Fig. 1. Structure of Hybrid Fuzzing using Dynamic Analysis
Fig. 2. Flow Chart of Vulnerabilities Explore Module
Fig. 3. Structure of Path Information Analysis Module
Fig. 4. Flow Chart of Vulnerabilities Explore Control Module
Fig. 5. Compare of Code Coverage
Fig. 6. Compare of Crash Counts
Fig. 7. Compare of Crash Ratio
Table 1. Compare Vulnerability Exploration Tools
Table 2. Definition of Crash Informations
Table 3. Complexity Analysis Variables and Equations
Table 4. Vulnerable Function List
References
- U.S. National Vulnerability Database. Available online: http://cve.mitre.org/cve/ (accessed April 30, 2019).
- S.H. Oh, T.E. Kim, H.W. Kim, "Technology Analysis on Automatic Detection and Defense of SW Vulnerabilities", Journal of the Korea Academia-Industrial cooperation Society, Vol. 18, No. 11, pp. 94-103, 2017. DOI: https://doi.org/10.5762/KAIS.2017.18.11.94
- Defense Advanced Research Projects Agency(DARPA), Program, DARPA, c2016, From: https://www.darpa.mil/program/cyber-grand-challenge, (accessed Oct., 11, 2017).
- Miller, B.P.; Fredriksen, L.; So, B. "An empirical study of the reliability of UNIX utilities", Commun. ACM 1990, 33, 32.44. https://doi.org/10.1145/96267.96279
- Bekrar, S.; Bekrar, C.; Groz, R.; Mounier, L. "A taint based approach for smart fuzzing". In Proceedings of the IEEE Fifth International Conference on Software Testing, Verification and Validation, Montreal, QC, Canada, 17-21 April 2012; pp. 818-825.
- American Fuzzy Lop. Available online: http://lcamtuf.coredump.cx/afl/ (accessed April 30, 2018).
- King, J.C. "Symbolic execution and program testing". Commun. ACM 1976, 19, 385-394. https://doi.org/10.1145/360248.360252
- Cha, S.K.; Avgerinos, T.; Rebert, A.; Brumley, "D. Unleashing mayhem on binary code". In Proceedings of the IEEE Symposium on Security and Privacy, San Francisco, CA, USA, 20-23 May 2012; pp. 380-394.
- Stephens, N.; Grosen, J.; Salls, C.; Dutcher, A.;Wang, R.; Corbetta, J.; Shoshitaishvili, Y.; Kruegel, C.; Vigna, G. "Driller: Augmenting Fuzzing through Selective Symbolic Execution". NDSS 2016, 16, 1-16.