摘要
针对传统的Fuzzing漏洞挖掘技术存在挖掘范围太广、漏洞定位困难等固有缺陷,将模拟退火思想引入漏洞挖掘技术的差分演化(Differential Evolution,DE)算法中,利用模拟退火(Simulated Annealing,SA)算法全局最优的特点,改善差分演化算法局部求精能力较弱和"早熟"等问题。同时,利用差分演化算法克服模拟退火算法对参数过分依赖的缺点,结合输入追踪测试与代码覆盖测试技术进行漏洞挖掘,以大大提高未知漏洞挖掘的有效性和准确性。
The traditional Fuzzing vulnerability-mining technology has many shortcomings, such as wide range of mining and difficult for vulnerability mining, so the idea of simulated annealing is introduced into DE(Differential Evolution) algorithm. SA(Simulated Annealing) algorithm is used to improve the global optimization of local differential evolution algorithm, as the local refinement capability is weak and precocious. Meanwhile, the differential evolution algorithm is used to overcome the over-dependence on the parameters of simulated annealing algorithm, and in combination of input tracking test with code coverage technology for vulnerability mining, the effectiveness and accuracy for the unknown vulnerability mining is significantly improved.
出处
《通信技术》
2017年第7期1535-1539,共5页
Communications Technology
关键词
FUZZING
退火算法
漏洞挖掘
代码覆盖
fuzzing
simulated annealing algorithm
vulnerability mining
code coverage
