基于图同构网络的高效Web模糊测试技术研究  

作　　者：张展鹏 王鹃[1,2] 张冲[1,2] 王杰 胡宇义[1,2] ZHANG Zhanpeng;WANG Juan;ZHANG Chong;WANG Jie;HU Yuyi(School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China;Key Laboratory of Aerospace Information Security and Trusted Computing of Ministry of Education,Wuhan University,Wuhan 430072,China)

机构地区：[1]武汉大学国家网络安全学院,武汉430072 [2]武汉大学空天信息安全与可信计算教育部重点实验室,武汉430072

出　　处：《信息网络安全》2024年第10期1544-1552,共9页Netinfo Security

基　　金：国家自然科学基金[61872430];科技部科技创新2030—“新一代人工智能”重大项目[2020AA0107700];国家电网科学技术项目[520940210009]。

摘　　要：现有的Web模糊测试方法主要包括基于字典的黑盒测试方法和借鉴二进制模糊测试的灰盒测试方法,这些方法存在随机性大、效率低的缺点。针对上述问题,文章提出了一种基于图同构网络的高效Web模糊测试方法。首先,利用图同构网络在图表示和图结构学习方面的强大能力,在代码的控制流图上学习漏洞语义和结构特征,并进行基本块漏洞概率预测;然后,基于漏洞预测结果提出了漏洞概率和覆盖率双导向的Web应用模糊测试指导策略,在不降低覆盖率的同时优先探索含漏洞概率更高的程序位置,有效解决了现有Web应用模糊测试工具随机性大、效率低的问题;最后,基于以上方法实现了原型系统并进行实验评估。实验结果表明,与webFuzz相比,该原型系统的漏洞挖掘效率提高了40%,覆盖率扩大了5%。Existing Web fuzzing methods mainly include dictionary-based black-box testing methods and borrow gray-box testing methods from binary fuzzing.These methods have the disadvantages of high randomness and low efficiency.In response to the above issues,the article proposed an efficient Web fuzzing method based on graph isomorphism network.Firstly,leveraging the powerful capabilities of graph isomorphism network in graph representation and structure learning,the semantic and structural features of vulnerabilities were learnt on the control flow graph of the code,and the probabilities of basic block vulnerabilities were predicted.Then,based on the vulnerability prediction results,a Web application fuzzing guidance strategy with dual guidance of vulnerability probability that consider both vulnerability probability and coverage.It prioritized the exploration of program locations with higher vulnerability possibilities without compromising coverage,effectively addressing the issues of high randomness and low efficiency in existing Web application fuzzing tools.Finally,based on the above methods,a prototype system was implemented and experimentally evaluated.The experimental results show that the efficiency of the system has increased by 40%,and the coverage has expanded by 5%.

关 键 词：模糊测试 Web漏洞 图同构网络 漏洞挖掘 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]