• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

Computer Engineering & Science

Previous Articles     Next Articles

Instance analysis and improvement on scalable
state-of-art software vulnerability detector

WU Xugang,ZHANG Wenzhe   

  1. (College of Computer,National University of Defense Technology,Changsha 410073,China)
  • Received:2018-07-17 Revised:2018-09-23 Online:2018-11-26 Published:2018-11-25

Abstract:

 

With the development of computer technology, nowadays the scale of software becomes larger and the vulnerability becomes harder to be detect. Manual audit requires a large amount of time and labor, which makes it infeasible in largescale software. Machinebased automatical vulnerability detector design therefore becomes a heated research area. We study the stateofart scalable fuzzer named American Fuzzy Loop (AFL), and aiming at its defects, such as difficulty on passing magic number tests, we analyze the reasons and give a practical solution. The improved method achieves good results in our tests.
 
 

Key words: software vulnerability, scalability, instance analysis