[1]钟宏,夏云浩,张金鑫,等.基于多样化反馈演进策略的协议模糊测试[J].计算机技术与发展,2024,34(10):84-92.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0165]
 ZHONG Hong,XIA Yun-hao,ZHANG Jin-xin,et al.Fuzzing of Network Protocol Based on Multiple Strategies of Feedback and Evolution[J].,2024,34(10):84-92.[doi:10.20165/j.cnki.ISSN1673-629X.2024.0165]
点击复制

基于多样化反馈演进策略的协议模糊测试()

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
34
期数:
2024年10期
页码:
84-92
栏目:
软件技术与工程
出版日期:
2024-10-10

文章信息/Info

Title:
Fuzzing of Network Protocol Based on Multiple Strategies of Feedback and Evolution
文章编号:
1673-629X(2024)10-0084-09
作者:
钟宏12夏云浩13张金鑫13马致原13
1. 移动网络和移动多媒体技术国家重点实验室,广东 深圳 518055;2. 深圳市中兴软件有限责任公司,广东 深圳 518057;3. 南京中兴新软件有限责任公司,江苏 南京 210012
Author(s):
ZHONG Hong12XIA Yun-hao13ZHANG Jin-xin13MA Zhi-yuan13
1. State Key Laboratory of Mobile Network and Mobile Multimedia Technology,Shenzhen 518055,China;2. Shenzhen Zhongxing Software Company Limited,Shenzhen 518057,China;3. Nanjing Zhongxing New Software Company Limited,Nanjing 210012,China
关键词:
网络协议漏洞挖掘模糊测试状态反馈权重反馈机器学习
Keywords:
network protocolvulnerability miningfuzzingstatus feedbackweight feedbackmachine learning
分类号:
TP311.53
DOI:
10.20165/j.cnki.ISSN1673-629X.2024.0165
摘要:
网络协议是当今互联网通信的基础,其存在的安全问题可能会导致网络中大量设备面临灾难性风险。 网络协议涵盖了各种层次和类型,每层都有其特性和目的,协议实现中的漏洞挖掘是计算机安全的一个具有挑战性的问题。 该文提出一种适配多种公开或私有网络协议的黑盒模糊测试方案,可以在无需了解协议代码和规范的状况下发现协议实现中的漏洞。 该方法面对物理层到应用层的多种网络协议,可以实现自动特征提取与学习,并依据结果生成高效的测试用例。同时,设计状态反馈、权重反馈、机器学习等多种反馈演进变异策略提高测试用例的有效性。 此外,采用污点分析、执行流跟踪等技术监控被测目标测试执行过程及结果,使得测试结果更加精准,提升漏洞挖掘准确率。 为了评估该方法的有效性,设计并实现了一个模糊测试原型系统,成功识别出协议实现中存在的未知漏洞。 此外,还与业界主流的模糊测试工具进行了性能对比,从变异效率的多个维度体现该方法的优势。
Abstract:
Network protocols are the basis of Internet communications,and security issues of them may expose a large number of devices in the network to catastrophic risks. Network protocols cover various layers and types,and each layer has its own characteristics and purposes. Vulnerabilities mining in the protocol implementation is a challenging task in computer security. We propose a black -box fuzzing scheme for multiple public or private network protocols,which can discover vulnerabilities in protocol implementation without knowledge of code and specifications. The proposed method can automatically implement protocol learning and feature extraction for a variety of network protocols from the physical layer to the application layer,and generate efficient test cases according to the results. In addition,multiple feedback strategies, such as status feedback, weight feedback, and machine learning are designed to improve the effectiveness of test cases. Furthermore,technologies such as taint analysis and execution flow tracking are used to monitor the process and results of test execution of the tested target,making the test result more accurate and improving the accuracy of vulnerability mining.In order to evaluate the effectiveness of the proposed method,we design and implement a fuzzing prototype system and several unknown security vulnerabilities in the protocol implementation are detected. Furthermore,compared with other schemes in terms of performance,the proposed method is outperformed in multiple dimensions of efficiency variation.

相似文献/References:

[1]王建军 朱承学 赵晋琴 罗平平.以太网动态仿真实验系统设计[J].计算机技术与发展,2010,(07):125.
 WANG Jian-jun,ZHU Cheng-xue,ZHAO Jin-qin,et al.Design for Ethernet Dynamic Simulation Experiment System[J].,2010,(10):125.
[2]吴春婧 郑明春 秦继林.无线传感器网络协议研究[J].计算机技术与发展,2006,(08):27.
 WU Chun-jing,ZHENG Ming-chun,QIN Ji-lin.Research about Protocol of Wireless Sensor Network[J].,2006,(10):27.
[3]杨海民,张涛,赵敏,等. 基于gdb的Android软件漏洞挖掘系统[J].计算机技术与发展,2015,25(08):156.
 YANG Hai-min,ZHANG Tao,ZHAO Min,et al. Android Software Vulnerabilities Mining System Based on gdb[J].,2015,25(10):156.

更新日期/Last Update: 2024-10-10