Abstract
As an important program analysis method, taint analysis technology has been widely used in the field of vulnerability detection. However, the existing dynamic taint analysis needs to design instruction-by-instruction taint propagation rules, which is expensive and has a high false positive rate for identifying the implicit control flow of the target program. In view of the above problems, this paper proposes a dynamic taint analysis method nnTaint based on neural network for the existing taint-guided fuzzing technology, which has the characteristics of low cost and low false positives. Comparing nnTaint with the existing taint analysis tools, the operation efficiency is improved by 10.9%-18.8% compared with the traditional taint analysis, which reduces the cost of the existing dynamic taint analysis technology to a certain extent. On the LAVA-M testing datasets and GNU binutils program, nnTaint improves the edge coverage by 4.7%-16% compared with the existing taint-guided fuzzing tools, effectively improving the implicit control flow recognition accuracy of the existing dynamic taint analysis. The results show that nnTaint can improve the efficiency and accuracy of existing dynamic taint analysis tools.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.