| Abstrakt: |
Directed fuzzing is designed to quickly produce test cases, reach a series of given target locations, and discover program errors. However, the current directed fuzzing tools generally have the problem of low test efficiency. So a directed grey-box method based on neural network is proposed which builds a model to predict where the current seed can produce input gain by learning variation patterns in different locations in the input files from past fuzzing explorations, so as to guide the fuzzer to optimize mutation. At the same time, in order to solve the tradeoff of exploration-exploitation problem in directed fuzzers, a dynamic strategy is introduced to adaptively coordinate two stages in the process of fuzzy testing. A prototype system named DYNFuzz is implemented based on the existing fuzzing framework AFL, and is tested and evaluated on three benchmarks, which shows that DYNFuzz has higher directed performance and test efficiency than other fuzzers and would not be caught up in local dilemmas caused by the exploration-exploitation imbalance. [ABSTRACT FROM AUTHOR] |
