CN117827676A - Method and system for black box coverage rate guidance protocol fuzzy test based on qemu - Google Patents
Method and system for black box coverage rate guidance protocol fuzzy test based on qemu Download PDFInfo
- Publication number
- CN117827676A CN117827676A CN202410034064.7A CN202410034064A CN117827676A CN 117827676 A CN117827676 A CN 117827676A CN 202410034064 A CN202410034064 A CN 202410034064A CN 117827676 A CN117827676 A CN 117827676A
- Authority
- CN
- China
- Prior art keywords
- test case
- test
- tested
- coverage rate
- current test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Prevention of errors by analysis, debugging or testing of software
- G06F11/3668—Testing of software
- G06F11/3672—Test management
- G06F11/3676—Test management for coverage analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Prevention of errors by analysis, debugging or testing of software
- G06F11/3668—Testing of software
- G06F11/3672—Test management
- G06F11/3684—Test management for test design, e.g. generating new test cases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Prevention of errors by analysis, debugging or testing of software
- G06F11/3668—Testing of software
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Maintenance And Management Of Digital Transmission (AREA)
Abstract
The application discloses a method and a system for a black box coverage rate guidance protocol fuzzy test based on qemu, wherein the method comprises the following steps: step S1, starting a protocol server program to be tested by qemu; step S2, pile inserting is carried out on the protocol server program to be tested; s3, obtaining a test case to be mutated; step S4, mutation is carried out based on the test cases to be mutated to obtain a plurality of mutation test cases; step S5, randomly selecting a variation test case as a current test case, and calculating the test coverage corresponding to the current test case; step S6, judging whether the test coverage rate corresponding to the current test case is improved, if so, replacing the current test case with the test case to be mutated; and step S7, repeating the steps S4-S6 until the test coverage rate corresponding to the current test case reaches 100%. According to the method, the test case generation process is simple, additional labor is not required, and the test effect can be improved.
Description
Technical Field
The application relates to the technical field of software security, in particular to a method and a system for fuzzy test of a boot protocol.
Background
Fuzzing (fuzzing) is a software testing technique that aims to discover vulnerabilities and errors in software applications. It simulates unpredictable user inputs by automatically generating a large number of random, invalid or abnormal inputs, thereby testing the robustness and security of the software. The basic idea of fuzzy testing is to inject randomly generated input data into the software program under test and then observe the behavior and response of the program. If the program crashes, exits abnormally, or other unexpected results, then a bug or error is declared. The advantage of fuzzy testing over other testing techniques is its efficiency and integrity. By testing for multiple types of input data, more vulnerabilities and errors can be found, thereby improving the reliability and security of the software.
In the prior art, the test cases for realizing the protocol fuzzy test have the following two generation methods:
1) The generation mode directly defines the data packet format, customizes each field, limits the size, and then directly generates and sends out randomly. However, the generation mode needs to know the input format and constraint condition of the program in advance, and for complex protocols or data structures, a great deal of time and manpower are required to be consumed for customization, and the operation is complex. Second, these methods do not take into account unknown input states, that is, test coverage and effectiveness may be limited.
2) In the mutation mode, an agent mode is generally adopted to send an original protocol data packet to the agent, and the agent mutates the data through a mutator. Is generally randomly generated, has no feedback, and has certain randomness and nondirectionality when a protocol ambiguity test is carried out in a mutation mode. Since the mutations are generated based on the original data packet, each field probability of the mutation is random, with no explicit guidance and correction mechanism. The mere random mutation does not trigger a new branch well, and it is highly likely that the same branch is always triggered, which leads to a low test effect.
Disclosure of Invention
Based on the above, aiming at the technical problems, a method and a system for the fuzzy test of the black box coverage rate guidance protocol based on qemu are provided, so as to solve the problems of complex process of generating test cases and low test effect of generating the test cases in the prior art.
In a first aspect, a method for qemu-based black box coverage guidance protocol ambiguity test, the method comprising:
step S1: starting a protocol server program to be tested by qemu;
step S2: inserting piles for the protocol server program to be tested;
step S3: obtaining a test case to be mutated;
step S4: mutation is carried out based on the test cases to be mutated, so that a plurality of mutation test cases are obtained and recorded as mutation test case sets;
step S5: randomly selecting a variation test case from a variation test case set as a current test case, and performing fuzzy test on a protocol server program to be tested after pile insertion by using the current test case to obtain a test coverage rate corresponding to the current test case;
step S6: judging whether the test coverage rate corresponding to the current test case is improved, if so, replacing the current test case with a test case to be mutated;
step S7: and repeating the steps S4-S6 until the test coverage rate corresponding to the current test case reaches 100%.
In the above scheme, optionally, after the inserting is performed on the protocol server program to be tested, the protocol server program to be tested is checked.
In the above solution, optionally, the step S6 further includes: and judging whether the test coverage rate corresponding to the current test case is improved, if not, executing the steps S5-S6 in a circulating way.
In the above solution, optionally, the obtaining the test coverage corresponding to the current test case includes:
monitoring the running behavior information of the protocol server program to be tested after the pile insertion in the current test case;
based on the monitored operation behavior information, acquiring the number of basic blocks which are tested by the current test case in the protocol server program to be tested after pile insertion;
and calculating the ratio of the number of the basic blocks tested by the current test case to the number of all the basic blocks in the protocol server program to be tested after the pile insertion, and taking the ratio as the test coverage rate corresponding to the current test case.
In a second aspect, a system for qemu-based black box coverage guided protocol ambiguity testing, the system comprising:
a starting program module: the method comprises the steps of starting a protocol server program to be tested by qemu;
pile inserting module: the method is used for inserting piles for the protocol server program to be tested;
and acquiring a test case module: the method is used for obtaining test cases to be mutated;
mutation module: mutation is carried out based on the test cases to be mutated, so that a plurality of mutation test cases are obtained and recorded as mutation test case sets;
coverage rate acquisition module: the method comprises the steps of randomly selecting a mutation test case from a mutation test case set to serve as a current test case, and carrying out fuzzy test on a protocol server program to be tested after pile insertion by utilizing the current test case to obtain a test coverage rate corresponding to the current test case;
and a judging module: judging whether the test coverage rate corresponding to the current test case is improved, if so, replacing the current test case with a test case to be mutated;
and the loop execution judging module is used for: and the test coverage rate judging module is used for judging whether the test coverage rate corresponding to the current test case reaches 100%, and if not, returning to the mutation module.
In the above aspect, optionally, the system further includes an inspection module: and after the instrumentation module instrumentation the protocol server program to be tested, checking the protocol server program to be tested.
In the above solution, optionally, the judging module is further configured to: and judging whether the test coverage rate corresponding to the current test case is improved, and if not, returning to the coverage rate acquisition module.
In a third aspect, a computer device includes a memory storing a computer program and a processor implementing the steps of a method of qemu-based black box coverage boot protocol fuzzing according to the first aspect when the computer program is executed.
In a fourth aspect, a computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the steps of a method of implementing a qemu-based black box coverage boot protocol fuzzing test according to the first aspect.
The application has at least the following beneficial effects:
according to the method, pile insertion and inspection are carried out on the protocol server program to be tested by utilizing qemu, mutation is carried out on the basis of the acquired test cases to be mutated, a plurality of mutated test cases are obtained, the test cases are used for sequentially testing the protocol server program to be tested and calculating the coverage rate, when the test coverage rate of a certain test case is improved, mutation is carried out on the basis of the test case, namely mutation is carried out in the direction, so that deeper branches leading to coverage rate improvement can be started, the test cases are generated through mutation, the generation process is simple, additional labor is not required, and the test effect can be improved due to mutation on the test cases based on coverage rate improvement.
Drawings
FIG. 1 is a flow chart of a method for performing a black box coverage rate boot protocol fuzzy test based on qemu according to an embodiment of the present application;
FIG. 2 is a detailed flow chart of a method for qemu-based black box coverage guidance protocol ambiguity test according to one embodiment of the present application;
fig. 3 is a block diagram of a system for a black box coverage rate guidance protocol ambiguity test based on qemu according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
In one embodiment, as shown in fig. 1 and 2, there is provided a method for qemu-based black box coverage guidance protocol ambiguity test, comprising the steps of:
step S1: starting a protocol server program to be tested by qemu;
step S2: inserting piles for the protocol server program to be tested;
the instrumentation in step S2 refers to inserting additional code into the binary code of the target program, so as to monitor the execution condition of the program. The QEMU can collect information such as code coverage rate during execution by instrumentation techniques for subsequent Fuzz testing analysis.
Step S3: obtaining a test case to be mutated;
step S4: mutation is carried out based on the test cases to be mutated, so that a plurality of mutation test cases are obtained and recorded as mutation test case sets;
step S5: randomly selecting a variation test case from a variation test case set as a current test case, and performing fuzzy test on a protocol server program to be tested after pile insertion by using the current test case to obtain a test coverage rate corresponding to the current test case;
in step S5, when the tested protocol server executes the code to the instrumentation, a new coverage rate is triggered, and QEMU collects the new coverage rate information and collects the new coverage rate information to fuzz.
Step S6: judging whether the test coverage rate corresponding to the current test case is improved, if so, replacing the current test case with a test case to be mutated;
in step S6, after receiving the new coverage rate information, the Fuzz test determines the validity of the test case according to whether the coverage rate is improved. By comparing the current test coverage rate with the previous test coverage rate to determine whether to increase, if the new coverage rate is improved, which indicates that the test case may explore a new code path, fuzz may perform the mutation based on the mutation data of the previous round, so as to further expand the code coverage rate.
Step S7: and repeating the steps S4-S6 until the test coverage rate corresponding to the current test case reaches 100%.
According to the qemu-based black box coverage rate guidance protocol fuzzy test method, the qemu is utilized to perform pile insertion and inspection on the protocol server program to be tested, mutation is performed on the basis of the acquired test cases to be mutated, a plurality of mutation test cases are obtained, the test cases are utilized to sequentially test the protocol server program to be tested and calculate the coverage rate, when the test coverage rate of a certain test case is improved, mutation is performed in the direction based on the test case, so that deeper branches leading to coverage rate improvement can be started, the test cases are generated in a mutation mode through the method, the generation process is simple, additional labor is not required, and the application is used for mutation on the basis of the test cases with coverage rate improvement, so that the test effect can be improved.
In one embodiment, after the server-side program to be tested is instrumented, the server-side program to be tested is checked.
In this embodiment, the QEMU will also check the executable file to ensure its security and stability.
In one embodiment, the step S6 further includes: and judging whether the test coverage rate corresponding to the current test case is improved, if not, executing the steps S5-S6 in a circulating way.
In this embodiment, that is, a mutation test case is randomly selected from the mutation test case set as a current test case, a fuzzy test is performed on the test protocol server program to obtain a test coverage corresponding to the current test case, if the test coverage is not increased compared with the coverage obtained last time, another mutation test case is continuously extracted from the mutation test case set as the current test case to perform the fuzzy test until the test coverage when the extracted mutation test case is used as the current test case is increased, the extraction is not performed again, the current test case is replaced by the test case to be mutated, and mutation is performed repeatedly.
In one embodiment, the obtaining the test coverage corresponding to the current test case includes:
monitoring the running behavior information of the protocol server program to be tested after the pile insertion in the current test case;
based on the monitored operation behavior information, acquiring the number of basic blocks which are tested by the current test case in the protocol server program to be tested after pile insertion;
and calculating the ratio of the number of the basic blocks tested by the current test case to the number of all the basic blocks in the protocol server program to be tested after the pile insertion, and taking the ratio as the test coverage rate corresponding to the current test case.
In this embodiment, the basic block is the code or path of the protocol server program to be tested.
In one embodiment, the method of the present application is as follows:
(1) The qemu is used to start the protocol server program.
(2) qemu will instrumentation and check the executable file.
(3) Fuzz is started.
(4) When the tested protocol service end program executes the code to the instrumentation, a new coverage rate is triggered and collected to the fuzz.
(5) And the fuzz receives the corresponding new coverage rate, and judges whether the mutation is to be executed based on mutation data of the previous round according to whether the coverage rate is improved or not. And continues fuzz.
(6) Repeating steps (3) - (5).
According to the method and the device, through the use of qemu, the binary file is subjected to pile inserting and checking, the condition of triggering a new branch to improve the coverage rate is fed back to the fuzz, the coverage rate is checked by the fuzz, if the coverage rate returned after the fuzz is improved to some extent, the mutation is performed again based on the mutation in the fuzz, namely, the mutation is performed in the direction, so that the deeper branch which leads to the coverage rate improvement can be started. Rather than being entirely based on randomness, discreteness. The fuzz effect can be greatly improved.
In one embodiment, as shown in fig. 3, a system for qemu-based black box coverage boot protocol fuzziness testing is provided, comprising the following program modules: the system comprises:
a starting program module: the method comprises the steps of starting a protocol server program to be tested by qemu;
pile inserting module: the method is used for inserting piles for the protocol server program to be tested;
and acquiring a test case module: the method is used for obtaining test cases to be mutated;
mutation module: mutation is carried out based on the test cases to be mutated, so that a plurality of mutation test cases are obtained and recorded as mutation test case sets;
coverage rate acquisition module: the method comprises the steps of randomly selecting a mutation test case from a mutation test case set to serve as a current test case, and carrying out fuzzy test on a protocol server program to be tested after pile insertion by utilizing the current test case to obtain a test coverage rate corresponding to the current test case;
and a judging module: judging whether the test coverage rate corresponding to the current test case is improved, if so, replacing the current test case with a test case to be mutated;
and the loop execution judging module is used for: and the test coverage rate judging module is used for judging whether the test coverage rate corresponding to the current test case reaches 100%, and if not, returning to the mutation module.
In one embodiment, the system further comprises an inspection module: and after the instrumentation module instrumentation the protocol server program to be tested, checking the protocol server program to be tested.
In one embodiment, the judging module is further configured to: and judging whether the test coverage rate corresponding to the current test case is improved, and if not, returning to the coverage rate acquisition module.
In one embodiment, the obtaining the test coverage corresponding to the current test case includes:
monitoring the running behavior information of the protocol server program to be tested after the pile insertion in the current test case;
based on the monitored operation behavior information, acquiring the number of basic blocks which are tested by the current test case in the protocol server program to be tested after pile insertion;
and calculating the ratio of the number of the basic blocks tested by the current test case to the number of all the basic blocks in the protocol server program to be tested after the pile insertion, and taking the ratio as the test coverage rate corresponding to the current test case.
For specific limitations regarding the qemu-based black box coverage guidance protocol fuzzing test system, reference may be made to the above limitations regarding the qemu-based black box coverage guidance protocol fuzzing test method, which are not described herein. The above-described modules in the qemu-based black box coverage boot protocol fuzzing system may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device, which may be a server, is provided that includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements a method of qemu-based black box coverage boot protocol ambiguity test as described above.
In an embodiment, a computer readable storage medium is also provided, on which a computer program is stored, involving all or part of the flow of the method of the above embodiment.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, or the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples merely represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the invention. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application is to be determined by the claims appended hereto.
Claims (10)
1. A method for a black box coverage rate guided protocol fuzzy test based on qemu, the method comprising:
step S1: starting a protocol server program to be tested by qemu;
step S2: inserting piles for the protocol server program to be tested;
step S3: obtaining a test case to be mutated;
step S4: mutation is carried out based on the test cases to be mutated, so that a plurality of mutation test cases are obtained and recorded as mutation test case sets;
step S5: randomly selecting a variation test case from a variation test case set as a current test case, and performing fuzzy test on a protocol server program to be tested after pile insertion by using the current test case to obtain a test coverage rate corresponding to the current test case;
step S6: judging whether the test coverage rate corresponding to the current test case is improved, if so, replacing the current test case with a test case to be mutated;
step S7: and repeating the steps S4-S6 until the test coverage rate corresponding to the current test case reaches 100%.
2. The qemu-based black box coverage rate guided protocol fuzzy test method of claim 1, wherein the protocol server program to be tested is checked after being instrumented.
3. The method of qemu-based black box coverage guided protocol ambiguity test of claim 1, wherein the step S6 further comprises: and judging whether the test coverage rate corresponding to the current test case is improved, if not, executing the steps S5-S6 in a circulating way.
4. The method for performing a qemu-based black box coverage rate boot protocol fuzzy test according to claim 1, wherein the obtaining the test coverage rate corresponding to the current test case comprises:
monitoring the running behavior information of the protocol server program to be tested after the pile insertion in the current test case;
based on the monitored operation behavior information, acquiring the number of basic blocks which are tested by the current test case in the protocol server program to be tested after pile insertion;
and calculating the ratio of the number of the basic blocks tested by the current test case to the number of all the basic blocks in the protocol server program to be tested after the pile insertion, and taking the ratio as the test coverage rate corresponding to the current test case.
5. A system for qemu-based black box coverage guided protocol ambiguity testing, the system comprising:
a starting program module: the method comprises the steps of starting a protocol server program to be tested by qemu;
pile inserting module: the method is used for inserting piles for the protocol server program to be tested;
and acquiring a test case module: the method is used for obtaining test cases to be mutated;
mutation module: mutation is carried out based on the test cases to be mutated, so that a plurality of mutation test cases are obtained and recorded as mutation test case sets;
coverage rate acquisition module: the method comprises the steps of randomly selecting a mutation test case from a mutation test case set to serve as a current test case, and carrying out fuzzy test on a protocol server program to be tested after pile insertion by utilizing the current test case to obtain a test coverage rate corresponding to the current test case;
and a judging module: judging whether the test coverage rate corresponding to the current test case is improved, if so, replacing the current test case with a test case to be mutated;
and the loop execution judging module is used for: and the test coverage rate judging module is used for judging whether the test coverage rate corresponding to the current test case reaches 100%, and if not, returning to the mutation module.
6. The qemu-based black box coverage guided protocol ambiguity test system of claim 5, further comprising an inspection module: and after the instrumentation module instrumentation the protocol server program to be tested, checking the protocol server program to be tested.
7. The qemu-based black box coverage guided protocol ambiguity test system of claim 5, wherein the determining module is further configured to: and judging whether the test coverage rate corresponding to the current test case is improved, and if not, returning to the coverage rate acquisition module.
8. The qemu-based black box coverage guidance protocol fuzzing system of claim 5, wherein the obtaining the test coverage corresponding to the current test case comprises:
monitoring the running behavior information of the protocol server program to be tested after the pile insertion in the current test case;
based on the monitored operation behavior information, acquiring the number of basic blocks which are tested by the current test case in the protocol server program to be tested after pile insertion;
and calculating the ratio of the number of the basic blocks tested by the current test case to the number of all the basic blocks in the protocol server program to be tested after the pile insertion, and taking the ratio as the test coverage rate corresponding to the current test case.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 4 when the computer program is executed.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 4.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2023117463550 | 2023-12-18 | ||
| CN202311746355 | 2023-12-18 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117827676A true CN117827676A (en) | 2024-04-05 |
Family
ID=90518948
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410034064.7A Pending CN117827676A (en) | 2023-12-18 | 2024-01-09 | Method and system for black box coverage rate guidance protocol fuzzy test based on qemu |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117827676A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130311976A1 (en) * | 2012-05-17 | 2013-11-21 | Cognizant Technology Solutions India Pvt. Ltd. | Method and system for generating and processing black box test cases |
| CN110147310A (en) * | 2019-04-02 | 2019-08-20 | 中国科学院信息工程研究所 | A kind of parallel fuzz testing dispatching method and device based on Mutation Strategy |
| US20190317882A1 (en) * | 2018-04-13 | 2019-10-17 | Baidu Usa Llc | Method and apparatus for testing a code file |
| CN113835998A (en) * | 2021-07-30 | 2021-12-24 | 上海大学 | Embedded firmware gray box fuzzy test method based on word right variation and virtual instrumentation |
| CN114661578A (en) * | 2022-01-26 | 2022-06-24 | 天津大学 | Guiding type gray box fuzzy test method and device based on dominant point coverage |
| CN117155831A (en) * | 2023-08-07 | 2023-12-01 | 深圳开源互联网安全技术有限公司 | Network protocol fuzzy test method, device, equipment and medium based on source code |
-
2024
- 2024-01-09 CN CN202410034064.7A patent/CN117827676A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130311976A1 (en) * | 2012-05-17 | 2013-11-21 | Cognizant Technology Solutions India Pvt. Ltd. | Method and system for generating and processing black box test cases |
| US20190317882A1 (en) * | 2018-04-13 | 2019-10-17 | Baidu Usa Llc | Method and apparatus for testing a code file |
| CN110147310A (en) * | 2019-04-02 | 2019-08-20 | 中国科学院信息工程研究所 | A kind of parallel fuzz testing dispatching method and device based on Mutation Strategy |
| CN113835998A (en) * | 2021-07-30 | 2021-12-24 | 上海大学 | Embedded firmware gray box fuzzy test method based on word right variation and virtual instrumentation |
| CN114661578A (en) * | 2022-01-26 | 2022-06-24 | 天津大学 | Guiding type gray box fuzzy test method and device based on dominant point coverage |
| CN117155831A (en) * | 2023-08-07 | 2023-12-01 | 深圳开源互联网安全技术有限公司 | Network protocol fuzzy test method, device, equipment and medium based on source code |
Non-Patent Citations (1)
| Title |
|---|
| 邹燕燕;邹维;尹嘉伟;霍玮;杨梅芳;孙丹丹;史记;: "变异策略感知的并行模糊测试研究", 信息安全学报, no. 05, 15 September 2020 (2020-09-15) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112035314B (en) | Memory leakage monitoring method and device and electronic equipment | |
| CN111177729B (en) | Program bug test method and related device | |
| CN111327490B (en) | Byzantine fault-tolerant detection method of block chain and related device | |
| CN109324961B (en) | System automatic test method, device, computer equipment and storage medium | |
| Yoo et al. | Grammar-based adaptive fuzzing: Evaluation on SCADA modbus protocol | |
| US20090249305A1 (en) | Super Nested Block Method to Minimize Coverage Testing Overhead | |
| CN112463581A (en) | Method and system for carrying out fuzzy test on distributed system | |
| CN103136098A (en) | Method, device and system for fuzzing test | |
| CN112363936B (en) | Differential coverage rate testing method, differential coverage rate testing device, computer equipment and storage medium | |
| CN116992438A (en) | Method, device, equipment and medium for repairing real-time loopholes based on code vaccine | |
| CN112052156B (en) | A fuzz testing method, device and system | |
| Di Nardo et al. | Generating complex and faulty test data through model-based mutation analysis | |
| US11163924B2 (en) | Identification of changes in functional behavior and runtime behavior of a system during maintenance cycles | |
| CN114385485A (en) | Interface test method, device, equipment and storage medium | |
| CN117827676A (en) | Method and system for black box coverage rate guidance protocol fuzzy test based on qemu | |
| CN112256532A (en) | Test interface generation method and device, computer equipment and readable storage medium | |
| CN116644435B (en) | Vulnerability detection method and device for intelligent contracts | |
| CN114077545B (en) | Method, device, equipment and readable storage medium for obtaining verification data | |
| CN116414722A (en) | Fuzz test processing method, device, fuzz test system and storage medium | |
| CN115510456A (en) | Intelligent contract vulnerability detection method and device | |
| CN114328206A (en) | A white-box exception testing method that can achieve high coverage and high efficiency | |
| CN113760753A (en) | QUIC protocol testing method based on grey box fuzzing technology | |
| CN110795142A (en) | Configuration file generation method and device | |
| CN112346963A (en) | Method and device for pile insertion testing based on AOP (automatic optical plane processing) and electronic equipment | |
| Lesiuta et al. | SLIMECRAFT: State Learning for Client-Server Regression Analysis and Fault Testing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |