摘要
通过分析了传统网络协议漏洞挖掘工具在生成测试数据的不足,深入研究了Fuzz漏洞挖掘技术方法。通过研究蓝牙OBEX协议的格式规范,提出了基于TLV(Type-Length-Value)的蓝牙OBEX协议Fuzz数据生成模型。最后基于TLV数据生成模型设计并实现了蓝牙OBEX协议漏洞挖掘工具(ObexFuzzer)。
In this dissertation,deficiencies of vulnerabilities mining tools of traditional network protocol when generating test data were analyzed,Fuzz vulnerabilities mining technology was investigated deeply.Fuzz data generation model of Bluetooth OBEX protocol was proposed based on TLV(Type-Length-Value)through studying Bluetooth OBEX protocol format specification.Vulnerabilities mining tool(ObexFuzzer)of Bluetooth OBEX protocol was implemented.
作者
张尚韬
ZHANG Shang-tao(Computer Engineering Department,Fujian Polytechnic of Information Technology,Fuzhou Fujian 350003)
出处
《数字技术与应用》
2020年第7期47-51,共5页
Digital Technology & Application
基金
福建省中青年教师教育科研项目(JAT191210)。
