Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (2): 352-358.doi: 10.11896/jsjkx.221200136

• Information Security • Previous Articles     Next Articles

Memory Security Vulnerability Detection Combining Fuzzy Testing and Dynamic Analysis

MA Yingzi, CHEN Zhe, YIN Jiale, MAO Ruiqi   

  1. College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211100,China
  • Received:2022-12-23 Revised:2023-04-21 Online:2024-02-15 Published:2024-02-22
  • About author:MA Yingzi,born in 1996,postgraduate.Her main research interests include ve-rification of software and model che-cking.CHEN Zhe,born in 1981,associate professor,is a member of CCF(No.22234M).His main research interests include verification of software,software engineering and network security.
  • Supported by:
    National Natural Science Foundation of China(62172277),Joint Research Funds of National Natural Science-Foundation of China and Civil Aviation Administration of China(U1533130) and Fundamental Research Funds of AI for the Central Universities of Ministry of Education of China(NZ2020019).

PDF (PC)

1515

Abstract: C language is widely used in the development of system software and embedded software due to its high speed and precise control of memory through pointers,and is one of the most popular programming languages.The power of pointers makes it possible to operate directly on memory.However,C does not provide detection of memory security,which makes the use of poin-ters can lead to memory errors like memory leaks,buffer overflows,multiple releases,and sometimes these errors can cause fatal damage such as system crashes or internal data corruption.At present,there are some techniques that can detect memory security vulnerabilities in C programs.Among them,dynamic analysis technique can detect memory safety of C programs at runtime by staking the source code,but it can only find the error when the program executes to the path where the error is located,so it relies on the program’s input. While fuzzy testing is a method to find software vulnerabilities by providing input to the program and monitoring the program’s operation results,but it cannot detect memory safety errors that do not cause the program to crash,nor can it provide detailed information such as the location of the error.It also does not provide detailed information such as the location of the error.In addition,due to the complex grammar of the C language,dynamic analysis tools often fail to correctly handle some uncommon specific structures when analyzing large and complex projects,resulting in stubbing failures or stubbed programs not being compiled correctly.To address these problems, this paper proposes a method that can detect the memory safety of C programs containing specific structures by combining dynamic analysis techniques with fuzzy testing techniques and improving existing methods.The reliability and performance experiments show that with the addition of C-specific structures,the memory safety of programs containing C-specific structures can be detected,and the combination of the fuzzy testing technique can have stronger vulnerability detection capability.

Key words: Memory safety, Source-level instrumentation, Dynamic analysis, Fuzzing, Memory errors

CLC Number: 

  • TP311
[1]RITCHIE D M.The development of the C language[J].ACM Sigplan Notices,1993,28(3):201-208.
[2]LI Y,TAN W,LV Z,et al.PACMem:Enforcing Spatial and Temporal Memory Safety via ARM Pointer Authentication[C]//Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security.2022:1901-1915.
[3]GAO F,WANG Y,CHEN T,et al.Static Checking of Array Index Out-of-Bounds Defects in C Programs Based on Taint Analysis[J].Journal of Software,2021,11(2):121-147.
[4]XU S,HUANG W,LIE D.In-Fat pointer:Hardware-assisted tagged-pointer spatial memory safety defense with subobject granularity protection[C]//Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems.2021:224-240.
[5]BABATI B,PATAKI N.Comprehensive performance analysisof C++ smart pointers[J].Pollack Periodica,2017,12(3):157-166.
[6]CHEN Z,WANG C,YAN J,et al.Runtime detection of memory errors with smart status[C]//Proceedings of the 30th ACM SIGSOFT International Symposium on Software Testing and Analysis.2021:296-308.
[7]ZHU X,WEN S,CAMTEPE S,et al.Fuzzing:a survey for roadmap[J].ACM Computing Surveys(CSUR),2022,54(11s):1-36.
[8]LIANG H,PEI X,JIA X,et al.Fuzzing:State of the art[J].IEEE Transactions on Reliability,2018,67(3):1199-1218.
[9]CHEN C,CUI B,MA J,et al.A systematic review of fuzzing techniques[J].Computers & Security,2018,75:118-137.
[10]KLEES G,RUEF A,COOPER B,et al.Evaluating fuzz testing[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security.2018:2123-2138.
[11]ZALEWSKI M.Technical “whitepaper” for afl-fuzz[J/OL].URl:http://lcamtuf.coredump.cx/afl/technical details.txt,2014.
[12]WANG Y,CUI B.The Study and Realization of a Binary-Based Address Sanitizer Based on Code Injection[C]//International Conference on Innovative Mobile and Internet Services in Ubi-quitous Computing.Cham:Springer,2020:125-134.
[13]NAGARAKATTE S,ZHAO J,MARTIN M M K,et al.Soft-Bound:Highly compatible and complete spatial memory safety for C[C]//Proceedings of the 30th ACM SIGPLAN Conference on Programming Language Design and Implementation.2009:245-258.
[14]NAGARAKATTE S,ZHAO J,MARTIN M M K,et al.CETS:compiler enforced temporal safety for C[C]//Proceedings of the 2010 International Symposium on Memory Management.2010:31-40.
[15]ROBSON D,STRAZDINS P.Parallelisation of the valgrind dynamic binary instrumentation framework[C]//2008 IEEE International Symposium on Parallel and Distributed Processing with Applications.IEEE,2008:113-121.
[16]CHEN Z,WU J,ZHANG Q,et al.A dynamic analysis tool for memory safety based on smart status and source-level instrumentation[C]//Proceedings of the ACM/IEEE 44th International Conference on Software Engineering:Companion Procee-dings.2022:6-10.
[17]CHEN Z,YAN J,KAN S,et al.Detecting memory errors atruntime with source-level instrumentation[C]//Proceedings of the 28th ACM SIGSOFT International Symposium on Software Testing and Analysis.2019:341-351.
[18]CHEN Z,YAN J,LI W,et al.Poster:Runtime Verification of Memory Safety via Source Transformation[C]//2018 IEEE/ACM 40th International Conference on Software Engineering:Companion(ICSE-Companion).IEEE,2018:264-265.
[19]KRONSER A.Common vulnerabilities and exposures:Analy-zing the development of computer security threats[D].Helsinki,Finland:University of Helsinki,2020.
[20]PHAM V,DANG T.Cvexplorer:Multidimensional visualization for common vulnerabilities and exposures[C]//2018 IEEE International Conference on Big Data(Big Data).IEEE,2018:1296-1301.
[1] ZHUANG Yuan, CAO Wenfang, SUN Guokai, SUN Jianguo, SHEN Linshan, YOU Yang, WANG Xiaopeng, ZHANG Yunhai. Network Protocol Vulnerability Mining Method Based on the Combination of Generative AdversarialNetwork and Mutation Strategy [J]. Computer Science, 2023, 50(9): 44-51.
[2] ZHAO Mingmin, YANG Qiuhui, HONG Mei, CAI Chuang. Smart Contract Fuzzing Based on Deep Learning and Information Feedback [J]. Computer Science, 2023, 50(9): 117-122.
[3] DU Hao, WANG Yunchao, YAN Chenyu, LI Xingwei. Test Cases Generation Techniques for Root Cause Location of Fault [J]. Computer Science, 2023, 50(7): 10-17.
[4] YANG Yahui, MA Rongkuan, GENG Yangyang, WEI Qiang, JIA Yan. Black-box Fuzzing Method Based on Reverse-engineering for Proprietary Industrial Control Protocol [J]. Computer Science, 2023, 50(4): 323-332.
[5] HE Jie, CAI Ruijie, YIN Xiaokang, LU Xuanting, LIU Shengli. Detection of Web Command Injection Vulnerability for Cisco IOS-XE [J]. Computer Science, 2023, 50(4): 343-350.
[6] XU Wei, WU Zehui, WANG Zimu, LU Li. Protocol Fuzzing Based on Testcases Automated Generation [J]. Computer Science, 2023, 50(12): 58-65.
[7] DING Xuhui, ZHANG Linlin, ZHAO Kai, WANG Xusheng. Android Application Privacy Disclosure Detection Method Based on Static and Dynamic Combination [J]. Computer Science, 2023, 50(10): 327-335.
[8] HUANG Song, DU Jin-hu, WANG Xing-ya, SUN Jin-lei. Survey of Ethereum Smart Contract Fuzzing Technology Research [J]. Computer Science, 2022, 49(8): 294-305.
[9] ZHAO Jing-wen, FU Yan, WU Yan-xia, CHEN Jun-wen, FENG Yun, DONG Ji-bin, LIU Jia-qi. Survey on Multithreaded Data Race Detection Techniques [J]. Computer Science, 2022, 49(6): 89-98.
[10] HU Zhi-hao, PAN Zu-lie. Testcase Filtering Method Based on QRNN for Network Protocol Fuzzing [J]. Computer Science, 2022, 49(5): 318-324.
[11] WANG Tian-yuan, WU Shu-hong, LI Zhao-ji, XIN Hao-guang, LI Xuan, CHEN Yong-le. PGNFuzz:Pointer Generation Network Based Fuzzing Framework for Industry Control Protocols [J]. Computer Science, 2022, 49(10): 310-318.
[12] LI Yi-hao, HONG Zheng, LIN Pei-hong. Fuzzing Test Case Generation Method Based on Depth-first Search [J]. Computer Science, 2021, 48(12): 85-93.
[13] SUN Xiao-xiang, CHEN Zhe. Study on Correctness of Memory Security Dynamic Detection Algorithm Based on Theorem Proving [J]. Computer Science, 2021, 48(1): 268-272.
[14] ZHANG Ya-feng, HONG Zheng, WU Li-fa, ZHOU Zhen-ji and SUN He. Protocol State Based Fuzzing Method for Industrial Control Protocols [J]. Computer Science, 2017, 44(5): 132-140.
[15] LV Zhao-jin, SHEN Li-wei and ZHAO Wen-yun. Scenario-oriented Location Method of Android Applications [J]. Computer Science, 2017, 44(2): 216-221.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.