Considering the features of the traditional Fuzzing technology,a method is proposed for Fuzzing test case generating in vulnerability exploiting,which is aimed at nonlinear solution and single input problem.This method takes advantage of the genetic algorithm and deals with those two problems mentioned above.The experiment results show that,the proposed solution has an obvious improvement compared with the early method which generates the test cases randomly.
刘渊, 杨永辉, 张春瑞, 王伟. 一种基于遗传算法的Fuzzing测试用例生成新方法[J]. 电子学报, 2017, 45(3): 552-556.
LIU Yuan, YANG Yong-hui, ZHANG Chun-rui, WANG Wei. A Novel Method for Fuzzing Test Cases Generating Based on Genetic Algorithm. Acta Electronica Sinica, 2017, 45(3): 552-556.
[1] Chen J M,Shu H,Xiong X B.Fuzzing test approach based on symbolic execution[J].Computer Engineering,2009,35(21):33-35.
[2] 万勇兵,徐中伟,梅萌.一种符号化执行的实时系统一致性测试生成方法[J].电子学报,2013,41(11):2276-2284. WAN Yong-bing,XU Zhong-wei,MEI Meng.A symbolic execution method for conformance test generation of real-time system[J].Acta Electronica Sinica,2013,41(11):2276-2284.(in Chinese)
[3] Biyani,Aabha,Sharma,Gantavya,Aghav,Jagannath,et al.Extension of SPIKE for encrypted protocol fuzzing[A].Multimedia Information Networking and Security (MINES),2011 Third International Conference on IEEE[C].Shanghai1:IEEE,2011.343-347.
[4] Bhansali S,Chen W K,Jong S D,et al.Framework for instruction-level tracing and analysis of program executions[A].Proceedings of International Conference on Virtual Execution Environments[C].New York:ACM,2006.154-163.
[5] Song D,Brumley D,Yin H,et al.BitBlaze:A new approach to computer security via binary analysis[A].Proceedings of the 4th International Conference on Information Systems Security2008[C].Berlin,Heidelberg:Springer-Verlag,2008.1-25.
[6] Wang T,Wei T,Gu G,et al.TaintScope:a checksum-aware directed fuzzing tool for automatic software vulnerability detection[A].Security and Privacy (SP),2010 IEEE Symposium on IEEE[C].Washington,DC,USA:IEEE Computer Society,2010.497-512.
[7] Cui B,Liang X,Wang J.The study on integer overflow vulnerability detection in binary executables based upon genetic algorithm[J].Advances in Intelligent & Soft Computing,2011,122:259-266.
[8] Memon A M,Pollack M E,Soffa M L.Hierarchical GUI test case generation using automated planning[J].IEEE Transactions on Software Engineering,2001,27(2):144-155.
2017, Vol. 45 
