CN114297053A - Software program safety detection method based on multi-layer perceptron smoothing - Google Patents
Software program safety detection method based on multi-layer perceptron smoothing Download PDFInfo
- Publication number
- CN114297053A CN114297053A CN202111538428.8A CN202111538428A CN114297053A CN 114297053 A CN114297053 A CN 114297053A CN 202111538428 A CN202111538428 A CN 202111538428A CN 114297053 A CN114297053 A CN 114297053A
- Authority
- CN
- China
- Prior art keywords
- test
- case
- gradient
- multilayer perceptron
- perceptron model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000009499 grossing Methods 0.000 title claims abstract description 26
- 238000001514 detection method Methods 0.000 title claims abstract description 11
- 238000012360 testing method Methods 0.000 claims abstract description 155
- 238000000034 method Methods 0.000 claims abstract description 55
- 238000012549 training Methods 0.000 claims abstract description 48
- 238000005457 optimization Methods 0.000 claims abstract description 43
- 230000008569 process Effects 0.000 claims description 41
- 230000006870 function Effects 0.000 claims description 24
- 230000006399 behavior Effects 0.000 claims description 18
- 230000000694 effects Effects 0.000 claims description 15
- 230000035772 mutation Effects 0.000 claims description 14
- 210000002569 neuron Anatomy 0.000 claims description 8
- 210000004205 output neuron Anatomy 0.000 claims description 8
- 238000007781 pre-processing Methods 0.000 claims description 7
- 230000004913 activation Effects 0.000 claims description 5
- 230000008859 change Effects 0.000 claims description 4
- 230000003247 decreasing effect Effects 0.000 claims description 4
- 210000002364 input neuron Anatomy 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 4
- 238000004140 cleaning Methods 0.000 claims description 3
- 238000005065 mining Methods 0.000 description 7
- 208000037265 diseases, disorders, signs and symptoms Diseases 0.000 description 5
- 208000035475 disorder Diseases 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000010801 machine learning Methods 0.000 description 4
- 230000001537 neural effect Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 201000004569 Blindness Diseases 0.000 description 2
- 238000013528 artificial neural network Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000010998 test method Methods 0.000 description 2
- ORILYTVJVMAKLC-UHFFFAOYSA-N Adamantane Natural products C1C(C2)CC3CC1CC2C3 ORILYTVJVMAKLC-UHFFFAOYSA-N 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Landscapes
- Debugging And Monitoring (AREA)
Abstract
The invention relates to a software program safety detection method based on multi-layer perceptron smoothing, which comprises the following steps: obtaining an initial seed case; inputting the initial seed case into a multilayer perceptron model for training, and combining a Nadam gradient optimization algorithm to guide the variation of the seed case to obtain a test case; inputting the test case into a target program to be tested, and obtaining a corresponding fuzzy test result through fuzzy test; performing iterative optimization on the multilayer perceptron model according to the set optimization iteration times by using the current fuzzy test result; carrying out fuzzy test variation by combining a Nadam gradient optimization algorithm according to the optimized multilayer perceptron model to obtain an optimal test case; and inputting the optimal test case into a target program to be tested, and obtaining a final fuzzy test result through fuzzy test. Compared with the prior art, the method and the device can solve the problems of redundancy of the test cases and low efficiency of the variation strategy, and have the advantages of high code coverage rate and high execution efficiency.
Description
Technical Field
The invention relates to the technical field of software safety testing, in particular to a software program safety detection method based on multi-layer perceptron smoothing.
Background
In the field of network security testing, fuzz testing is a method for implementing vulnerability mining by providing unexpected input to a target system and monitoring abnormal results, and is often used to find errors or security problems in software, kernel operating systems, network codes, wherein random data or illegal data samples input to a target program during testing are called "fuzz test cases". The result of the fuzzy test is usually judged by whether various exceptions such as jamming, collapse, assertion and the like occur in the monitoring program, and compared with the traditional vulnerability mining technology, the fuzzy test has the advantages of higher accuracy, strong expandability, low dependency on the test target source code and the like.
In recent years, it has become mainstream to exploit a network security vulnerability in an obfuscated manner. The fuzzy test is an effective vulnerability mining technology, and can find potential vulnerability trigger points by traversing program branches through an algorithm, however, the traditional fuzzy test has the problems of test case redundancy, low efficiency of a variation strategy and the like.
In order to avoid such a situation, the existing research starts to construct a mutation strategy by using a machine learning method, and by converting the process of the fuzzy test into a classification problem in machine learning, an optimal mutation factor can be selected in each round of test, so that the randomness of the test case generation process is avoided. However, the existing fuzzy test method based on the machine learning construction mutation strategy still has defects in the aspects of model selection and optimization, and the efficiency of the fuzzy test is low.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a software program safety detection method based on multi-layer perceptron smoothing, so as to solve the problems of redundancy of test cases and low efficiency of a variation strategy, and effectively improve the efficiency of fuzzy test.
The purpose of the invention can be realized by the following technical scheme: a software program safety detection method based on multi-layer perceptron smoothing comprises the following steps:
s1, obtaining an initial seed case;
s2, inputting the initial seed case into a multilayer perceptron model for training, and combining a Nadam gradient optimization algorithm to guide the variation of the seed case to obtain a test case;
s3, inputting the test case into the target program to be tested, and obtaining a corresponding fuzzy test result through fuzzy test;
s4, carrying out iterative optimization on the multilayer perceptron model according to the set optimization iteration times by using the fuzzy test result obtained in the step S3 to obtain the optimized multilayer perceptron model;
s5, carrying out fuzzy test variation by combining a Nadam gradient optimization algorithm according to the optimized multilayer perceptron model to obtain an optimal test case;
and S6, inputting the optimal test case into the target program to be tested, and obtaining a final fuzzy test result through the fuzzy test.
Further, the step S1 is to input the program corpus into the original fuzzifier AFL, and perform a preliminary fuzzification test by using the AFL to obtain an initial seed case.
Further, the step S2 specifically includes the following steps:
s21, carrying out data preprocessing on the initial seed case, tracking the path to obtain branch information and simultaneously generating a bitmap file, wherein the branch information is used for measuring the branch coverage condition of the program, and the bitmap file is used for recording the code edge coverage rate;
s22, constructing a multilayer perceptron model, filling, combining, cleaning and disordering seed cases, dividing all the seed cases into a training set and a testing set according to a set proportion, and training the multilayer perceptron model according to a set batch value to obtain a well-trained multilayer perceptron model;
and S23, calculating to obtain gradient information by using neurons of an output layer of the multi-layer perceptron model based on the trained multi-layer perceptron model, and guiding gradient updating by using a Nadam gradient optimization algorithm to make the seed cases generate variation so as to generate a plurality of effective test cases.
Further, the step S21 specifically includes the following steps:
s211, reading the initial seed use case into a process _ data () function to carry out data preprocessing;
s212, disordering the sequence of the seed case data, calling afl-showmap to perform execution path tracking on a single case and returning the captured tuple to obtain branch information so as to measure the program branch coverage condition;
and S213, generating a bitmap file according to the branch information so as to record the code edge coverage rate.
Further, the step S22 specifically includes the following steps:
s221, constructing a multilayer perceptron model;
s222, setting a maximum input threshold value m, and filling 0 byte for the seed case smaller than the threshold value m to ensure that the input length of the seed case is the same as that of the multilayer perceptron model;
s223, merging the seed cases covering the same edge, and removing the seed cases which cannot cover the edge label to promote the accelerated convergence of the model;
s224, performing disorder processing on the seed cases processed in the steps again, dividing the seed cases into a training set and a testing set according to a set proportion, and training the multilayer perceptron model according to a set batch size.
Furthermore, the multilayer perceptron model is composed of an input layer, an output layer and three hidden layers, dropout is added to prevent overfitting, each input neuron in the input layer is represented as an input byte, and each output neuron in the output layer identifies a control flow branch.
Further, the output layer uses a softmax function as a smoothing function, so that the effect of program smoothing is achieved; the three hidden layers respectively adopt Relu, Relu and softmax as activation functions.
Further, the step S23 specifically includes the following steps:
s231, calculating a gradient by utilizing the neurons of the output layer based on the trained multilayer perceptron model, wherein the gradient value represents the change quantity of the input byte capable of influencing the output neurons of the last layer:
θt←θt-1-ηgt
wherein theta is a learning parameter, t is a training round,
for solving the gradient of the objective function, gtThe gradient value corresponding to the parameter theta in the tth training round is obtained, and eta is the learning rate;
s232, calculating a value between 0 and 1 for each gradient value to determine the influence of a given input byte on a specific control flow branch;
s233, defining a test case mutation strategy, namely selecting the input byte with the highest gradient value in each iteration, and performing mutation operation on the input byte;
s234, increasing and decreasing the gradient value of the corresponding byte according to the variation result to ensure that the variation direction is carried out towards the expected direction;
s235, adding a Nadam gradient optimization algorithm to guide a gradient updating process:
wherein,mtand vtRespectively is a gradient gtThe first and second moments of (a),
for the current momentum vector mtThe offset of (a) is corrected to estimate,
for the current squared gradient vtIs a smoothing term that avoids division by zero, ((1- β))1) Is mtThe decay rate of (c).
Further, the specific process of the fuzz test is as follows:
inputting the test case into a target program to be tested, and starting to perform a fuzzy test;
in the process of the fuzzing test, marking the control flow branches of the target program covered by the test cases and the detected position information causing the software program to crash, and recording the position information into a corresponding log behavior information file;
and storing the hit test case into a corresponding folder, analyzing to obtain the program branch behavior characteristics contained in the hit case, and using the program branch behavior characteristics to update and optimize the multilayer perceptron model subsequently.
Further, the specific process of step S4 is as follows: and acquiring a current test case, mixing the test case in the previous training with the current test case according to a certain proportion to be used as input of the multilayer perceptron model, and performing iterative updating optimization on the multilayer perceptron model by combining a previous fuzzy test result until a set iteration number is reached to obtain the optimized multilayer perceptron model.
Compared with the prior art, the invention provides a software program safety detection method for program smoothing based on a multilayer perceptron, which is used for carrying out vulnerability mining on a software program, accurately simulating the branching behavior of a target program to be tested by constructing a multilayer perceptron network model and inputting an initial seed case for model training, and simultaneously realizing the effect of program smoothing.
The method utilizes a gradient-guided optimization algorithm to construct a test case mutation strategy, and utilizes a Nadam algorithm to improve the gradient updating effect of a model so as to guide the mutation process of the seed case. The method can greatly reduce the blindness of the test case generation process, improve the hit rate of the test case, reduce the redundancy of the test case and further improve the code coverage rate.
On the basis of the traditional fuzzy test method, the machine learning method of a multilayer perceptron model is introduced, and meanwhile, the generation and variation of the test case are carried out by utilizing the Nadam-based gradient guide optimization algorithm, so that the randomness problem of the traditional fuzzy test variation strategy mainly based on the evolutionary algorithm is greatly improved, software developers can be helped to carry out fuzzy test efficiently and accurately, and potential bugs are excavated.
Drawings
FIG. 1 is a schematic flow diagram of the process of the present invention;
FIG. 2 is a schematic diagram of an embodiment of an application process;
FIG. 3 is a schematic diagram of an iterative optimization training process of a multi-layer perceptron model in an embodiment;
FIG. 4 is a schematic structural diagram of a multilayer perceptron model in an embodiment.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments.
Examples
As shown in fig. 1, a software program security detection method based on multi-layer perceptron smoothing includes the following steps:
s1, obtaining an initial seed case, wherein in the embodiment, the program corpus is input into an original fuzzifier AFL, and the AFL is utilized to perform a preliminary fuzzy test to obtain the initial seed case;
s2, inputting the initial seed case into a multilayer perceptron model for training, and combining a Nadam gradient optimization algorithm to guide the variation of the seed case to obtain a test case, specifically:
s21, carrying out data preprocessing on the initial seed case, tracking the path to obtain branch information and simultaneously generating a bitmap file, wherein the branch information is used for measuring the branch coverage condition of the program, and the bitmap file is used for recording the code edge coverage rate;
s22, constructing a multilayer perceptron model, filling, combining, cleaning and disordering seed cases, dividing all the seed cases into a training set and a testing set according to a set proportion, and training the multilayer perceptron model according to a set batch value to obtain a well-trained multilayer perceptron model;
s23, calculating to obtain gradient information by using neurons of an output layer of the multi-layer perceptron model based on the trained multi-layer perceptron model, and guiding gradient updating by using a Nadam gradient optimization algorithm to enable seed cases to be mutated to generate a plurality of effective test cases;
in step S21, first, the initial seed case needs to be read into the process _ data () function for data preprocessing;
then, the sequence of the seed case data is disturbed, afl-showmap is called to perform execution path tracking on a single case and return a captured tuple, and branch information is obtained to measure the program branch coverage condition;
generating a bitmap file according to the branch information so as to record the code edge coverage rate;
in step S22, a multi-layered perceptron model is first constructed, where the multi-layered perceptron model constructed in this embodiment is composed of an input layer (each input neuron in the input layer is represented as an input byte), an output layer (each output neuron in the output layer identifies a control flow branch), and three hidden layers, and dropouts are added to prevent overfitting, and the output layer uses a softmax function as a smoothing function, so as to achieve the effect of program smoothing; relu, Relu and softmax are respectively adopted by the three hidden layers as activation functions;
then setting a maximum input threshold value m, and filling 0 byte for the seed case smaller than the threshold value m to ensure that the input length of the seed case is the same as that of the multilayer perceptron model;
then merging the seed cases covering the same edge, and removing the seed cases which can not cover the edge label to promote the accelerated convergence of the model;
carrying out disorder treatment on the seed cases processed by the steps again, dividing the seed cases into a training set and a test set according to a set proportion, and training the multilayer perceptron model according to a set batch size;
in step S23, the following process is mainly included
S231, calculating a gradient by utilizing the neurons of the output layer based on the trained multilayer perceptron model, wherein the gradient value represents the change quantity of the input byte capable of influencing the output neurons of the last layer:
θt←θt-1-ηgt
wherein theta is a learning parameter, t is a training round,
for solving the gradient of the objective function, gtThe gradient value corresponding to the parameter theta in the tth training round is obtained, and eta is the learning rate;
s232, calculating a value between 0 and 1 for each gradient value to determine the influence of a given input byte on a specific control flow branch;
s233, defining a test case mutation strategy, namely selecting the input byte with the highest gradient value in each iteration, and performing mutation operation on the input byte;
s234, increasing and decreasing the gradient value of the corresponding byte according to the variation result to ensure that the variation direction is carried out towards the expected direction;
s235, adding a Nadam gradient optimization algorithm to guide a gradient updating process:
wherein,mtand vtRespectively is a gradient gtThe first and second moments of (a),
for the current momentum vector mtThe offset of (a) is corrected to estimate,
for the current squared gradient vtIs a smoothing term that avoids division by zero, ((1- β))1) Is mtThe attenuation rate of (d);
s3, inputting the test case into the target program to be tested, and obtaining a corresponding fuzzy test result through fuzzy test;
s4, performing iterative optimization on the multilayer perceptron model according to the set optimization iteration times by using the fuzzy test result obtained in the step S3 to obtain the optimized multilayer perceptron model, wherein the iterative optimization specifically comprises the following steps: acquiring a current test case, mixing the test case in the previous training with the current test case according to a certain proportion to be used as input of the multilayer perceptron model, and performing iterative updating optimization on the multilayer perceptron model by combining a previous fuzzy test result until a set iteration number is reached to obtain an optimized multilayer perceptron model;
s5, carrying out fuzzy test variation by combining a Nadam gradient optimization algorithm according to the optimized multilayer perceptron model to obtain an optimal test case;
and S6, inputting the optimal test case into the target program to be tested, and obtaining a final fuzzy test result through the fuzzy test.
In steps S3 and S6, the specific process of the fuzz test is:
inputting the test case into a target program to be tested, and starting to perform a fuzzy test;
in the process of the fuzzing test, marking the control flow branches of the target program covered by the test cases and the detected position information causing the software program to crash, and recording the position information into a corresponding log behavior information file;
and storing the hit test case into a corresponding folder, analyzing to obtain the program branch behavior characteristics contained in the hit case, and using the program branch behavior characteristics to update and optimize the multilayer perceptron model subsequently.
In this embodiment, the above technical solution is applied, and a specific application process is shown in fig. 2:
1) seed case acquisition: and analyzing basic behavior information of the target program of the software to be tested, and acquiring corresponding program corpora from the program corpus. And inputting the program corpus into an original fuzzifier AFL, and performing primary fuzzification test by using the AFL to obtain an initial seed case.
2) Neural program smoothing: building a multilayer perceptron model, inputting the initial seed case obtained in the step 1) into the multilayer perceptron model for training, and modeling the branching behavior of the target program of the software to be tested to realize the smoothing process of the target program of the software to be tested.
3) Gradient-guided optimization: and calculating corresponding gradient values according to the control flow branch behavior information of the model output layer, and constructing a test case variation strategy. Guiding the mutation process of the seed case after the step 2) by using an NAdam gradient optimization algorithm.
4) Generating a test case: and 3) carrying out efficient and accurate variation on the seed cases to obtain a large number of effective test cases for carrying out fuzzy test on the target program of the software to be tested.
5) And (3) fuzzy testing: inputting the test case obtained in the step 4) into a target program to be tested, detecting the fuzzy test effect of the test case, and recording log information such as code coverage rate.
6) Model optimization: and performing iterative updating optimization on the multilayer perceptron model according to the fuzzy test result. And repeating the processes until the optimal fuzzy test effect is achieved.
In the embodiment, an original fuzzy test tool AFL is used for obtaining an initial seed case, a multilayer perceptron model is built, the branching behavior of a target program of software to be tested is simulated, the initial seed case is used as training data and is input into the multilayer perceptron model, the neural program smoothing process is realized, and a test case variation strategy is conveniently constructed by utilizing a gradient-guided optimization algorithm at the next stage. In order to realize gradient updating and further improve the convergence effect of the model, the Nadam algorithm is used for guiding the seed use case-ground variation process. And finally, inputting a large number of generated effective test cases into a target program of the software to be tested for fuzzy test, recording log information such as edge coverage, vulnerability mining number and the like while detecting the fuzzy test effect, and storing the hit test cases into a specific file, thereby facilitating further optimization of the model. In the whole process, the multilayer perceptron model continuously learns and optimizes according to test case results generated after variation until the optimal convergence effect is achieved. The method and the device can avoid blindness of a variation process of the test cases, reduce redundancy of the test cases, improve code edge coverage rate and help software developers to carry out software vulnerability mining.
As shown in fig. 3, in this embodiment, the specific steps of step 2) to implement the neural procedure smoothing process are as follows:
201) the initial seed case data generated by the AFL is read into a process _ data () function to be subjected to data preprocessing.
202) And (3) disordering the sequence of the seed case data, calling afl-showmap to perform execution path tracking on a single case and returning the captured tuple to obtain branch information so as to measure the branch coverage condition of the program.
203) And generating a bitmap file according to the branch information, and recording the code edge coverage rate.
204) As shown in fig. 4, a multi-layered perceptron model is defined, which consists of one input layer (representing one input byte per input neuron), one output layer (representing one control flow branch per output neuron), three hidden layers (consisting of Relu, and softmax as activation functions, respectively), and incorporates dropout to prevent overfitting. Wherein the output layer uses softmax function as smoothing function to achieve the effect of program smoothing.
205) And setting a maximum input threshold value m, and filling 0 byte for the seed case smaller than the threshold value m to ensure that the input length of the seed case is the same as that of the multilayer perceptron model.
206) And merging the seed cases covering the same edge, and removing the seed cases which cannot cover the edge label so as to promote the accelerated convergence of the model.
207) And (3) carrying out disorder treatment on the seed cases treated by the steps again, and simultaneously carrying out disorder treatment according to the ratio of 8: and 2, dividing the training set and the test set according to the proportion, and training the multilayer perceptron model according to the set batch size.
In this embodiment, the specific steps of step 3) to implement the gradient guidance optimization process are as follows:
301) and after the training of the multilayer perceptron model is finished, calculating the gradient by using the neurons of the output layer. The gradient values represent the amount of change in the input bytes that can affect the last layer of output neurons (i.e., the edges of the program control flow branches). Specifically, it is calculated by the following formula:
θt←θt-1-ηgt
where θ represents a learning parameter, t represents a training round,
representing the solution of the gradient of the objective function, gtThe gradient value corresponding to the parameter θ in the t-th training round is shown, and η represents the learning rate.
302) A value between 0 and 1 is calculated for each gradient value to summarize the effect of a given input byte on a particular control flow branch.
303) Defining a test case mutation strategy, namely selecting the input byte with the highest gradient value in each iteration and executing mutation operation on the input byte.
304) And increasing or decreasing the gradient value of the corresponding byte according to the variation result to ensure that the variation direction is performed towards the desired direction.
305) And a Nadam gradient optimization algorithm is added to guide the gradient updating process. The Nadam algorithm replaces the traditional momentum in the Adam algorithm by the Nesterov momentum, so that the learning rate is more strongly restricted, and the gradient updating can be more directly influenced. Specifically, it is calculated by the following formula:
where θ represents a learning parameter, t represents a training round, η represents a learning rate, and gtRepresents the gradient value m in the t-th training roundtAnd vtRespectively represent the gradient gtFirst order moment (mean) and second order moment (non-central variance),
representing the current momentum vector mtThe offset of (a) is corrected to estimate,
representing the current squared gradient vtIs estimated, e represents a smoothing term that avoids division by zero (typically taking the value of e to 10)-8),(1-β1) Represents mtDecay rate of (usually taken as beta)1The value is 0.9).
306) And continuously executing the process, and repeating the iteration for a plurality of times until the multilayer perceptron model converges.
In this embodiment, the specific steps of step 5) to implement the fuzz testing process are as follows:
501) and inputting a large number of generated test cases into the target program to be tested, and starting to perform the fuzzy test.
502) In the process of the fuzzing test, the control flow branches of the target program covered by the test cases and the detected position information causing the software program to crash are marked and recorded into the corresponding log behavior information file.
503) And storing the hit test case into a corresponding folder, and analyzing the program branch behavior characteristics contained in the hit case so as to update and optimize the multilayer perceptron model.
In summary, the technical solution substantially includes the following contents:
firstly, generating a seed case required by a Fuzzy test by using AFL (American Fuzzy Loop);
inputting the seed case serving as training data into a multilayer perceptron model, and performing a neural program smoothing process, wherein the specific contents are as follows:
the seed case data generated by the AFL is read into the program. The sequence of the seed case data is disturbed, afl-showmap is called to perform execution path tracking on a single case and return a captured tuple (tuple), and the tuple is used for acquiring branch information, so that the coverage condition of the program is measured. Finally, generating bitmap (for recording the boundary coverage rate) according to the information;
defining a multilayer perceptron model, wherein a Relu function is used as an activation function in a hidden layer in the model, a dropout algorithm is used for effectively avoiding model overfitting, and a softmax function is used as a smoothing function in an output layer of the model, so that the effect of program smoothing is achieved;
since the input length of the neural network is fixed, the length of the torrent file content is not fixed. Therefore, the seed files need to be padded with 0 bytes, so that the length of each seed file reaches a set threshold;
and carrying out disorder processing on the processed seed file again and using the processed seed file as a training data set. Training the multilayer perceptron model according to the set batch size;
after training of the training model is completed, the gradient is calculated by using the neurons of the output layer, and the variation of the seed file is guided by using the gradient information.
Thirdly, guiding the variation process of the test case by using a Nadam gradient optimization algorithm, wherein the specific contents are as follows:
setting an NAdam algorithm as a gradient optimization algorithm of the multilayer perceptron, and setting the learning rate to be 0.001;
the algorithm is used for optimization during the training of the multi-layer perceptron, and the optimization is approached.
Fourthly, inputting a large number of generated effective test cases into the target program to detect the fuzzy test effect, wherein the specific contents are as follows:
acquiring gradient data generated in the second process, and generating a large number of effective test cases by using the gradient data to guide variation;
and testing the target program by using the effective test cases, and outputting key log information such as boundary coverage rate, vulnerability discovery number and the like.
And fifthly, continuously learning and optimizing the multilayer perceptron model according to the test case result generated after the variation until the optimal convergence effect is achieved, wherein the specific contents are as follows:
acquiring a large number of effective test cases generated by variation in the fourth process, and taking the test cases as the input of the multilayer perceptron;
and mixing the test cases used in the previous training with the new test cases according to a certain proportion, and inputting the mixture into a multilayer perceptron to perform feature learning.
Sixthly, storing the model parameters for the following other tests, wherein the specific contents are as follows:
after each training (one training comprises a plurality of rounds), the multi-layer perceptron can save parameters during the training;
and when testing next time, reading data from the parameters stored in the last training, thereby improving the efficiency of model training.
The technical scheme is applied to practice, under a fuzzy test scene, a processing mode of smoothly approximating the branch behavior of a program by using a neural network is used, the branch behavior of the program is modeled by using a multilayer perceptron model, a variation strategy of a test case is constructed by using a gradient guide input generation technology, and the variation strategy is further optimized by using an advanced gradient guide optimization algorithm, so that higher code coverage rate is realized, and the method has the advantages of high code coverage rate, high execution efficiency and the like. The technical scheme can solve the problems of redundancy of test cases, low efficiency of variation strategies and the like in the traditional fuzzy test, and further guarantee that vulnerability mining is carried out on the target program efficiently and accurately.
Claims (10)
1. A software program safety detection method based on multi-layer perceptron smoothing is characterized by comprising the following steps:
s1, obtaining an initial seed case;
s2, inputting the initial seed case into a multilayer perceptron model for training, and combining a Nadam gradient optimization algorithm to guide the variation of the seed case to obtain a test case;
s3, inputting the test case into the target program to be tested, and obtaining a corresponding fuzzy test result through fuzzy test;
s4, carrying out iterative optimization on the multilayer perceptron model according to the set optimization iteration times by using the fuzzy test result obtained in the step S3 to obtain the optimized multilayer perceptron model;
s5, carrying out fuzzy test variation by combining a Nadam gradient optimization algorithm according to the optimized multilayer perceptron model to obtain an optimal test case;
and S6, inputting the optimal test case into the target program to be tested, and obtaining a final fuzzy test result through the fuzzy test.
2. The method as claimed in claim 1, wherein the step S1 is to input the corpus into an original fuzzifier AFL, and perform a preliminary fuzzification test using the AFL to obtain an initial seed case.
3. The method for detecting the safety of the software program based on the multi-layer perceptron smoothing as claimed in claim 1, wherein said step S2 specifically includes the following steps:
s21, carrying out data preprocessing on the initial seed case, tracking the path to obtain branch information and simultaneously generating a bitmap file, wherein the branch information is used for measuring the branch coverage condition of the program, and the bitmap file is used for recording the code edge coverage rate;
s22, constructing a multilayer perceptron model, filling, combining, cleaning and disordering seed cases, dividing all the seed cases into a training set and a testing set according to a set proportion, and training the multilayer perceptron model according to a set batch value to obtain a well-trained multilayer perceptron model;
and S23, calculating to obtain gradient information by using neurons of an output layer of the multi-layer perceptron model based on the trained multi-layer perceptron model, and guiding gradient updating by using a Nadam gradient optimization algorithm to make the seed cases generate variation so as to generate a plurality of effective test cases.
4. The method for detecting the safety of the software program based on the multi-layer perceptron smoothing of claim 3, wherein the step S21 specifically includes the following steps:
s211, reading the initial seed use case into a process _ data () function to carry out data preprocessing;
s212, disordering the sequence of the seed case data, calling afl-showmap to perform execution path tracking on a single case and returning the captured tuple to obtain branch information so as to measure the program branch coverage condition;
and S213, generating a bitmap file according to the branch information so as to record the code edge coverage rate.
5. The method for detecting the safety of the software program based on the multi-layer perceptron smoothing of claim 3, wherein the step S22 specifically includes the following steps:
s221, constructing a multilayer perceptron model;
s222, setting a maximum input threshold value m, and filling 0 byte for the seed case smaller than the threshold value m to ensure that the input length of the seed case is the same as that of the multilayer perceptron model;
s223, merging the seed cases covering the same edge, and removing the seed cases which cannot cover the edge label to promote the accelerated convergence of the model;
s224, performing disorder processing on the seed cases processed in the steps again, dividing the seed cases into a training set and a testing set according to a set proportion, and training the multilayer perceptron model according to a set batch size.
6. The method as claimed in claim 5, wherein the multilayer perceptron model is composed of an input layer, an output layer and three hidden layers, dropout is added to prevent overfitting, each input neuron in the input layer is represented as an input byte, and each output neuron in the output layer identifies a branch of a control flow.
7. The software program security detection method based on multi-layer perceptron smoothing of claim 6, characterized in that the output layer uses softmax function as smoothing function to achieve the effect of program smoothing; the three hidden layers respectively adopt Relu, Relu and softmax as activation functions.
8. The method for detecting the safety of the software program based on the multi-layer perceptron smoothing of claim 3, wherein the step S23 specifically includes the following steps:
s231, calculating a gradient by utilizing the neurons of the output layer based on the trained multilayer perceptron model, wherein the gradient value represents the change quantity of the input byte capable of influencing the output neurons of the last layer:
θt←θt-1-ηgt
wherein theta is a learning parameter, t is a training round,
for solving the gradient of the objective function, gtThe gradient value corresponding to the parameter theta in the tth training round is obtained, and eta is the learning rate;
s232, calculating a value between 0 and 1 for each gradient value to determine the influence of a given input byte on a specific control flow branch;
s233, defining a test case mutation strategy, namely selecting the input byte with the highest gradient value in each iteration, and performing mutation operation on the input byte;
s234, increasing and decreasing the gradient value of the corresponding byte according to the variation result to ensure that the variation direction is carried out towards the expected direction;
s235, adding a Nadam gradient optimization algorithm to guide a gradient updating process:
wherein m istAnd vtRespectively is a gradient gtThe first and second moments of (a),
for the current momentum vector mtThe offset of (a) is corrected to estimate,
for the current squared gradient vtIs a smoothing term that avoids division by zero, ((1- β))1) Is mtThe decay rate of (c).
9. The software program safety detection method based on multilayer perceptron smoothing of claim 1, characterized in that the specific process of the fuzz test is as follows:
inputting the test case into a target program to be tested, and starting to perform a fuzzy test;
in the process of the fuzzing test, marking the control flow branches of the target program covered by the test cases and the detected position information causing the software program to crash, and recording the position information into a corresponding log behavior information file;
and storing the hit test case into a corresponding folder, analyzing to obtain the program branch behavior characteristics contained in the hit case, and using the program branch behavior characteristics to update and optimize the multilayer perceptron model subsequently.
10. The method for detecting the safety of the software program based on the multi-layer perceptron smoothing of claim 1, wherein the specific process of step S4 is as follows: and acquiring a current test case, mixing the test case in the previous training with the current test case according to a certain proportion to be used as input of the multilayer perceptron model, and performing iterative updating optimization on the multilayer perceptron model by combining a previous fuzzy test result until a set iteration number is reached to obtain the optimized multilayer perceptron model.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111538428.8A CN114297053A (en) | 2021-12-15 | 2021-12-15 | Software program safety detection method based on multi-layer perceptron smoothing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111538428.8A CN114297053A (en) | 2021-12-15 | 2021-12-15 | Software program safety detection method based on multi-layer perceptron smoothing |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114297053A true CN114297053A (en) | 2022-04-08 |
Family
ID=80966963
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111538428.8A Pending CN114297053A (en) | 2021-12-15 | 2021-12-15 | Software program safety detection method based on multi-layer perceptron smoothing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114297053A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115237797A (en) * | 2022-08-03 | 2022-10-25 | 中国电子科技集团公司信息科学研究院 | Coverage guidance-based fuzzy test method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112069061A (en) * | 2020-08-19 | 2020-12-11 | 北京科技大学 | Software security vulnerability detection method and system for deep learning gradient guidance variation |
| EP3761238A1 (en) * | 2019-07-01 | 2021-01-06 | Institut Mines-Telecom | Devices and methods for machine learning assisted precoding |
| WO2021000411A1 (en) * | 2019-07-04 | 2021-01-07 | 平安科技(深圳)有限公司 | Neural network-based document classification method and apparatus, and device and storage medium |
| CN112925710A (en) * | 2021-02-26 | 2021-06-08 | 西南民族大学 | Fuzzy testing method based on gradient descent optimization |
-
2021
- 2021-12-15 CN CN202111538428.8A patent/CN114297053A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3761238A1 (en) * | 2019-07-01 | 2021-01-06 | Institut Mines-Telecom | Devices and methods for machine learning assisted precoding |
| WO2021000411A1 (en) * | 2019-07-04 | 2021-01-07 | 平安科技(深圳)有限公司 | Neural network-based document classification method and apparatus, and device and storage medium |
| CN112069061A (en) * | 2020-08-19 | 2020-12-11 | 北京科技大学 | Software security vulnerability detection method and system for deep learning gradient guidance variation |
| CN112925710A (en) * | 2021-02-26 | 2021-06-08 | 西南民族大学 | Fuzzy testing method based on gradient descent optimization |
Non-Patent Citations (4)
| Title |
|---|
| (中国)文必龙,杨永: "《普通高等院校数据科学与大数据技术专业"十三五"规划教材 Python语言程序设计基础》", 31 May 2019, 华中科技大学出版社, pages: 241 * |
| FSTARK: "Fuzzbook系列(5):基于变异的模糊测试", pages 1 - 4, Retrieved from the Internet <URL:《https://www.freebuf.com/articles/security-management/267799.html 》> * |
| 周裔欢: "基于深度学习的网络协议漏洞挖掘方法研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》, no. 07, 15 July 2020 (2020-07-15), pages 139 - 104 * |
| 言有三: "《深度学习之人脸图像处理 核心算法与案例实战》", 31 July 2020, 机械工业出版社, pages: 45 - 46 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115237797A (en) * | 2022-08-03 | 2022-10-25 | 中国电子科技集团公司信息科学研究院 | Coverage guidance-based fuzzy test method and device |
| CN115237797B (en) * | 2022-08-03 | 2023-09-08 | 中国电子科技集团公司信息科学研究院 | Fuzzy test method and device based on coverage rate guidance |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11610131B2 (en) | Ensembling of neural network models | |
| CN111259393B (en) | Malicious software detector concept drift resistance method based on generation countermeasure network | |
| CN110321603B (en) | Depth calculation model for gas path fault diagnosis of aircraft engine | |
| CN112069061B (en) | Software security vulnerability detection method and system for deep learning gradient guidance variation | |
| Harutyunyan et al. | Improving generalization by controlling label-noise information in neural network weights | |
| CN110232280B (en) | Software security vulnerability detection method based on tree structure convolutional neural network | |
| CN109902024B (en) | Ash-box testing method and device sensitive to program path | |
| CN111258909B (en) | Test sample generation method and device | |
| CN110956309A (en) | Flow activity prediction method based on CRF and LSTM | |
| Liu et al. | Root-cause analysis for time-series anomalies via spatiotemporal graphical modeling in distributed complex systems | |
| Mishra et al. | Reliable local explanations for machine listening | |
| CN112668809A (en) | Method for establishing autism child rehabilitation effect prediction model and method and system for predicting autism child rehabilitation effect | |
| Gogri et al. | Machine learning-guided stimulus generation for functional verification | |
| CN114297053A (en) | Software program safety detection method based on multi-layer perceptron smoothing | |
| CN117350386B (en) | Event tracing reasoning method and system | |
| CN116739100A (en) | Vulnerability detection method of quantum neural network and automatic driving vulnerability detection method | |
| CN107229944B (en) | Semi-supervised active identification method based on cognitive information particles | |
| CN115203690A (en) | Deep learning model security reinforcement method based on abnormal deviation type neurons | |
| CN114492174A (en) | Full life cycle shield tunneling parameter prediction method and device | |
| Yi et al. | A Coverage-Guided Fuzzing Framework based on Genetic Algorithm for Neural Networks | |
| CN111881040A (en) | Test data generation method of abstract state model based on recurrent neural network | |
| CN116361190B (en) | Deep learning variation test method based on neuron correlation guidance | |
| CN116680164A (en) | Circulation code test data generation method based on deep learning fuzzy test | |
| CN118312157B (en) | Program development auxiliary method based on generation type AI | |
| CN117493220B (en) | RPA flow operation abnormity detection method, device and storage device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |