Memory-based data mining fuzzing mechanisms of vulnerability
|School||Huazhong University of Science and Technology|
|Keywords||Vulnerability Discovery Memory data fuzzing Buffer Overflow Snapshot restore variation|
The rapid popularity of the Internet , prompting a variety of network applications both in type or quantity are greatly increased , many widely used network services software became the focus of a hacker attack . Trace the origin or vulnerability exists in the software caused , which is a buffer overflow vulnerability hackers often exploit a vulnerability . In -depth analysis of the software under the Windows platform causes of vulnerability , based on a detailed analysis of the stack buffer overflow principle and fuzzing technologies. Features of the software for network services , pointing out that the traditional protocol-based fuzzing technique deficiencies . For the lack of data in the design of a fuzzy memory testing techniques will be applied to the network service software vulnerability discovery mechanism . The mechanism through mutation snapshot recovery methods to achieve , no analysis of the target to the target software communication protocol fuzzing software . Based on test -based theory, combined with the ideological dichotomy presents a fuzzy data generation algorithm. The basic idea is to generate only a small number of test cases can be achieved by triggering an overflow exception and pinpoint the location of purposes. This improved network services software vulnerability discovery mechanism can effectively solve the traditional protocol-based fuzzing method exists fuzzy data structure is difficult to test the efficiency is low. Design and implementation of improved network services software vulnerability discovery mechanism , by selecting the appropriate test objectives vulnerability discovery . After several tests and overflow positioning analysis , succeeded in finding the target software in a stack overflow vulnerability , and the vulnerability of the accurate positioning. Validated, proven fuzzy data generation algorithm and overflow location algorithm is correct and feasible to achieve the test results. Use this tool to network services software fuzzing improve efficiency and reduce the test more difficult. Due to its out of the protocol layer , which can be used as a general purpose fuzzing mechanisms used in different protocol network service software vulnerability discovery tools.