests the mutation operation of sample in the portion
Divide and completes.Agency mainly includes program monitoring module, log module and analysis module, and the data generation module in engine being capable of root
Sample is instructed to generate according to the information of program monitoring module feedback;If there is abnormal conditions, log module in program execution
It will record the information such as parameter and the sample when data generate.
Although the present invention has been disclosed as a preferred embodiment, however, it is not to limit the invention.Skill belonging to the present invention
Has usually intellectual in art field, without departing from the spirit and scope of the present invention, when can be used for a variety of modifications and variations.Cause
This, the scope of protection of the present invention is defined by those of the claims.
Claims (7)
1. a kind of method for generating test case based on fuzzing test, it is characterised in that: the following steps are included:
Step 1: pitching pile being carried out to tested program, each basic block in tested program is marked by random number;
Step 2: concentrating all test samples to be sent into tested program test sample and test, and recorded often with random number
Execution route of a test sample in tested program;
Step 3: filtering out test sample and concentrate optimal test sample, be denoted as first generation test sample, and calculate the test
The occurrence of sample execution route in tested program;Wherein: the optimal test sample, which refers to, concentrates warp in test sample
Cross the smallest test sample of the assessed value being calculated;The occurrence refers to execution of each test sample in tested program
The numerical value that path obtains after treatment;
Step 4: mutation operation is carried out to first generation test sample, generates new test sample, and by the first generation test sample from
It tests sample and concentrates removal;
Step 5: all new test samples being sent into tested program, record all new test samples tested with random number
Execution route in program, and calculate the occurrence of execution route of all new test samples in tested program;
Step 6: in new test sample, not by the occurrence of the execution route with first generation test sample in tested program
Same test sample screens, and is denoted as second generation test sample, and test sample is added and concentrates;
Step 7: the test sample concentrated to test sample repeats step 2 to step 6, until newly-generated all test samples exist
The execution route of program of the occurrence of execution route in tested program with previous generation test sample in tested program
Occurrence is identical, stops repeating;Wherein, second generation test specimens are denoted as by the new test sample that first generation test sample generates
Example is denoted as third generation test sample by the new test sample that second generation test sample generates, and so on.
2. a kind of method for generating test case based on fuzzing test according to claim 1, it is characterised in that: described
In step 3, the algorithm of the occurrence are as follows: use tbIt indicates that the first generation tests sample, usesIndicate tbExecution road in tested program
Diameter represents the occurrence of execution route with key, usesIt indicatesOccurrence,
Wherein i=1,2,3 ..., m;(Pbi< < 1) it indicates PbiOne is moved to left, It indicates PbiIt is left
Move one after again with Pb(i+1)Exclusive or.
3. a kind of method for generating test case based on fuzzing test according to claim 1, it is characterised in that: described
The calculation method of assessed value in step 3 are as follows:
P=Etime×Fsize,
Wherein, P indicates assessed value, FsizeIndicate the file size of test sample, EtimeIndicate that test sample is surveyed in tested program
Try the time executed.
4. a kind of method for generating test case based on fuzzing test according to claim 1, it is characterised in that: in institute
State mutation operation in step 4 the following steps are included:
Step a: first generation test sample is subjected to bit flipping, distinguishes the metadata and data of first generation test sample;
Step b: with different probability to meta-data section and data portion carry out plus and minus calculation, replacement, insertion, random variation and
Hinged processing, generates new test sample;Wherein, high to the probability of metadata processing, it is low to the probability of data processing.
5. a kind of method for generating test case based on fuzzing test according to claim 4, it is characterised in that: described
Metadata and data method are distinguished in step a are as follows:
To the first generation test sample each carry out turning operation one by one, if overturning after test sample in tested program
After execution route the execution route and previous bit flipping that there is no the test samples after variation, or overturning in tested program
Execution route in tested program is identical, then it is assumed that the position belongs to data;
If execution route of the test sample in tested program after overturning and holding in tested program after its previous bit flipping
Walking along the street diameter changes, then it is assumed that the position belongs to metadata.
6. a kind of method for generating test case based on fuzzing test according to claim 2, it is characterised in that: described
The step of second generation test sample is screened in step 6 is as follows:
Step (1): t is usedbIt indicates that the first generation tests sample, uses Ts={ t1,t2,…ti…,tnIndicate tbAll new surveys generated
Sample example
Step (2): from Ts={ t1,t2,…ti…,tnSelect a new test sample ti;WithIndicate tbIn tested program
In execution route, useIndicate tiExecution route in tested program calculatesWithOccurrence;
Step (3): compareWithOccurrence, it is right if not identicalWithHash processing is carried out, is then stored, and will
New test sample is denoted as second generation test sample, is added to test sample and concentrates;Conversely, then without any processing;
Step (4): to Ts={ t1,t2,…ti…,tnIn remaining new test sample repeat step (2) and step (3).
7. according to claim 6, it is characterised in that: the Hash processing is completed by hash function, specific algorithm are as follows:
The occurrence of execution route is represented with key, n indicates total digit of key, and i indicates the i-th bit in key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910378248.4A CN110162472B (en) | 2019-05-08 | 2019-05-08 | Test case generation method based on fuzzing test |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910378248.4A CN110162472B (en) | 2019-05-08 | 2019-05-08 | Test case generation method based on fuzzing test |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110162472A true CN110162472A (en) | 2019-08-23 |
CN110162472B CN110162472B (en) | 2022-08-12 |
Family
ID=67633745
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910378248.4A Active CN110162472B (en) | 2019-05-08 | 2019-05-08 | Test case generation method based on fuzzing test |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110162472B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111061635A (en) * | 2019-12-11 | 2020-04-24 | 上海笃策信息科技有限公司 | Test sample reduction method based on runtime path characteristics and test scene clustering |
CN112445709A (en) * | 2020-11-30 | 2021-03-05 | 安徽工业大学 | Method and device for solving AFL test model data imbalance through GAN |
CN114168454A (en) * | 2021-11-23 | 2022-03-11 | 叶嵩 | Asynchronous testing method based on dynamic pile inserting-pile pinning technology |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107193732A (en) * | 2017-05-12 | 2017-09-22 | 北京理工大学 | A kind of verification function locating method compared based on path |
CN107193731A (en) * | 2017-05-12 | 2017-09-22 | 北京理工大学 | Use the fuzz testing coverage rate improved method of control variation |
CN108416219A (en) * | 2018-03-18 | 2018-08-17 | 西安电子科技大学 | A kind of Android binary files leak detection method and system |
CN109032942A (en) * | 2018-07-24 | 2018-12-18 | 北京理工大学 | A kind of fuzz testing frame based on AFL |
US20180365139A1 (en) * | 2017-06-15 | 2018-12-20 | Microsoft Technology Licensing, Llc | Machine learning for constrained mutation-based fuzz testing |
CN109062795A (en) * | 2018-07-24 | 2018-12-21 | 北京理工大学 | A kind of fuzz testing case selection method and apparatus |
CN109063483A (en) * | 2018-06-21 | 2018-12-21 | 北京大学 | A kind of leak detection method and system based on path tracing |
CN109101422A (en) * | 2018-07-24 | 2018-12-28 | 北京理工大学 | A kind of fuzz testing variation method and device based on AFL |
CN109117367A (en) * | 2018-07-24 | 2019-01-01 | 北京理工大学 | A kind of fuzz testing variation quantity determines method and apparatus |
CN109299003A (en) * | 2018-08-31 | 2019-02-01 | 苏州洞察云信息技术有限公司 | A kind of full-automatic testing case driving generation system towards complex software |
CN109726126A (en) * | 2018-12-28 | 2019-05-07 | 中国人民解放军国防科技大学 | Distributed parallel fuzzy method and system |
-
2019
- 2019-05-08 CN CN201910378248.4A patent/CN110162472B/en active Active
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107193732A (en) * | 2017-05-12 | 2017-09-22 | 北京理工大学 | A kind of verification function locating method compared based on path |
CN107193731A (en) * | 2017-05-12 | 2017-09-22 | 北京理工大学 | Use the fuzz testing coverage rate improved method of control variation |
US20180365139A1 (en) * | 2017-06-15 | 2018-12-20 | Microsoft Technology Licensing, Llc | Machine learning for constrained mutation-based fuzz testing |
CN108416219A (en) * | 2018-03-18 | 2018-08-17 | 西安电子科技大学 | A kind of Android binary files leak detection method and system |
CN109063483A (en) * | 2018-06-21 | 2018-12-21 | 北京大学 | A kind of leak detection method and system based on path tracing |
CN109032942A (en) * | 2018-07-24 | 2018-12-18 | 北京理工大学 | A kind of fuzz testing frame based on AFL |
CN109062795A (en) * | 2018-07-24 | 2018-12-21 | 北京理工大学 | A kind of fuzz testing case selection method and apparatus |
CN109101422A (en) * | 2018-07-24 | 2018-12-28 | 北京理工大学 | A kind of fuzz testing variation method and device based on AFL |
CN109117367A (en) * | 2018-07-24 | 2019-01-01 | 北京理工大学 | A kind of fuzz testing variation quantity determines method and apparatus |
CN109299003A (en) * | 2018-08-31 | 2019-02-01 | 苏州洞察云信息技术有限公司 | A kind of full-automatic testing case driving generation system towards complex software |
CN109726126A (en) * | 2018-12-28 | 2019-05-07 | 中国人民解放军国防科技大学 | Distributed parallel fuzzy method and system |
Non-Patent Citations (2)
Title |
---|
JUN CAI等: ""A guided fuzzing approach for security testing of network protocol software"", 《2015 6TH IEEE INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND SERVICE SCIENCE (ICSESS)》 * |
王晨昕: ""基于低命中分支的模糊测试技术研究"", 《中国优秀硕士学位论文全文数据库•信息科技辑》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111061635A (en) * | 2019-12-11 | 2020-04-24 | 上海笃策信息科技有限公司 | Test sample reduction method based on runtime path characteristics and test scene clustering |
CN111061635B (en) * | 2019-12-11 | 2023-03-24 | 上海笃策信息科技有限公司 | Test sample reduction method based on runtime path characteristics and test scene clustering |
CN112445709A (en) * | 2020-11-30 | 2021-03-05 | 安徽工业大学 | Method and device for solving AFL test model data imbalance through GAN |
CN112445709B (en) * | 2020-11-30 | 2022-09-30 | 安徽工业大学 | Method and device for solving AFL test model data imbalance through GAN |
CN114168454A (en) * | 2021-11-23 | 2022-03-11 | 叶嵩 | Asynchronous testing method based on dynamic pile inserting-pile pinning technology |
Also Published As
Publication number | Publication date |
---|---|
CN110162472B (en) | 2022-08-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109144882B (en) | Software fault positioning method and device based on program invariants | |
US7854002B2 (en) | Pattern matching for spyware detection | |
CN109902024B (en) | Ash-box testing method and device sensitive to program path | |
CN101853200B (en) | High-efficiency dynamic software vulnerability exploiting method | |
CN110162472A (en) | A kind of method for generating test case based on fuzzing test | |
CN111240991B (en) | Dynamic stain detection method and system for resisting implicit stain propagation | |
US20190317879A1 (en) | Deep learning for software defect identification | |
CN111459799A (en) | Software defect detection model establishing and detecting method and system based on Github | |
CN112307473A (en) | Malicious JavaScript code detection model based on Bi-LSTM network and attention mechanism | |
CN111753290A (en) | Software type detection method and related equipment | |
Alrabaee et al. | On leveraging coding habits for effective binary authorship attribution | |
CN111177795A (en) | Method, device and computer storage medium for identifying video tampering by using block chain | |
Baxter et al. | On statistical approaches to the study of ceramic artefacts using geochemical and petrographic data | |
CN109543410A (en) | One kind being based on the associated malicious code detecting method of Semantic mapping | |
CN115269427A (en) | Intermediate language representation method and system for WEB injection vulnerability | |
CN116150757A (en) | Intelligent contract unknown vulnerability detection method based on CNN-LSTM multi-classification model | |
Zhao et al. | Suzzer: A vulnerability-guided fuzzer based on deep learning | |
CN113901463A (en) | Concept drift-oriented interpretable Android malicious software detection method | |
CN116702157B (en) | Intelligent contract vulnerability detection method based on neural network | |
Karnalim | Python source code plagiarism attacks on introductory programming course assignments | |
CN114285587A (en) | Domain name identification method and device and domain name classification model acquisition method and device | |
Sotgiu et al. | Explainability-based debugging of machine learning for vulnerability discovery | |
CN110472416A (en) | A kind of web virus detection method and relevant apparatus | |
CN110955892A (en) | Hardware Trojan horse detection method based on machine learning and circuit behavior level characteristics | |
JP2013077124A (en) | Software test case generation device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |