CN115795483B - Software vulnerability detection method based on artificial fish swarm algorithm - Google Patents
Software vulnerability detection method based on artificial fish swarm algorithm Download PDFInfo
- Publication number
- CN115795483B CN115795483B CN202310024001.9A CN202310024001A CN115795483B CN 115795483 B CN115795483 B CN 115795483B CN 202310024001 A CN202310024001 A CN 202310024001A CN 115795483 B CN115795483 B CN 115795483B
- Authority
- CN
- China
- Prior art keywords
- seed
- seeds
- program
- path
- state
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 241000251468 Actinopterygii Species 0.000 title claims abstract description 44
- 238000001514 detection method Methods 0.000 title claims abstract description 24
- 238000000034 method Methods 0.000 claims abstract description 40
- 230000008569 process Effects 0.000 claims abstract description 14
- 230000035772 mutation Effects 0.000 claims description 36
- 230000002431 foraging effect Effects 0.000 claims description 16
- 238000011156 evaluation Methods 0.000 claims description 9
- 108010015046 cell aggregation factors Proteins 0.000 claims description 8
- 230000005856 abnormality Effects 0.000 claims description 6
- 230000002776 aggregation Effects 0.000 claims description 6
- 238000004220 aggregation Methods 0.000 claims description 6
- 230000002159 abnormal effect Effects 0.000 claims description 5
- 238000004364 calculation method Methods 0.000 claims description 3
- 238000012360 testing method Methods 0.000 abstract description 37
- 230000000694 effects Effects 0.000 abstract description 11
- 238000005516 engineering process Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 230000007547 defect Effects 0.000 description 4
- 238000004458 analytical method Methods 0.000 description 3
- 238000005065 mining Methods 0.000 description 3
- 230000003044 adaptive effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000004069 differentiation Effects 0.000 description 2
- 235000013305 food Nutrition 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012804 iterative process Methods 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000013138 pruning Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000010187 selection method Methods 0.000 description 1
- 230000004083 survival effect Effects 0.000 description 1
- 230000008685 targeting Effects 0.000 description 1
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to the technical field of software vulnerability detection and discloses a software vulnerability detection method based on an artificial fish swarm algorithm. The method solves the problems of poor vulnerability detection effect, low efficiency, difficulty in tracking program execution conditions and the like in the fuzzy test process in the prior art.
Description
Technical Field
The invention relates to the technical field of software vulnerability detection, in particular to a software vulnerability detection method based on an artificial fish swarm algorithm.
Background
With the popularization and application of computers and computer networks, the software industry has been rapidly developed, and the software industry has entered into the daily life of ordinary people from the professional fields of national defense technology, medical and health, financial securities, and the like. The software functions are stronger and the complexity of the software is increased, so that the safety of the software is uncontrollable. On the other hand, the high-value 0day loopholes are obtained by performing loopholes mining on the software, targets are hidden and precisely hit by using the loopholes, and the security protection system does not have the capability of detecting the loopholes, so that the attack often has serious influence on the target system, and the tracing of the source is not easy. It can be seen that there is an urgent need for improving the security of software programs.
Vulnerability detection is an effective means for improving the reliability and safety of software, and can discover vulnerabilities as soon as possible, thereby notifying software manufacturers to repair and avoiding the vulnerabilities from being utilized by hackers. The timeliness requirement of software vulnerability detection results in that the detection activity performed mainly by virtue of manual experience cannot be suitable for the development of technology, the complexity of application software is continuously increased, so that manual detection needs to occupy extremely high labor cost, researchers with abundant experience are required to spend great effort to reversely analyze the program execution flow, and the period is long and the efficiency is low. Therefore, automatic vulnerability discovery and detection technology is the key direction of research. Currently common automatic vulnerability discovery techniques include fuzzy testing, taint analysis, symbolic execution, etc., and fuzzy testing is one of the very effective techniques in these directions.
The fuzzy test is used as an important vulnerability mining and detection technology direction, and the effect is obvious, but the current defects are not visible, such as:
(1) When the complexity of a data structure input by a software program is high, the randomly generated seed file is likely to pass through a verification function or a grammar analysis function at the initial stage of the program, and the effect is often not ideal;
(2) The existing fuzzy test has low efficiency, the generated seed files have undefined targeting, a large number of redundant seed files can be constructed for ensuring the basic code coverage capability, the burden of a test engine is increased intangibly, and the fuzzy test effect is not ideal;
(3) The current fuzzy test technology generally adopts a random mechanism or a predefined template mode when generating a seed file, and when deep reverse analysis is not performed on a target program, the program execution flow is difficult to clearly construct, and the program execution condition cannot be tracked.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides a software vulnerability detection method based on an artificial fish swarm algorithm, which solves the problems of poor vulnerability detection effect, low efficiency, difficulty in tracking program execution conditions and the like in the fuzzy test process in the prior art.
The invention solves the problems by adopting the following technical scheme:
a software vulnerability detection method based on an artificial fish swarm algorithm is used for constructing a model for executing seed variation based on the artificial fish swarm algorithm, calculating path energy parameters of seeds through state parameters of a seed file, and determining an optimal state of single seeds and an optimal state of a seed queue based on the path energy parameters so as to pick out optimal seeds to be mutated.
As a preferred technical scheme, the method comprises the following steps:
s1, acquiring an original seed data set: acquiring an original seed dataset;
s2, generating a seed queue: generating a seed queue by using the original seed data set, sequentially inputting the seed queue into a software program, tracking the running state of the program by using code instrumentation, and recording the path coverage index, the path depth index and the branch path number index;
s3, obtaining optimal seeds: constructing a seed variation model by using an artificial fish swarm algorithm to obtain optimal seeds;
s4, program running: inputting the optimal seed into a software program for running, and observing the running state of the optimal seed program;
s5, abnormality judgment: judging whether the program is abnormal or not; if yes, recording the running state; if not, updating the global state of the seed, and returning to the step S2.
As a preferred technical solution, step S3 includes the following steps:
s31, acquiring basic state information of seeds;
s32, calculating the fitness value of each seed, and obtaining the state of the global optimal solution seed;
s33, carrying out evaluation on each seed, and determining a seed variation mode according to an evaluation result.
As a preferred technical solution, in step S31, the basic state information includes a total number Num of seeds in the queue, a Size occupied by a storage space of the seeds, a Time for executing the seeds, a code path coverage rate FwRate of the seeds, a low frequency path duty ratio LowRate, a path Depth, a path Branch number Branch, a number of times of evaluating the seeds, a seed aggregation factor Ω, and a threshold Time for Time consuming execution of the seed program.
As a preferred technical solution, in step S32, the calculation formula is as follows:
wherein,,
timeassss = seed program execution time/average time for all seeds;
sizeasss = storage space footprint of seed/average size of all seeds.
As a preferred technical solution, in step S33, the method for determining that the seed variation mode is foraging variation is:
setting the seed of the globally optimal solution as X max The current seed state is i, and the seed X is randomly selected near the current seed queue position j In the process of solving the maximum value of the path energy parameter, if Power i <Power j Then to X max And X j Is stepped by the position increment of one seed;
a random value between the position increment of one seed= (0, 1) seed mutation byte number (X j Seed state vector+optimal solution seed X max State vector-X of (2) i State vector of seed)/seed size difference;
if the foraging type variation condition is not met, randomly selecting seeds again, and evaluating whether the current seeds meet the variation condition or not; if the condition is still not met after evaluating Select num times, bytes are randomly selected for mutation.
As a preferred technical solution, in step S33, the seed mutation mode is a clustered mutation, and the method for determining that the seed mutation mode is a clustered mutation is as follows:
setting the seed of the globally optimal solution as X max Current seed shapeThe state is i, referring to the number of partner seeds n and the central position X immediately surrounding the current seed code path coverage value z If the ratio of the program fitness of the center of the current seed position and the number of seeds of the center of the current seed position is larger than the product of the aggregation factor omega and the program fitness of the current seed, the center of the partner seed can trigger a plurality of program crashes, and the aggregation degree among the partner seeds is not high, X can be given z And X max Is mutated in the vector and direction; if the condition of the group type mutation is not satisfied, foraging type mutation is performed.
As a preferable technical solution, in step S33, the method for determining that the seed variation mode is rear-end collision variation is:
setting the seed of the globally optimal solution as X max The current seed state is X i With reference to the maximum Power immediately surrounding the current seed code path coverage value j Partner X of (2) j If X j The ratio of program fitness to the number of nearby partner seeds is greater than the product of the aggregation factor Ω and the current seed program fitness, indicating partner seed X j Can trigger a plurality of program crashes, and the aggregation degree among nearby seeds is not high, then X can be selected j And X max Is mutated in the vector and direction of (a).
As a preferred technical solution, in step S33, the seed mutation mode is a jump type mutation, and the method for determining that the seed mutation mode is a jump type mutation is as follows:
selecting seeds with the low-frequency path ratio exceeding half and the path depth being greater than 3 in the seed queue, triggering a new path, and randomly setting variation parameters of the selected seeds; wherein, the mutated state of a selected seed=the current state+ (0, 1) random value is the set parameter.
Compared with the prior art, the invention has the following beneficial effects:
(1) When the seed to be mutated is selected, the multi-type state information of the seeds needs to be considered, the seed state information can be acted on the seed to be mutated by using an artificial fish swarm algorithm with smaller operation cost, and in addition, the requirement on an initial seed subset is low, the local convergence is fast, and the robustness is stronger; the variation model can more efficiently select excellent seeds for variation when the fuzzy test is performed on a large-scale software program, so that the fuzzy test efficiency is improved;
(2) When the seed variation selection model is constructed, the invention takes the path energy of the seeds (the adaptability in the artificial fish swarm algorithm) as the selection basis, the seed queue is continuously and iteratively updated in the whole fuzzy test process, and the energy parameters of the seeds are dynamically calculated by combining the multidimensional information of the seeds, so that the evaluation unbalance caused by insufficient considered dimension is eliminated, the new path discovery capability in the fuzzy test process is enhanced, the constraint of various instruction conditions of the program is broken through, and the deep part of program nesting is reached;
(3) The invention can preferentially find out program abnormality in the low-frequency path, expands the path execution depth, comprehensively considers the execution timeliness and improves the fuzzy test efficiency;
(4) The invention sets four variation modes of foraging type variation, clustered type variation, tail-following type variation and jump type variation in the seed variation model so as to balance test effect and execution time, and can improve differentiation among seeds and support continuous operation capability of test.
Drawings
FIG. 1 is a schematic diagram of a software vulnerability detection method based on an artificial fish swarm algorithm according to the present invention;
fig. 2 is a flowchart of a software vulnerability detection method based on an artificial fish swarm algorithm according to embodiment 1 of the present invention.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but embodiments of the present invention are not limited thereto.
Example 1
As shown in fig. 1 to 2, the invention provides a software vulnerability detection method based on an artificial fish swarm algorithm, which is applied to the technical field of software vulnerability detection, wherein a seed variation model adopts the artificial fish swarm algorithm to realize foraging type variation, clustered type variation, tail-following type variation and jump type variation of seeds; the path energy parameter is introduced as an adaptability value in the artificial fish shoal, and the setting of the energy parameter is guided based on state values such as the total number of seeds in the queue, the occupied size of the storage space of the seeds, the execution time of the seeds, the code path coverage rate of the seeds, the low-frequency path duty ratio, the path depth, the path branch number, the estimated number of the seeds and the like. When the seed file covers the low frequency path, the energy parameter of the seed file is given a high weight to explore more program path branches. According to the method and the device, the path depth of the seed file in the fuzzy test process can be effectively improved, more code blocks are covered, and a better vulnerability detection effect is obtained.
Technical terms related to the invention are explained as follows:
software vulnerabilities:
software vulnerabilities refer to a flaw in the security of a computer system or software that threatens the confidentiality, integrity, availability, access control, etc. of the system or its application data. These defects or inadequacies during program operation can be triggered under certain conditions, causing runaway of program processing logic.
Fuzzy test:
fuzzing (fuzzing) is an automated software hidden vulnerability testing technique. The core idea is to input random seed file data generated by mutation into a tested software program, and observe abnormal program output, such as crashes and assertion (assertion) failure, so as to discover possible program defects or errors, such as memory leakage. Fuzzing is often used to mine computer systems or software for security vulnerabilities.
Program path:
after the software program is loaded into the seed file, the software program runs according to the execution logic converted into the machine instruction, and a unique instruction sequence called a program path is obtained after the execution.
Artificial fish swarm algorithm:
the fish in the water needs to maintain the survival and development of the fish by continuously foraging, and research shows that the fish can gather in the water area rich in food in the process of foraging food. The artificial fish swarm algorithm realizes optimal solution by utilizing the characteristics of fishes, and realizes local to global optimization by constructing artificial fishes to simulate basic actions of the fishes, such as gathering, foraging, rear-end collision and the like.
Aiming at the problems of high redundancy of the generated seed file, less dimensionality of the optimal seed selection method, insufficient importance on the explored low-frequency path and the like in the existing fuzzy test technology, the invention provides a software vulnerability detection method based on an artificial fish swarm algorithm, which aims to improve the path depth of the seed file in the fuzzy test process, cover more code blocks and obtain a better vulnerability mining effect. According to the method, an artificial fish swarm algorithm is adopted to construct a variation model of a seed queue, path energy parameters (adaptability in the artificial fish swarm algorithm) of seeds are calculated through state parameters of a seed file, and an optimal state of single seeds and an optimal state of the seed queue are determined based on the path energy so as to select optimal seeds to be mutated.
The artificial fish school seed variation method aiming at the software fuzzy test mainly comprises the following steps:
(1) The original seed data set is obtained, and the pruning tool is used for removing oversized files and repeated files.
(2) Generating a seed queue, sequentially inputting software programs, tracking the running state of the programs by using code instrumentation, and recording indexes such as path coverage, path depth, branch path number and the like.
(3) And constructing a seed variation model by using an artificial fish swarm algorithm to obtain optimal seeds. The specific flow is as shown in fig. 2, and is realized as follows:
1) Firstly, basic state information such as the total number Num of seeds in a queue, the storage space occupation Size of the seeds, the execution Time TimeExc of the seeds, the code path coverage rate FwRate of the seeds, the low-frequency path duty ratio LowRate, the path Depth Depth, the path Branch number Branch, the number of times of seed evaluation SelectNum, the seed aggregation factor omega and the Time-consuming threshold Time of seed program execution are acquired.
2) Because a higher path energy parameter represents a better seed effect, the path energy value Power may be used as the fitness value. And calculating the fitness value of each seed, and obtaining the state of the global optimal solution seed.
Wherein,,
timeassss = seed program execution time/average time for all seeds;
sizeasss = storage space footprint of seed/average size of all seeds.
3) And carrying out evaluation on each seed, and determining a seed variation mode according to an evaluation result, wherein the seed variation mode comprises foraging type variation, clustered type variation, trail type variation and jump type variation.
A. Variation in foraging
Setting the seed of the globally optimal solution as X max The current seed state is i, and seed X is randomly selected near its queue position j Power in solving for the maximum of the path energy parameter i <Power j Then to X max And X j Is stepped by one seed position increment unit.
A random value between the position increment unit of one seed= (0, 1) seed mutation byte number (X j Seed state vector+optimal solution seed X max State vector-X of (2) i State vector of seed)/seed size difference.
If the foraging type variation condition is not satisfied, randomly selecting seeds again, and evaluating whether the seeds accord with the variation condition; if the condition is still not met after evaluating Select num times, bytes are randomly selected for mutation.
B. Clustered variation
Setting the seed of the globally optimal solution as X max The current seed status is i, referring to the number of partner seeds n and the center position X near the current seed code path coverage value z If the ratio of the center program fitness to the center seed number is greater than the product of the aggregate factor Ω and the current seed program fitnessLarge, the center of the partner seed can trigger a few program crashes, and the aggregation degree among the partner seeds is not high, then X can be given z And X max Is mutated in the vector and direction of (a).
C. Tail-following variation
Setting the seed of the globally optimal solution as X max The current seed state is X i Referring to maximum Power around the current seed code Path coverage value j Partner X of (2) j If X j The ratio of program fitness to the number of nearby partner seeds is greater than the product of the aggregation factor Ω and the current seed program fitness, indicating partner seed X j Can trigger a plurality of program crashes, and the aggregation degree among nearby seeds is not high, then X can be selected j And X max Is mutated in the vector and direction of (a).
D. Jump type variation
The low-frequency path in the selected seed queue has high ratio and large path depth, the seeds of the new path are triggered, and the variation parameters of the selected seeds are randomly set.
Post-mutation status of a selected seed = current status + (0, 1) random value × set parameter × code path coverage of the selected seed.
The random parameter setting is mainly used for making some low-frequency paths have high coverage or triggering seeds of new paths to jump over the current local optimal conditions.
4) After the seed mutation is executed, the seeds after mutation are added to the queue in time.
5) Global state information of the seed queue, in particular the optimal seed state, is updated.
(4) Inputting optimal seeds into a program for running, determining the running state of a current fuzzy test by a state scheduling module in the program, selecting the seeds with the shortest distance from a seed pool if the program is abnormal (such as program breakdown), performing times less and finding out the seeds with more paths, determining the energy of the seeds according to the distances of the seeds, and distributing more energy to the seeds with the shorter distances; and then carrying out adaptive mutation on the selected seeds, mainly adopting fine granularity mutation on the seeds with small distance to prevent the execution path of the generated test case from deviating from the target code area, and recording the running state. In this stage, through fuzzy test, the obtained software bug crash test cases are analyzed to obtain the position information and occurrence reasons of the suspicious bug, and the crash matched with the suspicious bug is found. Matching the line where the crash occurs with the suspicious hole line by adopting source code line level matching, if the line is consistent with the suspicious hole line, the crash case can trigger the suspicious hole, the matching is successful, the crash case is used as the input for triggering the suspicious hole, and a hole verification report is obtained, wherein the report comprises the suspicious hole position, the input for triggering the hole and the occurrence reason of the crash.
(5) And inputting the optimal seeds into a program for running, wherein a state scheduling module in the program determines the running state of the current fuzzy test, and if the program is normal, seeds with high execution speed and long execution path are selected from a seed pool. Then determining the energy of the seeds according to the distance between the seeds, wherein the seeds with high energy have more variation times, and the seeds with long distance are distributed with less energy; then, the selected seeds are subjected to adaptive mutation, and coarse granularity mutation is mainly adopted for the seeds with large distance. And then calculating the distance of the new test case obtained by variation, adding the test case into a seed pool as a new seed, continuously obtaining seeds with smaller distance in the iterative process, finally obtaining seeds with execution paths reaching or passing through suspicious hole positions, finding out crash cases near the suspicious hole positions, updating the global state of the seeds, and jumping to execute the step (2), wherein the above processes are circularly reciprocated.
According to the invention, an artificial fish swarm algorithm is adopted to construct a variation model of the seed queue, the path energy parameter (the adaptability in the artificial fish swarm algorithm) of the seed is calculated through the state parameter of the seed file, and the optimal state of the single seed and the optimal state of the seed queue are determined based on the path energy so as to select the optimal seed to be mutated. When the seed selection process to be mutated is carried out, the multi-type state information of the seeds needs to be considered, the seed state information can be acted on the seed selection to be mutated by using an artificial fish swarm algorithm with smaller operation cost, and in addition, the requirement on an initial seed subset is low, the local convergence is fast, and the robustness is strong. The variation model can more efficiently select excellent seeds for variation when the fuzzy test is carried out on a large-scale software program, and improves the fuzzy test efficiency.
When the invention builds a seed variation selection model, the seed queue is continuously and iteratively updated in the whole fuzzy test process by taking the path energy of the seeds (the adaptability in the artificial fish swarm algorithm) as the selection basis, and the energy parameters of the seeds are dynamically calculated by combining the multidimensional information of the seeds, so that the evaluation unbalance caused by insufficient considered dimension is eliminated, the new path discovery capability in the fuzzy test process is enhanced, the constraint of various instruction conditions of a program is broken through, and the deep part of program nesting is reached.
The invention obtains the basic state information of seeds such as the occupied Size of the storage space, the execution time TimeExc of the seeds, the code path coverage rate Fwrite rate of the seeds, the low-frequency path duty ratio LowRate, the path Depth Depth, the estimated number of times of seeds SelectNum and the like when determining the path energy of the seeds, and the specific functions are as follows:
based on the energy calculation function, program abnormality under a low-frequency path can be preferentially found, the path execution depth is expanded, the execution timeliness is comprehensively considered, and the fuzzy test efficiency is improved.
The fuzzy test seed mutation system based on the artificial fish swarm algorithm is used for realizing the software vulnerability detection method based on the artificial fish swarm algorithm, and comprises the following modules connected in sequence:
the primordial seed data set acquisition module: for obtaining an original seed dataset;
generating a seed queue module: the method comprises the steps of generating a seed queue by utilizing an original seed data set, sequentially inputting the seed queue into a software program, tracking the running state of the program by utilizing code instrumentation, and recording a path coverage index, a path depth index and a branch path number index;
an optimal seed acquisition module: the method comprises the steps of constructing a seed variation model by using an artificial fish swarm algorithm to obtain optimal seeds;
program operation module: the method comprises the steps of inputting an optimal seed program to run, and observing the running state of the optimal seed program;
the abnormality judgment module: judging whether the program is abnormal or not; if yes, recording the running state; if not, updating the global state of the seeds, and circularly producing a seed queue;
the abnormality judgment module is also connected with the seed queue generation module.
The invention sets four variation modes of foraging type variation, clustered type variation, tail-following type variation and jump type variation in the seed variation model so as to balance test effect and execution time, and can improve differentiation among seeds and support continuous operation capability of test.
As described above, the present invention can be preferably implemented.
All of the features disclosed in all of the embodiments of this specification, or all of the steps in any method or process disclosed implicitly, except for the mutually exclusive features and/or steps, may be combined and/or expanded and substituted in any way.
The foregoing description of the preferred embodiment of the invention is not intended to limit the invention in any way, but rather to cover all modifications, equivalents, improvements and alternatives falling within the spirit and principles of the invention.
Claims (6)
1. A software vulnerability detection method based on an artificial fish swarm algorithm is characterized in that a seed mutation model is constructed based on the artificial fish swarm algorithm, path energy parameters of seeds are calculated through state parameters of a seed file, an optimal state of single seeds and an optimal state of a seed queue are determined based on the path energy parameters, the seed mutation model is constructed by utilizing the artificial fish swarm algorithm, optimal seeds are obtained, and therefore optimal seeds to be mutated are selected;
the method for obtaining the optimal seeds comprises the following steps:
s31, acquiring basic state information of seeds;
s32, calculating the fitness value of each seed, and obtaining the state of the global optimal solution seed;
s33, carrying out evaluation on each seed, and determining a seed variation mode according to an evaluation result;
in step S31, the basic state information includes the total number Num of seeds in the queue, the Size occupied by the storage space of the seeds, the Time TimeExc for executing the seeds, the code path coverage rate FwRate of the seeds, the low frequency path duty ratio LowRate, the path Depth, the path Branch number Branch, the number of times the seeds are evaluated, the seed aggregation factor Ω, and the threshold Time for consuming the execution of the seed program;
in step S32, the calculation formula is:
wherein,,
timeassss = seed program execution time/average time for all seeds;
sizeasss = storage space footprint of seed/average size of all seeds.
2. The method for detecting software vulnerabilities based on artificial fish shoal algorithm according to claim 1, comprising the steps of:
s1, acquiring an original seed data set: acquiring an original seed dataset;
s2, generating a seed queue: generating a seed queue by using the original seed data set, sequentially inputting the seed queue into a software program, tracking the running state of the program by using code instrumentation, and recording the path coverage index, the path depth index and the branch path number index;
s3, obtaining optimal seeds: constructing a seed variation model by using an artificial fish swarm algorithm to obtain optimal seeds;
s4, program running: inputting the optimal seed into a software program for running, and observing the running state of the optimal seed program;
s5, abnormality judgment: judging whether the program is abnormal or not; if yes, recording the running state; if not, updating the global state of the seed, and returning to the step S2.
3. The method for detecting software vulnerabilities based on artificial fish swarm algorithm according to claim 2, wherein in step S33, the seed variation mode is foraging variation, and the method for determining the seed variation mode is foraging variation is as follows:
setting the seed of the globally optimal solution as X max The current seed state is i, and the seed X is randomly selected near the current seed queue position j In the process of solving the maximum value of the path energy parameter, if Power i Less than Power j Then to X max And X j Is stepped by the position increment of one seed;
a random value between the position increment of one seed= (0, 1) seed mutation byte number (X j Seed state vector+optimal solution seed X max State vector-X of (2) i State vector of seed)/seed size difference;
if the foraging type variation condition is not met, randomly selecting seeds again, and evaluating whether the current seeds meet the variation condition or not; if the condition is still not met after evaluating Select num times, bytes are randomly selected for mutation.
4. The method for detecting software vulnerabilities based on artificial fish swarm algorithm according to claim 3, wherein in step S33, the seed mutation mode is clustered mutation, and the method for determining the seed mutation mode is clustered mutation is:
setting the seed of the globally optimal solution as X max The current seed status is i, referring to the number of immediately surrounding partner seeds n and the center position X around the current seed code path coverage value z If the ratio of the program fitness of the center of the current seed position to the number of seeds of the center of the current seed position is greater than the product of the aggregation factor omega and the program fitness of the current seed, it is indicated that the center of the partner seed may trigger a few program crashes and that the partnerThe aggregation degree between seeds is not high, and the seeds can be oriented towards X z And X max Is mutated in the vector and direction; if the condition of the group type mutation is not satisfied, foraging type mutation is performed.
5. The method for detecting software vulnerabilities based on artificial fish swarm algorithm according to claim 4, wherein in step S33, the seed variation mode is rear-end collision variation, and the method for determining the seed variation mode is rear-end collision variation is as follows:
setting the seed of the globally optimal solution as X max The current seed state is X i With reference to the maximum Power immediately surrounding the current seed code path coverage value j Partner X of (2) j If X j The ratio of program fitness to the number of nearby partner seeds is greater than the product of the aggregation factor Ω and the current seed program fitness, indicating partner seed X j Can trigger a plurality of program crashes, and the aggregation degree among nearby seeds is not high, then X can be selected j And X max Is mutated in the vector and direction of (a).
6. The method for detecting software vulnerabilities based on an artificial fish swarm algorithm according to claim 4, wherein in step S33, the seed mutation mode is a jump type mutation, and the method for determining the seed mutation mode is a jump type mutation is as follows:
selecting seeds with the low-frequency path ratio exceeding half and the path depth being greater than 3 in the seed queue, triggering a new path, and randomly setting variation parameters of the selected seeds; wherein, the mutated state of a selected seed=the current state+ (0, 1) random value is the set parameter.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310024001.9A CN115795483B (en) | 2023-01-09 | 2023-01-09 | Software vulnerability detection method based on artificial fish swarm algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310024001.9A CN115795483B (en) | 2023-01-09 | 2023-01-09 | Software vulnerability detection method based on artificial fish swarm algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115795483A CN115795483A (en) | 2023-03-14 |
| CN115795483B true CN115795483B (en) | 2023-04-21 |
Family
ID=85428780
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310024001.9A Active CN115795483B (en) | 2023-01-09 | 2023-01-09 | Software vulnerability detection method based on artificial fish swarm algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115795483B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117556428B (en) * | 2024-01-10 | 2024-04-05 | 中国人民解放军战略支援部队航天工程大学 | Seed scheduling and evaluating method and device for fuzzy test |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108416219A (en) * | 2018-03-18 | 2018-08-17 | 西安电子科技大学 | A kind of Android binary files leak detection method and system |
| CN109376921A (en) * | 2018-10-15 | 2019-02-22 | 河南理工大学 | Based on hereditary artificial fish school optimization RBF neural short-term load forecasting method |
| CN114756471A (en) * | 2022-04-25 | 2022-07-15 | 尚蝉(浙江)科技有限公司 | Vulnerability type oriented fuzzy test method and system based on byte sensitive energy distribution |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8977596B2 (en) * | 2012-12-21 | 2015-03-10 | Zetta Inc. | Back up using locally distributed change detection |
-
2023
- 2023-01-09 CN CN202310024001.9A patent/CN115795483B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108416219A (en) * | 2018-03-18 | 2018-08-17 | 西安电子科技大学 | A kind of Android binary files leak detection method and system |
| CN109376921A (en) * | 2018-10-15 | 2019-02-22 | 河南理工大学 | Based on hereditary artificial fish school optimization RBF neural short-term load forecasting method |
| CN114756471A (en) * | 2022-04-25 | 2022-07-15 | 尚蝉(浙江)科技有限公司 | Vulnerability type oriented fuzzy test method and system based on byte sensitive energy distribution |
Non-Patent Citations (3)
| Title |
|---|
| 冯洋洋.基于人工鱼群算法的网络信息加密漏洞检测系统.《信息通信》.2020,(第12期),第53页. * |
| 周鑫等.多目标聚类鱼群算法配电网无功规划.云南电力技术.2016,(第1期),第9-11页. * |
| 唐莉等.人工鱼群算法的改进.《计算机技术与发展》.2016,第26卷(第11期),第37-40页. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115795483A (en) | 2023-03-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Peng et al. | An improved feature selection algorithm based on ant colony optimization | |
| Stein et al. | Decision tree classifier for network intrusion detection with GA-based feature selection | |
| Li et al. | LNNLS-KH: a feature selection method for network intrusion detection | |
| Darshan et al. | Performance evaluation of filter-based feature selection techniques in classifying portable executable files | |
| CN115795483B (en) | Software vulnerability detection method based on artificial fish swarm algorithm | |
| Ghosh et al. | Proposed GA-BFSS and logistic regression based intrusion detection system | |
| Anusha et al. | Comparative study for feature selection algorithms in intrusion detection system | |
| CN112001423B (en) | Open set identification method, device, equipment and medium for APT malicious software organization | |
| CN112668697A (en) | Fuzzy test method and system for flight control parameters of unmanned aerial vehicle | |
| CN117061236A (en) | Fuzzy test method for network protocol | |
| Guendouzi et al. | GAB-BBO: adaptive biogeography based feature selection approach for intrusion detection | |
| CN111431865B (en) | Network deep threat detection method | |
| CN111897735B (en) | Fuzzy test case selection method and device based on particle swarm and multiple standards | |
| CN115169131A (en) | Toughness-based combat system node protection method and device and electronic equipment | |
| Zhang et al. | Detecting network intrusion using probabilistic neural network | |
| Dass et al. | A sensitivity analysis of evolutionary algorithms in generating secure configurations | |
| Gursaran | Program test data generation branch coverage with genetic algorithm: Comparative evaluation of a maximization and minimization approach | |
| Liu et al. | Efficient Defense Decision‐Making Approach for Multistep Attacks Based on the Attack Graph and Game Theory | |
| Jianfeng et al. | An improved algorithm for test data generation based on particle swarm optimization | |
| LIU et al. | MC/DC Test Data Generation Algorithm Based on Whale Genetic Algorithm | |
| CN117633541B (en) | Parameter variable controllable sample generation method for game countermeasure scheme evaluation | |
| Bin et al. | Automatic test data generation tool based on genetic simulated annealing algorithm | |
| Decraene et al. | Evolving agent-based model structures using variable-length genomes | |
| Lefticaru et al. | Automated model design using genetic algorithms and model checking | |
| Poorjandaghi et al. | A robust evolutionary algorithm for large scale optimization |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |