智能模糊测试综述:问题探索和方法分类  

作　　者：王琴应 许嘉诚 李宇薇 潘祖烈 张玉清 张超[5] 纪守领 WANG Qin-Ying;XU Jia-Cheng;LI Yu-Wei;PAN Zu-Lie;ZHANG Yu-Qing;ZHANG Chao;JI Shou-Ling(College of Computer Science and Technology,Zhejiang University,Hangzhou 310007;College of Control Science and Engineering,Zhejiang University,Hangzhou 310007;College of Electronic Engineering,National University of Defense Technology,Hefei 230037;Department of National Computer Network Intrusion Protection Center,University of Chinese Academy of Sciences,Beijing 101408;Institute for Network Science and Cyberspace,Tsinghua University,Beijing 100084)

机构地区：[1]浙江大学计算机科学与技术学院,杭州310007 [2]浙江大学控制科学与工程学院,杭州310007 [3]国防科技大学电子对抗学院,合肥230037 [4]中国科学院大学国家计算机网络入侵防范中心,北京101408 [5]清华大学网络研究院,北京100084

出　　处：《计算机学报》2024年第9期2059-2083,共25页Chinese Journal of Computers

基　　金：国家自然科学基金联合重点项目(U1936215);国家自然科学基金青年基金项目(62202484);国家自然科学基金联合重点项目(U2336203)资助.

摘　　要：随着近年来软件系统规模以及复杂性的增加,安全漏洞数量持续增长、影响面逐步扩大,全球安全形势依然严峻.针对该问题,学术界和工业界致力于研究高效的漏洞挖掘技术,提前发现和修复潜在的漏洞.其中模糊测试作为先进的漏洞挖掘技术之一,吸引了学术界和工业界的广泛关注.为了进一步提高漏洞挖掘的能力,研究人员提出了智能模糊测试,即利用人工智能和程序分析等技术作为辅助,从而实现对复杂软件系统更高效的测试和分析并智能引导漏洞挖掘方向.本文回顾了近八年来智能模糊测试研究进展,提出了一个通用模糊测试流程模型和问题导向的智能模糊技术分类方法,从优化测试输入生成、提高测试效率以及增强测试预言机三个方面总结了当前智能模糊测试的优势和不足之处,最后对智能模糊测试面临的挑战和未来研究方向进行展望和总结.With the increasing scale and complexity of software systems in recent years,along with the continuous growth in the number of security vulnerabilities and their expanding impact,the global security situation remains challenging.In response to this issue,academia and industry have been devoted to researching efficient vulnerability discovery techniques to identify and address potential vulnerabilities in advance.Among these techniques,fuzzing has garnered significant attention from academia and industry as an advanced vulnerability detection approach.To further enhance the capability of vulnerability discovery,researchers introduced smart fuzzing,which leverages artificial intelligence and program analysis techniques to assist in more efficiently testing and analyzing complex software systems,intelligently guiding the direction of vulnerability discovery.This paper reviews the progress of smart fuzzing over the past eight years,proposes a general fuzzing procedure model and a problem-oriented classification method for smart fuzzing techniques,and summarizes the current advantages and shortcomings of smart fuzzing from three aspects:optimizing test input generation,improving test efficiency,and enhancing test oracles.Finally,this paper offers a prospective outlook and summary of the challenges and future research directions in the field of smart fuzzing.

关 键 词：模糊测试 软件与系统安全 漏洞挖掘 人工智能 程序分析 

分 类 号：TP319[自动化与计算机技术—计算机软件与理论]