WO2026028310A1 - Dispositif de traitement d'informations - Google Patents

Dispositif de traitement d'informations

Info

Publication number
WO2026028310A1
WO2026028310A1 PCT/JP2024/027219 JP2024027219W WO2026028310A1 WO 2026028310 A1 WO2026028310 A1 WO 2026028310A1 JP 2024027219 W JP2024027219 W JP 2024027219W WO 2026028310 A1 WO2026028310 A1 WO 2026028310A1
Authority
WO
WIPO (PCT)
Prior art keywords
program
input
fuzzing
unit
information processing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/JP2024/027219
Other languages
English (en)
Japanese (ja)
Inventor
榮太朗 塩治
一史 青木
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NTT Inc
NTT Inc USA
Original Assignee
Nippon Telegraph and Telephone Corp
NTT Inc USA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nippon Telegraph and Telephone Corp, NTT Inc USA filed Critical Nippon Telegraph and Telephone Corp
Priority to PCT/JP2024/027219 priority Critical patent/WO2026028310A1/fr
Publication of WO2026028310A1 publication Critical patent/WO2026028310A1/fr
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment

Definitions

  • the present invention relates to an information processing device.
  • Fuzzing is a software testing method that involves randomly mutating test inputs and running a program. Unlike conventional testing, which runs a set of predefined test cases and then terminates, fuzzing is never-ending, as random test inputs are endlessly generated and tried. Therefore, the capabilities and results of fuzzing depend on finite resources, making efficiency important.
  • fuzzing multiple input candidates called seeds are stored, and the next input to be mutated or executed is selected from these candidates.
  • the selection of seeds and the addition of new seeds are made more efficient by prioritizing inputs that are deemed important based on specific indicators. For example, there are indicators that prioritize inputs that improve code coverage, and inputs that pass (or do not pass) through specified program sections (see, for example, Non-Patent Document 1).
  • fuzzing can be made significantly more efficient with human intervention (human-in-the-loop fuzzing). For example, if special conditions are required as input that are difficult to generate through automatic mutations using fuzzing, fuzzing can be accelerated by humans identifying these and adding them as input (see, for example, non-patent document 2).
  • Non-Patent Document 1 In order to perform fuzzing more efficiently, it is necessary to use not only general-purpose indicators such as coverage, but also indicators that are specific to the characteristics of the target program itself. However, with the technology described in Non-Patent Document 1, for example, it is difficult to automatically obtain information based on such indicators.
  • Non-Patent Document 2 Furthermore, to make fuzzing more efficient, human intervention is required to optimize programs and fuzzing, as described in Non-Patent Document 2. However, this is cumbersome and takes time to be reflected in fuzzing.
  • the present invention was made in consideration of the above, and aims to perform fuzzing efficiently.
  • the information processing device of the present invention is characterized by having an acquisition unit that acquires location information that identifies the location of source code that is the source of a program and that has been manipulated via an editor, and an update unit that updates the priority corresponding to each input candidate, which is a candidate value to be input to the program during fuzzing, based on the location information.
  • fuzzing can be performed efficiently.
  • FIG. 1 is a diagram illustrating an example of the configuration of an information processing apparatus according to the first embodiment.
  • FIG. 2 is a diagram showing an example of input candidate information.
  • FIG. 3 is a flowchart showing the flow of processing by the information processing apparatus according to the first embodiment.
  • FIG. 4 is a diagram illustrating an example of source code.
  • FIG. 5 is a diagram illustrating an example of source code.
  • FIG. 6 is a diagram illustrating an example of a computer that executes an information processing program.
  • FIG. 1 is a diagram showing an example of the configuration of an information processing device according to the first embodiment.
  • the information processing device 10 shown in Fig. 1 can support fuzzing.
  • the information processing device 10 accepts input of source code for a program to be fuzzed. The information processing device 10 then outputs the priority of each input candidate for program fuzzing based on the source code. The information processing device 10 also functions as an editor program for editing the source code.
  • the editor program may be a development environment, a text editor, etc.
  • the editor program may be simply referred to as an editor.
  • the following situation is assumed as an example. That is, while fuzzing is being performed on a program, a user (e.g., a developer or analyst) simultaneously edits the source code of the program. This situation is common, for example, when continuous fuzzing is performed using CI (Continuous Integration) during software development.
  • CI Continuous Integration
  • the information processing device 10 is a general-purpose computer such as a PC. As shown in FIG. 1, the information processing device 10 includes a communication unit 11, an input/output unit 12, a memory unit 13, and a control unit 14.
  • the communication unit 11 communicates data with other devices via a network.
  • the communication unit 11 is a network interface card (NIC).
  • NIC network interface card
  • the input/output unit 12 is an interface connected to input devices such as a mouse and keyboard, and output devices such as a display.
  • the storage unit 13 is a storage device such as an HDD (Hard Disk Drive), SSD (Solid State Drive), or optical disk.
  • the storage unit 13 may also be a data-rewritable semiconductor memory such as RAM (Random Access Memory), flash memory, or NVSRAM (Non-Volatile Static Random Access Memory).
  • the storage unit 13 stores the OS (Operating System) and various programs executed by the information processing device 10.
  • the storage unit 13 stores input candidate information 131, which is information related to input candidates.
  • input candidates are candidate values for variables, etc., to be input into a program.
  • Input candidates may be generated randomly or according to predetermined rules.
  • Figure 2 is a diagram showing an example of input candidate information.
  • input candidate information 131 is a table having items such as "Number,” “Input Candidate,” and “Priority.”
  • the value of the "Number” item is information for identifying an input candidate.
  • the value of the "Input Candidate” item is the specific content of the input candidate.
  • the value of the "Priority” item is the priority set for each input candidate. Note that input candidates may also be seeds for generating values.
  • the value of the variable "x" is listed as an input candidate.
  • the control unit 14 controls the entire information processing device 10.
  • the control unit 14 is, for example, an electronic circuit such as a CPU (Central Processing Unit), MPU (Micro Processing Unit), or GPU (Graphics Processing Unit), or an integrated circuit such as an ASIC (Application Specific Integrated Circuit) or FPGA (Field Programmable Gate Array).
  • CPU Central Processing Unit
  • MPU Micro Processing Unit
  • GPU Graphics Processing Unit
  • ASIC Application Specific Integrated Circuit
  • FPGA Field Programmable Gate Array
  • the control unit 14 also has internal memory for storing programs that define various processing procedures and control data, and executes each process using the internal memory.
  • the control unit 14 also functions as various processing units as various programs run.
  • the control unit 14 has an editor execution unit 141, an editor extension unit 142, and a fuzzing extension unit 143.
  • the editor execution unit 141 executes an editor.
  • the editor execution unit 141 may execute an existing text editor or development environment.
  • the editor extension unit 142 acquires information about the editor.
  • the editor extension unit 142 may be implemented as an add-on function for the editor.
  • the editor extension unit 142 has a reception unit 142a and an acquisition unit 142b.
  • the fuzzing extension unit 143 performs fuzzing.
  • the fuzzing extension unit 143 also performs fuzzing-related processing based on information acquired by the editor extension unit 142. For example, the fuzzing extension unit 143 determines the priority of input candidates.
  • the fuzzing extension unit 143 has a determination unit 143a and an update unit 143b.
  • Figure 3 is a flowchart showing the processing flow of the information processing device according to the first embodiment.
  • the editor execution unit 141 launches the editor (step S101).
  • the reception unit 142a receives a user operation on the editor (step S102). If the received operation is not an operation on source code (step S103; No), the reception unit 142a waits for reception of an operation.
  • Step S104 If the accepted operation is an operation on source code (Step S103: Yes), the acquisition unit 142b acquires location information of the source code where the operation was performed (Step S104).
  • the acquisition unit 142b acquires location information that identifies the location in the source code that forms the basis of the program and where the operation was performed via the editor.
  • source code location information is information that identifies the source code file being edited or viewed via an editor (e.g., file name or file path) and line number.
  • Figure 4 shows an example of source code.
  • line 102 of source code 210 is being edited in an editor.
  • the acquisition unit 142b acquires the file path of source code 210 and the line number being edited (here, "102").
  • the acquisition unit 142b acquires location information for the source code corresponding to the active window among the windows displayed on the display.
  • the acquisition unit 142b passes the acquired information to the fuzzing extension unit 143.
  • the determination unit 143a of the fuzzing extension unit 143 selects an unselected input candidate (step S105). For example, the determination unit 143a selects the input candidates in the input candidate information 131 in ascending order of numbers.
  • the determination unit 143a determines whether or not the location corresponding to the acquired location information will be passed through when the program is executed based on the selected input candidate (step S106).
  • line 102 of source code 210 is part of function "function_B" and is a location that is always passed through when the function is executed. Note that “passing through” means that that location (line) is executed.
  • Figure 5 shows the source code of the program being fuzzed.
  • Figure 5 shows an example of source code.
  • the value of variable x is output by the function "input.” Therefore, depending on the processing content of the function "input,” the value of variable x may not be directly input into the program. For example, if the function "input" is a function that simply receives and outputs a value directly input into the program, the value of variable x can be directly input into the program. On the other hand, if the function "input” is a function that outputs a predetermined calculated value based on the input value, the value of variable x cannot be directly input into the program. However, in the fuzzing of this embodiment, in either case, the specific values of each input candidate in Figure 2 are set to be values such that x takes on the value listed in the "Input Candidate" column.
  • the update unit 143b increases the priority of the selected input candidate that has been determined to be accepted (step S108). For example, the update unit 143b increases the priority of the input candidate information 131 by 1.
  • the update unit 143b updates the priority corresponding to each input candidate, which is a candidate for a value to be input to a program during fuzzing, based on the location information.
  • the update unit 143b updates the priority of the input candidate that will execute the part of the program corresponding to the location information when the corresponding value is input to the program.
  • Step S109 If there are unselected input candidates (Step S109; Yes), the determination unit 143a returns to Step S105 and selects an unselected input candidate (Step S105). If there are no unselected input candidates (Step S109; No) and the editor has been terminated (Step S110; Yes), the editor extension unit 142 and the fuzzing extension unit 143 terminate processing.
  • Step S110 If the editor has not terminated (Step S110; No), the editor extension unit 142 and fuzzing extension unit 143 return to Step S102 and repeat the process. In other words, the acquisition unit 142b repeatedly acquires location information while the editor is running.
  • the reason why the update unit 143b increases the priority is based on the idea that parts that are being actively edited are important. However, the method for updating the priority of the update unit 143b is not limited to the method described here.
  • the update unit 143b may decrease the priority instead of increasing it. For example, parts that have been fixed after their vulnerabilities have been thoroughly analyzed will be considered to have been thoroughly tested and will be avoided from fuzzing.
  • the update unit 143b may reduce the priority of fuzzing to avoid performing unnecessary fuzzing.
  • the acquiring unit 142b acquires location information that identifies the location of the source code that is the source of the program and that has been manipulated via an editor.
  • the updating unit 143b updates the priority corresponding to each of the input candidates, which are candidates for values to be input to the program during fuzzing, based on the location information.
  • the information processing device 10 can automatically acquire and use information about the properties of the target program from the user's perspective. Furthermore, because the information processing device 10 automatically collects user behavior through the editor, the user can contribute to improving the efficiency of fuzzing in real time without being aware of it. As a result, according to the embodiment, fuzzing can be carried out efficiently.
  • the acquisition unit 142b also acquires the file name and line number of the source code where the operation was performed. This allows the information processing device 10 to identify the location information in detail.
  • the update unit 143b updates the priority of input candidates that, when the corresponding value is input into the program, will cause the part of the program that corresponds to the location information to be executed. This allows the information processing device 10 to update the priority of input candidates so that the part corresponding to the location information is always executed.
  • the acquisition unit 142b repeatedly acquires location information while the editor is running. This allows the information processing device 10 to appropriately update the priority of input candidates each time source code is viewed or edited via the editor.
  • the editor extension unit 142 and the fuzzing extension unit 143 may be implemented as part of the editor itself and the fuzzing system's functions, respectively, or may be implemented as extensions of each.
  • the relationship between the fuzzing system in which the fuzzing extension unit 143 is implemented and the editor users does not need to be 1:1, but may be multiple:multiple or one:multiple.
  • a single editor may have a fuzzing system for each of multiple virtual instances.
  • the information processing device 10 can be implemented by installing an information processing program that executes the above-described processes as package software or online software on a desired computer.
  • the information processing device can function as the information processing device 10.
  • the information processing device referred to here includes desktop and notebook personal computers.
  • the information processing device also includes smartphones, tablet terminals, and the like.
  • FIG. 6 shows an example of a computer that executes an information processing program.
  • the computer 1000 has, for example, memory 1010 and a CPU 1020.
  • the computer 1000 also has a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network interface 1070. These components are connected by a bus 1080.
  • Memory 1010 includes ROM (Read Only Memory) 1011 and RAM (Random Access Memory) 1012.
  • ROM 1011 stores, for example, a boot program such as a BIOS (Basic Input Output System).
  • Hard disk drive interface 1030 is connected to a hard disk drive 1090.
  • Disk drive interface 1040 is connected to a disk drive 1100.
  • a removable storage medium such as a magnetic disk or optical disk is inserted into the disk drive 1100.
  • Serial port interface 1050 is connected to, for example, a mouse 1110 and a keyboard 1120.
  • Video adapter 1060 is connected to, for example, a display 1130.
  • the hard disk drive 1090 stores, for example, an OS 1091, an application program 1092, a program module 1093, and program data 1094.
  • the programs that define each process of the information processing device 10 are implemented as program modules 1093 in which computer-executable code is written.
  • the program modules 1093 are stored, for example, on the hard disk drive 1090.
  • a program module 1093 for executing processes similar to those of the functional configuration of the information processing device 10 is stored on the hard disk drive 1090.
  • the hard disk drive 1090 may be replaced by an SSD.
  • the setting data used in the processing of the above-described embodiment is stored as program data 1094, for example, in memory 1010 or hard disk drive 1090.
  • the CPU 1020 reads the program module 1093 and program data 1094 stored in memory 1010 or hard disk drive 1090 into RAM 1012 as needed, and executes the processing of the above-described embodiment.
  • the program module 1093 and program data 1094 do not necessarily have to be stored on the hard disk drive 1090; they may instead be stored on a removable storage medium and read by the CPU 1020 via the disk drive 1100 or the like. Alternatively, the program module 1093 and program data 1094 may be stored on another computer connected via a network (such as a LAN (Local Area Network) or WAN (Wide Area Network)). The program module 1093 and program data 1094 may then be read by the CPU 1020 from the other computer via the network interface 1070.
  • a network such as a LAN (Local Area Network) or WAN (Wide Area Network)

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)
  • Debugging And Monitoring (AREA)

Abstract

L'invention concerne un dispositif de traitement d'informations (10) comprenant une unité d'acquisition (142b) et une unité de mise à jour (143b). L'unité d'acquisition (142b) acquiert des informations d'emplacement destinées à identifier l'emplacement d'un code source qui est la source d'un programme et sur lequel une opération a été effectuée par l'intermédiaire d'un éditeur. L'unité de mise à jour (143b) met à jour, sur la base des informations d'emplacement, la priorité correspondant à chacun des candidats d'entrée, qui sont des candidats pour des valeurs entrées dans le programme pendant un test à données aléatoires.
PCT/JP2024/027219 2024-07-30 2024-07-30 Dispositif de traitement d'informations Pending WO2026028310A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2024/027219 WO2026028310A1 (fr) 2024-07-30 2024-07-30 Dispositif de traitement d'informations

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2024/027219 WO2026028310A1 (fr) 2024-07-30 2024-07-30 Dispositif de traitement d'informations

Publications (1)

Publication Number Publication Date
WO2026028310A1 true WO2026028310A1 (fr) 2026-02-05

Family

ID=98606406

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2024/027219 Pending WO2026028310A1 (fr) 2024-07-30 2024-07-30 Dispositif de traitement d'informations

Country Status (1)

Country Link
WO (1) WO2026028310A1 (fr)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009116847A (ja) * 2007-11-01 2009-05-28 Korea Electronics Telecommun ソフトウェア脆弱点点検装置及び方法
JP2020205047A (ja) * 2019-06-17 2020-12-24 バイドゥ ユーエスエイ エルエルシーBaidu USA LLC アプリケーション・プログラムのための脆弱性により起動されるハイブリッド・テストシステム

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009116847A (ja) * 2007-11-01 2009-05-28 Korea Electronics Telecommun ソフトウェア脆弱点点検装置及び方法
JP2020205047A (ja) * 2019-06-17 2020-12-24 バイドゥ ユーエスエイ エルエルシーBaidu USA LLC アプリケーション・プログラムのための脆弱性により起動されるハイブリッド・テストシステム

Similar Documents

Publication Publication Date Title
US7506037B1 (en) Method determining whether to seek operator assistance for incompatible virtual environment migration
US10289397B2 (en) Silent installation of software with dependencies
US9513889B2 (en) System and method of automating installation of applications
WO2022180702A1 (fr) Dispositif d'ajout de fonction d'analyse, programme d'ajout de fonction d'analyse et procédé d'ajout de fonction d'analyse
WO2025001089A1 (fr) Procédé de détection de vulnérabilité et dispositif associé
CN115017516A (zh) 一种基于符号执行的模糊测试方法
JP2018018373A (ja) 抽出装置および抽出方法
US20180089432A1 (en) System and method for characterizing malware
US20120284695A1 (en) Error simulation
US9116714B2 (en) Methods and systems for file processing
US10528691B1 (en) Method and system for automated selection of a subset of plurality of validation tests
WO2015003452A1 (fr) Procédés et systèmes de traitement de fichier
Su et al. An efficient GPU implementation of inclusion-based pointer analysis
CN114201382A (zh) 测试用例生成方法、装置、存储介质和电子设备
WO2026028310A1 (fr) Dispositif de traitement d'informations
CN116166525A (zh) 一种测试脚本的生成方法及装置
He et al. RLTG: Multi-targets directed greybox fuzzing
JP7211228B2 (ja) 解析装置、解析方法、及びプログラム
CN112231186A (zh) 一种性能数据的处理方法、装置、电子设备及介质
CN116701144A (zh) 性能分析方法、装置、存储介质及程序产品
CN115629979A (zh) 一种ui自动化测试方法及系统、设备、存储介质
WO2022222499A1 (fr) Procédé de traitement de code, et système, grappe, support et produit programme
CN113420302A (zh) 主机漏洞检测方法及装置
US10176074B2 (en) Computed call/jump target resolution via behavior computation
Michaels et al. Mobile test suite generation via combinatorial sequences

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 24949777

Country of ref document: EP

Kind code of ref document: A1