CN114153746A - A smart contract testing method based on symbolic execution and fuzzing - Google Patents

A smart contract testing method based on symbolic execution and fuzzing Download PDF

Info

Publication number
CN114153746A
CN114153746A CN202111558178.4A CN202111558178A CN114153746A CN 114153746 A CN114153746 A CN 114153746A CN 202111558178 A CN202111558178 A CN 202111558178A CN 114153746 A CN114153746 A CN 114153746A
Authority
CN
China
Prior art keywords
test case
execution
smart contract
method based
testing method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111558178.4A
Other languages
Chinese (zh)
Inventor
王荣
蔡维德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beihang University
Original Assignee
Beihang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beihang University filed Critical Beihang University
Priority to CN202111558178.4A priority Critical patent/CN114153746A/en
Publication of CN114153746A publication Critical patent/CN114153746A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3676Test management for coverage analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Prevention of errors by analysis, debugging or testing of software
    • G06F11/3668Testing of software
    • G06F11/3672Test management
    • G06F11/3684Test management for test design, e.g. generating new test cases
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/12Computing arrangements based on biological models using genetic models
    • G06N3/126Evolutionary algorithms, e.g. genetic algorithms or genetic programming

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Biophysics (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Evolutionary Biology (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Molecular Biology (AREA)
  • Evolutionary Computation (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Computational Linguistics (AREA)
  • Biomedical Technology (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • Artificial Intelligence (AREA)
  • Genetics & Genomics (AREA)
  • Physiology (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses an intelligent contract testing method based on symbolic execution and fuzziness, which specifically comprises the following steps: s01, inputting an intelligent contract initial test case set by a user; s02, executing test and recording, recording the execution path information and detailed execution information of the program, and putting the execution path information into a seed pool; s03, updating coverage information and reporting crash; s04, systematically searching by symbolic execution, and generating a corresponding test case and adding the test case into a test case set when a certain branch is found to be uncovered; s05, selecting seeds according to a seed selection strategy; s06, carrying out mutation according to the seed mutation strategy, and generating a new test case set through mutation; and S07, repeatedly executing the steps S02-S06 until the user manually finishes or stops the test after a certain time is passed and no new path is generated.

Description

Intelligent contract testing method based on symbolic execution and fuzziness
Technical Field
The invention belongs to the technical field of block chains, and particularly relates to an intelligent contract testing method based on symbolic execution and fuzziness.
Background
The blockchain ensures that the uplink data is difficult to be tampered, and the data is stored in each node, so that the node votes to maintain consistency. The intelligent contract is one of core technologies of a block chain, is a consensus rule in a multi-party participation scene, and is a central pivot of value transfer. The reason why the security problem becomes unprecedented importance after the blockchain occurs is that the intelligent contract realizes a value transfer, each number on the blockchain is a value, and the change of the number caused by each vulnerability is a huge value loss. The fuzzy test is an effective automatic vulnerability mining technology, and the mainstream fuzzy test technology adopts a genetic algorithm to generate a test case, so that the premature phenomenon exists, and the path coverage rate is insufficient.
Based on the intelligent contract testing method, the intelligent contract testing method based on symbolic execution and fuzziness is provided, and automatic and efficient testing of the intelligent contract is achieved.
Disclosure of Invention
In view of the above-mentioned defects of the prior art, the technical problem to be solved by the present invention is to provide an intelligent contract testing method based on symbol execution and fuzziness, which is in accordance with the needs and disadvantages of the current technical development.
Firstly, the invention provides an intelligent contract testing method based on symbolic execution and fuzziness, and the technical scheme adopted for solving the technical problems is as follows:
s01, inputting an intelligent contract initial test case set by a user;
s02, executing test and recording, recording the execution path information and detailed execution information of the program, and putting the execution path information into a seed pool;
s03, updating coverage information and reporting crash; updating the coverage information is realized by recording a test execution path, and reporting a crash in step S03 is realized by collecting a test case in which a crash occurs in the virtual machine stub feedback.
S04, systematically searching by symbolic execution, and generating a corresponding test case and adding the test case into a test case set when a certain branch is found to be uncovered;
s05, selecting seeds according to a seed selection strategy;
s06, carrying out mutation according to the seed mutation strategy, and generating a new test case set through mutation;
and S07, repeatedly executing the steps S02-S06 until the user manually finishes or stops the test after a certain time is passed and no new path is generated.
Specifically, the intelligent contract fuzzy test system can be used for intelligent contracts of various block chain platforms.
Specifically, the initial test case set in step S01 is constructed manually, and satisfies the grammatical rules of the intelligent contract. In the step S02, the recording of the execution path information and the detailed execution information of the program is realized by recording the runtime state of the intelligent contract through the virtual machine instrumentation. The updating of the coverage information in the step S03 is realized by recording the test execution path. In step S04, the symbol performs systematic search, and the search method may adopt different strategies, such as a depth-first strategy or a breadth-first strategy. The seed selection policy in step S05 may be a random manner or may be selected according to a certain rule. The variation strategy in step S06 may be a genetic algorithm, generation of a countermeasure network, simulated annealing, or the like. In the step S06, a new test case set is generated by mutation, the data type of the test case sample is determined according to the type of the intelligent contract interface, and the test case sample is subjected to mutation operation to generate the test case variant sample.
Drawings
Some specific embodiments of the invention will be described in detail hereinafter, by way of illustration and not limitation, with reference to the accompanying drawings. The same reference numbers in the drawings identify the same or similar elements or components. Those skilled in the art will appreciate that the drawings are not necessarily drawn to scale. The objects and features of the present invention will become more apparent in view of the following description taken in conjunction with the accompanying drawings, in which:
FIG. 1 is a flow chart of an intelligent contract testing method based on symbolic execution and fuzziness according to the present invention.
Detailed Description
In order to clearly illustrate the present invention and make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, so that those skilled in the art can implement the technical solutions in reference to the description text. The technology of the present invention will be described in detail below with reference to the accompanying drawings in conjunction with specific embodiments.
The embodiment of the invention provides an intelligent contract testing method based on symbolic execution and fuzziness, which comprises the following implementation processes:
s01, a user formulates an intelligent contract initial test case set according to information such as intelligent contract interface description and parameter types;
s02, packaging the initial test case set into a transaction, issuing the transaction to a block chain for testing, collecting the execution result of the tested intelligent contract aiming at the test case sample, updating the coverage information according to the recorded test execution path, finding the test case triggering the vulnerability if the operation result is abnormal, putting the execution path into a seed pool, and recording the detailed operation result;
s03, updating coverage information according to the test condition, and collecting a path of crash of the pile insertion feedback of the virtual machine;
s04, after completing the processing of a test case, checking whether the symbolic execution explores to a new uncovered branch, the symbolic execution adopts a depth-first strategy to perform systematic search, and when a certain branch is found to be uncovered, generating a corresponding test case and adding the corresponding test case into a test case set;
s05, randomly selecting seeds from the seed pool;
s06, determining the data type of the test case sample according to the type list in the intelligent contract method protocol, performing mutation operation on the test case sample by using a genetic algorithm according to a preset mutation method corresponding to the data type, detecting whether a new branch is covered, and generating the test case mutation sample and adding the test case sample into the test case set if the new branch is covered;
and S07, repeatedly executing the steps S02-S06 until the user manually finishes or stops the test after a certain time is passed and no new path is generated.

Claims (9)

1.一种基于符号执行与模糊的智能合约测试方法,其特征在于,该方法的实现过程包括:1. a smart contract testing method based on symbol execution and ambiguity, is characterized in that, the realization process of this method comprises: S01、用户输入智能合约初始测试用例集;S01. The user inputs a smart contract initial test case set; S02、执行测试并记录,记录程序的执行路径信息和详细执行信息,并将执行路径信息放入种子池中;S02, perform the test and record, record the execution path information and detailed execution information of the program, and put the execution path information into the seed pool; S03、更新覆盖信息和报告崩溃;S03. Update coverage information and report crashes; S04、符号执行系统性地搜索,当发现某个分支未被覆盖时,则生成相应的测试用例并加入到测试用例集中;S04, systematically search for symbol execution, when it is found that a certain branch is not covered, the corresponding test case is generated and added to the test case set; S05、根据种子选择策略选择种子;S05, select seeds according to the seed selection strategy; S06、根据种子变异策略进行变异,变异生成新的测试用例集;S06, mutate according to the seed mutation strategy, and mutate to generate a new set of test cases; S07、重复执行步骤S02-S06直到用户手动结束或者当超过一定时间没有产生新的路径后停止测试。S07. Repeat steps S02-S06 until the user manually ends or stop the test when no new path is generated for a certain period of time. 2.根据权利要求1所述的一种智能合约模糊测试系统,其特征在于该系统能够使用于各种区块链平台的智能合约。2. A smart contract fuzzing system according to claim 1, characterized in that the system can be used in smart contracts of various blockchain platforms. 3.根据权利要求1所述一种基于符号执行与模糊的智能合约测试方法,其特征在于,所述步骤S01中初始测试用例集,是人工进行构建,满足智能合约的语法规则。3. A kind of smart contract testing method based on symbol execution and ambiguity according to claim 1, is characterized in that, in described step S01, initial test case set is constructed manually, and satisfies the grammar rule of smart contract. 4.根据权利要求1所述一种基于符号执行与模糊的智能合约测试方法,其特征在于,所述步骤S02中记录程序的执行路径信息和详细执行信息,是通过虚拟机插桩实现记录智能合约的运行时状态。4. a kind of smart contract testing method based on symbol execution and ambiguity according to claim 1, is characterized in that, in described step S02, the execution path information and detailed execution information of recording program are to realize recording intelligence through virtual machine instrumentation. The runtime state of the contract. 5.根据权利要求1所述一种基于符号执行与模糊的智能合约测试方法,其特征在于,所述步骤S03中更新覆盖信息是通过记录测试执行路径来实现,所述步骤S03中报告崩溃,通过收集虚拟机插桩反馈出现崩溃的测试用例来实现。5. a kind of smart contract testing method based on symbol execution and ambiguity according to claim 1, is characterized in that, in described step S03, updating coverage information is to realize by recording the test execution path, in described step S03, report crash, This is achieved by collecting test cases that report crashes from virtual machine instrumentation. 6.根据权利要求1所述一种基于符号执行与模糊的智能合约测试方法,其特征在于,所述步骤S04中符号执行系统性地搜索,搜索方法可以采取不同的策略,如深度优先策略或者广度优先策略等。6. a kind of smart contract testing method based on symbol execution and ambiguity according to claim 1, is characterized in that, in described step S04, symbol execution is systematically searched, and the search method can adopt different strategies, such as depth-first strategy or Breadth-first strategy, etc. 7.根据权利要求1所述一种基于符号执行与模糊的智能合约测试方法,其特征在于,所述步骤S05中种子选择策略,可以是随机的方式也可以按照一定规则选取。7. A kind of smart contract testing method based on symbol execution and ambiguity according to claim 1, is characterized in that, in described step S05, the seed selection strategy can be random or can be selected according to certain rules. 8.根据权利要求1所述一种基于符号执行与模糊的智能合约测试方法,其特征在于,所述步骤S06中变异策略,可以是遗传算法、生成对抗网络、模拟退火等方法。8. A kind of smart contract testing method based on symbol execution and ambiguity according to claim 1, is characterized in that, in described step S06, mutation strategy can be methods such as genetic algorithm, generative adversarial network, simulated annealing, etc. 9.根据权利要求1所述一种基于符号执行与模糊的智能合约测试方法,其特征在于,所述步骤S06中变异生成新的测试用例集,是根据智能合约接口的类型,确定测试用例样本的数据类型,对测试用例样本进行变异操作,生成测试用例变异样本。9. A kind of smart contract testing method based on symbol execution and fuzzing according to claim 1, is characterized in that, in described step S06, mutation generates new test case set, which is to determine the test case sample according to the type of smart contract interface , perform mutation operation on test case samples to generate test case mutation samples.
CN202111558178.4A 2021-12-20 2021-12-20 A smart contract testing method based on symbolic execution and fuzzing Pending CN114153746A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111558178.4A CN114153746A (en) 2021-12-20 2021-12-20 A smart contract testing method based on symbolic execution and fuzzing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111558178.4A CN114153746A (en) 2021-12-20 2021-12-20 A smart contract testing method based on symbolic execution and fuzzing

Publications (1)

Publication Number Publication Date
CN114153746A true CN114153746A (en) 2022-03-08

Family

ID=80451948

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111558178.4A Pending CN114153746A (en) 2021-12-20 2021-12-20 A smart contract testing method based on symbolic execution and fuzzing

Country Status (1)

Country Link
CN (1) CN114153746A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115292172A (en) * 2022-08-01 2022-11-04 哈尔滨工业大学 A method, electronic device and storage medium for improving detection coverage of smart contracts
CN118672927A (en) * 2024-07-16 2024-09-20 上海安般信息科技有限公司 Gray box fuzzy test method integrating stain analysis and symbol execution

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115292172A (en) * 2022-08-01 2022-11-04 哈尔滨工业大学 A method, electronic device and storage medium for improving detection coverage of smart contracts
CN118672927A (en) * 2024-07-16 2024-09-20 上海安般信息科技有限公司 Gray box fuzzy test method integrating stain analysis and symbol execution

Similar Documents

Publication Publication Date Title
CN110399730B (en) Smart Contract Vulnerability Inspection Method, System and Medium
Di Nucci et al. Detecting code smells using machine learning techniques: Are we there yet?
Cartaxo et al. On the use of a similarity function for test case selection in the context of model‐based testing
CN110008710B (en) Vulnerability detection method based on deep reinforcement learning and program path instrumentation
Münkemüller et al. From diversity indices to community assembly processes: a test with simulated data
CN114153746A (en) A smart contract testing method based on symbolic execution and fuzzing
Uchôa et al. Predicting design impactful changes in modern code review: A large-scale empirical study
KR102723701B1 (en) Apparatus for Inferring Cyber Attack Route based on Attention, Apparatus and Method for Learning Intelligent Attack Route Prediction Model
US20110113288A1 (en) Generating random sequences based on stochastic generative model having multiple random variates
CN114840857B (en) Intelligent contract fuzzy test method and system based on deep reinforcement learning and multi-stage coverage strategy
CN113836009A (en) A smart contract fuzzing method and system based on reinforcement learning
Malhotra et al. Heuristic search-based approach for automated test data generation: a survey
Chen et al. Active learning of Markov decision processes for system verification
Derakhshanfar et al. Search‐based crash reproduction using behavioural model seeding
CN117221015B (en) Industrial control host safety management method based on block chain technology
Honsel et al. Mining software dependency networks for agent-based simulation of software evolution
Tonella et al. Finding the optimal balance between over and under approximation of models inferred from execution logs
Hierons et al. Incomplete distinguishing sequences for finite state machines
CN112183749B (en) Deep learning library test method based on directed model variation
CN117992356A (en) Fuzzy test-oriented variation scheduling method and device
Ceccato et al. Towards reverse engineering of industrial physical processes
Singh Prioritizing Test Cases in Regression testing using Fault Based Analysis
Hasan Machine learning based framework for smart contract vulnerability detection in Ethereum blockchain
Zakurdaeva et al. Detecting architectural integrity violation patterns using machine learning
CN114880637A (en) Account risk verification method and device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination