Abstract
As an important program analysis method, taint analysis technology has been widely used in the field of vulnerability detection. However, the existing dynamic taint analysis needs to design instruction-by-instruction taint propagation rules, which is expensive and has a high false positive rate for identifying the implicit control flow of the target program. In view of the above problems, this paper proposes a dynamic taint analysis method nnTaint based on neural network for the existing taint-guided fuzzing technology, which has the characteristics of low cost and low false positives. Comparing nnTaint with the existing taint analysis tools, the operation efficiency is improved by 10.9%-18.8% compared with the traditional taint analysis, which reduces the cost of the existing dynamic taint analysis technology to a certain extent. On the LAVA-M testing datasets and GNU binutils program, nnTaint improves the edge coverage by 4.7%-16% compared with the existing taint-guided fuzzing tools, effectively improving the implicit control flow recognition accuracy of the existing dynamic taint analysis. The results show that nnTaint can improve the efficiency and accuracy of existing dynamic taint analysis tools.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
