Abstract
A genetic algorithm-based fuzz testing method for binary program was proposed aiming at the low code coverage problem caused by high execution path repetition rate of the test data generated from mutation in binary program fuzz testing. The method transformed test data to individuals in genetic algorithm. Quick Emulator was used to instrument a binary program for extracting program execution path. The evolution process in genetic algorithm was guided by an execution-path-based fitness function, so that the generated test data could cover more program execution paths. Experimental results show that the average code coverage of the method is 25.4% higher than fuzzing tool American Fuzzy Lop (AFL) within the same time. The method can detect all crashes in vulnerability detection experiment and the efficiency is at least 10% higher than AFL. The method is helpful for improving the efficiency of fuzz testing.
Original language | English |
---|---|
Pages (from-to) | 1014-1019 |
Number of pages | 6 |
Journal | Zhejiang Daxue Xuebao (Gongxue Ban)/Journal of Zhejiang University (Engineering Science) |
Volume | 52 |
Issue number | 5 |
DOIs | |
Publication status | Published - May 2018 |
Keywords
- Binary program
- Fuzz testing
- Genetic algorithm
- Program execution path
- Program instrumentation