模糊测试用例生成技术研究综述

计算机工程与科学 ›› 2025, Vol. 47 ›› Issue (7): 1244-1261.

模糊测试用例生成技术研究综述

刘慧1,2,侯同定1,2,赵博3,4,郭涵彬1,2

(1.河南师范大学计算机与信息工程学院,河南新乡 453007；
2.河南省教育人工智能与个性化学习重点实验室,河南新乡 453007;
3.数学工程与先进计算国家重点实验室,河南郑州 450001;
4.中国人民解放军网络空间部队信息工程大学网络空间安全学院,河南郑州 450001)

收稿日期:2024-01-18 修回日期:2024-03-29 出版日期:2025-07-25 发布日期:2025-08-25
基金资助:
河南省重大科技专项(221100210600);河南省科技攻关专项(242102211094)

Survey of fuzzing test case generation techniques

LIU Hui1,2,HOU Tongding1,2,ZHAO Bo3,4,GUO Hanbin1,2

(1.School of Computer and Information Engineering,Henan Normal University,Xinxiang 453007;
2.Key Laboratory of Artificial Intelligence and Personalized Learning in Education of Henan Province,Xinxiang 453007;
3.State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001;
4.School of Cyberspace Security，PLA Strategic Support Force Information Engineering University,Zhengzhou 450001,China)

Received:2024-01-18 Revised:2024-03-29 Online:2025-07-25 Published:2025-08-25

摘要/Abstract

摘要： 模糊测试是主流的软件漏洞挖掘技术之一，在不同领域都有着广泛的应用。近年来，模糊测试用例生成技术的研究已经取得了长足的进展。首先，回顾模糊测试用例生成技术的发展历程，对相关研究工作进行分类归纳及综合对比。其次，基于模糊测试用例生成技术的深入研究，形成基于生成方式和基于变异方式的模糊测试用例生成架构。再次，对模糊测试用例生成技术进行分类，深入剖析模糊器从程序结构和语义中提取特征并结合反馈信息生成测试用例的过程。然后，从浏览器、网络协议、编译器和操作系统4个方面，对现有模糊测试用例生成技术在生成测试用例过程中面临的任务及挑战予以分类阐述，并进行系统总结和对比研究。最后，从不同角度探讨现有模糊测试用例生成技术中存在的局限性及解决方案，并展望未来具有潜力的研究方向。

关键词: 模糊测试, 测试用例生成, 种子优化策略, 漏洞挖掘, 软件安全

Abstract: Fuzzing test is one of the mainstream software vulnerability detection technologies and has been widely applied across various fields.In recent years,significant progress has been made in the research of fuzzing test case generation techniques.Firstly,this paper reviews the development of fuzzing test case generation technology,classifying and summarizing relevant research while providing a comprehensive comparison.Secondly,based on an in-depth study of fuzzing test case generation techniques,this paper establishs a framework for constructing test cases through both generation-based and mutation-based approaches.Subsequently,this paper categorizes fuzzing test case construction techniques,delving into the process by which fuzzers extract features from program structure and semantics and combine feedback information to generate test cases.Furthermore,this paper classifies and elaborates on the challenges and tasks faced by existing fuzzing test case generation techniques in four key areas:browsers,network protocols,compilers,and operating systems,followed by a systematic summary and comparative analysis.Finally,this paper discusses the limitations and potential solutions of current fuzzing test case generation techniques from multiple perspectives and outlines promising future research directions in this field.

Key words: fuzzing test, test case generation, seed optimization strategy, vulnerability mining, software security

刘慧1, 2, 侯同定1, 2, 赵博3, 4, 郭涵彬1, 2. 模糊测试用例生成技术研究综述[J]. 计算机工程与科学, 2025, 47(7): 1244-1261.

LIU Hui1, 2, HOU Tongding1, 2, ZHAO Bo3, 4, GUO Hanbin1, 2. Survey of fuzzing test case generation techniques[J]. Computer Engineering & Science, 2025, 47(7): 1244-1261.

[1]	牛胜杰, 李鹏, 张玉杰, . 模糊测试技术研究综述[J]. 计算机工程与科学, 2022, 44(12): 2173-2186.
[2]	李根,卢凯，张英，卢锡城，冯华，张巍. Hunter：一种指令集体系结构无关的二进制级动态测试用例生成技术[J]. J4, 2011, 33(4): 69-74.
[3]	苗春雨1,陈丽娜2,赵建民2. 基于一致性测试理论的Statechart描述的测试用例自动生成[J]. J4, 2011, 33(3): 82-89.