Next Article in Journal
SSD7-FFAM: A Real-Time Object Detection Network Friendly to Embedded Devices from Scratch
Previous Article in Journal
Robust CNN Compression Framework for Security-Sensitive Embedded Systems
Previous Article in Special Issue
ID-Service: A Blockchain-Based Platform to Support Digital-Identity-Aware Service Accountability
Article

PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization

by 1,2,*, 1 and 1
1
School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China
2
School of Information and Navigation, Air Force Engineering University, Xi’an 710077, China
*
Author to whom correspondence should be addressed.
Appl. Sci. 2021, 11(3), 1095; https://doi.org/10.3390/app11031095
Received: 11 November 2020 / Revised: 18 January 2021 / Accepted: 18 January 2021 / Published: 25 January 2021
(This article belongs to the Special Issue Cybersecurity)
Coverage-oriented and target-oriented fuzzing are widely used in vulnerability detection. Compared with coverage-oriented fuzzing, target-oriented fuzzing concentrates more computing resources on suspected vulnerable points to improve the testing efficiency. However, the sample generation algorithm used in target-oriented vulnerability detection technology has some problems, such as weak guidance, weak sample penetration, and difficult sample generation. This paper proposes a new target-oriented fuzzer, PSOFuzzer, that uses particle swarm optimization to generate samples. PSOFuzzer can quickly learn high-quality features in historical samples and implant them into new samples that can be led to execute the suspected vulnerable point. The experimental results show that PSOFuzzer can generate more samples in the test process to reach the target point and can trigger vulnerabilities with 79% and 423% higher probability than AFLGo and Sidewinder, respectively, on tested software programs. View Full-Text
Keywords: fuzzing; model-based fuzzing; vulnerability detection; code coverage; open-source program; directed fuzzing; static instrumentation; source code instrumentation fuzzing; model-based fuzzing; vulnerability detection; code coverage; open-source program; directed fuzzing; static instrumentation; source code instrumentation
Show Figures

Figure 1

MDPI and ACS Style

Chen, C.; Xu, H.; Cui, B. PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization. Appl. Sci. 2021, 11, 1095. https://doi.org/10.3390/app11031095

AMA Style

Chen C, Xu H, Cui B. PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization. Applied Sciences. 2021; 11(3):1095. https://doi.org/10.3390/app11031095

Chicago/Turabian Style

Chen, Chen, Han Xu, and Baojiang Cui. 2021. "PSOFuzzer: A Target-Oriented Software Vulnerability Detection Technology Based on Particle Swarm Optimization" Applied Sciences 11, no. 3: 1095. https://doi.org/10.3390/app11031095

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop