black-box testing based on colorful taint analysis

ISCAS OpenIR

	black-box testing based on colorful taint analysis
	Chen Kai; Feng DengGuo; Su PuRui; Zhang YingJun
	2012
发表期刊	SCIENCE CHINA-INFORMATION SCIENCES
ISSN	1674-733X
卷号	55 期号:1 页码:171-183
摘要	Software vulnerability detection is one of the most important methods for guaranteeing software security. Two main classes of methods can detect vulnerabilities in binary files: white-box testing and black-box testing. The former needs to construct and solve path constraints to detect vulnerabilities. It has two main drawbacks: path exploding and complexity of constraints. The latter often aimlessly exhausts various inputs to test binary files. This paper combines both testing methods to detect vulnerabilities in binary files. By analyzing the input elements that affect check condition corresponding to a certain check point, we can generate one class of inputs that get to the check point to increase fuzzing efficiency. By analyzing the relationship between guard conditions and check condition, the redundant check points are removed. Colorful taint analysis method (CTAM) is proposed to compute guard conditions, which is more efficient than traditional taint analysis method (TTAM). We implemented a prototype and made several experiments on it. The results showed that our method could increase the efficiency of black-box testing.; Software vulnerability detection is one of the most important methods for guaranteeing software security. Two main classes of methods can detect vulnerabilities in binary files: white-box testing and black-box testing. The former needs to construct and solve path constraints to detect vulnerabilities. It has two main drawbacks: path exploding and complexity of constraints. The latter often aimlessly exhausts various inputs to test binary files. This paper combines both testing methods to detect vulnerabilities in binary files. By analyzing the input elements that affect check condition corresponding to a certain check point, we can generate one class of inputs that get to the check point to increase fuzzing efficiency. By analyzing the relationship between guard conditions and check condition, the redundant check points are removed. Colorful taint analysis method (CTAM) is proposed to compute guard conditions, which is more efficient than traditional taint analysis method (TTAM). We implemented a prototype and made several experiments on it. The results showed that our method could increase the efficiency of black-box testing.
收录类别	SCI
关键词	Software Testing Vulnerability Detection Dynamic Testing Black-box Testing Colorful Taint Analysis
部门归属	Chen Kai; Feng DengGuo; Su PuRui; Zhang YingJun Chinese Acad Sci State Key Lab Informat Secur Inst Software Beijing 100190 Peoples R China. Chen Kai; Zhang YingJun Chinese Acad Sci State Key Lab Informat Secur Grad Univ Beijing 100049 Peoples R China. Chen Kai; Zhang YingJun Natl Engn Res Ctr Informat Secur Beijing 100190 Peoples R China.
学科领域	Computer Science
资助者	National Natural Science Foundation of China 60970028, 60703076, 61073179
语种	英语
WOS记录号	WOS:000298651900020
引用统计
内容类型	期刊论文
URI标识	http://ir.iscas.ac.cn/handle/311060/15095
专题	中国科学院软件研究所
推荐引用方式 GB/T 7714	Chen Kai,Feng DengGuo,Su PuRui,et al. black-box testing based on colorful taint analysis[J]. SCIENCE CHINA-INFORMATION SCIENCES,2012,55(1):171-183.
APA	Chen Kai,Feng DengGuo,Su PuRui,&Zhang YingJun.(2012).black-box testing based on colorful taint analysis.SCIENCE CHINA-INFORMATION SCIENCES,55(1),171-183.
MLA	Chen Kai,et al."black-box testing based on colorful taint analysis".SCIENCE CHINA-INFORMATION SCIENCES 55.1(2012):171-183.