摘要
模糊测试(Fuzzing)可以有效发现协议漏洞。然而不同于网络协议,工控协议模糊测试具有协议种类众多、私有协议解析难等特点。对此,文章转换问题解决思路,从工控工程师的角度入手,解析了Sulley的模糊测试架构和流程,设计了基于Sulley改进的工控协议模糊测试架构,采用基于块的可视化拖拽式界面进行私有协议的数据构造,公有协议采用套件的形式进行导入,添加输入优化模块以适应于工控系统,该框架有助于解决工控协议模糊测试中易用性差、测试负载大、测试效率低的问题。
Fuzzing can detect protocol vulnerabilities effectively. Different from network protocols,the industry control protocols are various and it is difficult to get the regulation of private industry control protocols. Therefore,the resolution is proposed by converting the subject of fuzzing test from testers to industry engineers. Firstly,fuzzing architecture and testing process of Sulley are analyzed. Based on that,an improved fuzzing architecture for industry control protocols is designed. In the new architecture,block-based visual interfaces are used for building private protocols. Public industry control protocols are tested by importing test suite. Besides,an optimization module to reduce testing data input is added into the architecture for the purpose of adjusting to industry devices. This architecture is meaningful to resolve problems of industry control protocols fuzzing including poor usability,large testing load and low efficiency.
出处
《微型机与应用》
2017年第19期3-5,共3页
Microcomputer & Its Applications