覆盖率制导的灰盒模糊测试研究综述  被引量：2

作　　者：崔展齐 张家铭 郑丽伟[1] 陈翔[3] CUI Zhan-Qi;ZHANG Jia-Ming;ZHENG Li-Wei;CHEN Xiang(School of Computer Science,Beijing Information Science and Technology University,Beijing 100101;School of Computer and Communication Engineering,University of Science and Technology Beijing,Beijing 100083;School of Information Science and Technology,Nantong University,Nantong,Jiangsu 226019)

机构地区：[1]北京信息科技大学计算机学院,北京100101 [2]北京科技大学计算机与通信工程学院,北京100083 [3]南通大学信息科学技术学院,江苏南通226019

出　　处：《计算机学报》2024年第7期1665-1696,共32页Chinese Journal of Computers

基　　金：江苏省前沿引领技术基础研究专项(BK202002001);国家自然科学基金项目(No.61702041);北京信息科技大学“勤信人才”培育计划项目(No.QXTCPC201906)资助。

摘　　要：由于部署简单、可扩展性强、挖掘到大量真实漏洞等原因,模糊测试得到了科研和工程人员的广泛关注。其中,覆盖率制导的灰盒模糊测试(Coverage-guided Greybox Fuzzing,简称CGF)以被测程序代码覆盖率为反馈信息,可对软件进行较为充分的自动化测试,有效地保障软件质量,是目前最为流行的一类模糊测试技术.研究人员为改进CGF投人了大量精力,产生了许多研究成果.然而,目前并未有研究针对CGF的已有研究工作进行系统性综述.为此,本文分析了近年来CGF的相关重要研究成果,将CGF流程划分为4个阶段:预处理、测试用例选择、测试用例演化和测试用例评估,并系统地分阶段分析了已有研究进展.此外,针对现有工作中评估分析设置不一致的问题,本文整理了CGF领域中常用的测试对象、实验设置及评估指标。最后,基于对已有研究进展的分析,阐述了CGF目前在预处理、测试用例选择等阶段存在的局限性、可能的解决方案以及未来的研究方向。Due to simple deployment,high scalability,and many real-world vulnerabilities are successfully detected,fuzz testing has attracted the attention of many scientific researchers and industry engineers.Among them,Coverage-guided Greybox Fuzzing(CGF)has become one of the most popular fuzzing techniques.It uses coverage of the program under test as feedback information,which can perform adequate software testing automatically and ensure the quality of software effectively.As a result,researchers have invested considerable efforts into improving CGF,resulting in numerous achievements.However,there is still no systematic survey of the existing CGF research work.For this reason,this paper analyzes the critical research achievements of CGF in recent years,divides the CGF process into four stages:preprocessing,test case selection,test case evolution,and test case evaluation,and systematically summarizes research progress in different stages.Furthermore,to address the inconsistency of evaluation settings in existing works,this paper provides statistics on the commonly used benchmarks,experimental settings,and evaluation metrics in the CGF field.Lastly,based on an analysis of the current research progresses,this paper discusses the limitations,potential solutions,and future research directions of CGF in different stages,such as preprocessing and test case selection.

关 键 词：模糊测试 灰盒测试 覆盖率 测试用例 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]