摘要
目前,网络协议模糊测试的目标趋向于大型协议实体,而传统的测试用例过滤方法主要是基于测试对象的运行状态信息,测试对象越庞大,其执行单个测试用例的时间也越长。因此,针对传统的网络协议模糊测试用例过滤方法存在无效执行时间长、效率低下的问题,依据循环神经网络模型对序列数据较强的处理和预测能力,提出一种基于QRNN的网络协议模糊测试用例过滤方法。通过学习网络协议的结构特征,包括字段取值范围和字段间约束关系,该方法可以自动过滤无效测试用例,减少协议实体测试用例的执行次数。实验结果表明,与传统的网络协议模糊测试用例过滤方法相比,所提方法可以有效降低网络协议漏洞挖掘的时间成本,显著提高网络协议模糊测试的效率。
At present,targets of network protocol fuzzing tend to be large protocol entities,and traditional testcase filtering me-thods are mainly based on the running status information of the test object.The larger the test object,the longer it takes to execute a single testcase.Therefore,in view of the problems of long invalid execution time and low efficiency in traditional testcase filtering methods for network protocol fuzzing,a testcase filtering method based on QRNN for network protocol fuzzing is proposed according to strong abilities of recurrent neural network models to process and predict sequence data.The method can automatically filter invalid testcases by learning structural characteristics of the network protocol,including the value range of fields and constraint relationships between fields,and reduce the number of testcases executed by the protocol entity.Experimental results show that,compared with traditional testcase filtering methods for network protocol fuzzing,the proposed method can effectively reduce the time cost of network protocol vulnerability discovery and dramatically improve the efficiency of network protocol fuzzing.
作者
胡志濠
潘祖烈
HU Zhi-hao;PAN Zu-lie(College of Electronic Engineering,National University of Defense Technology,Hefei 230037,China;Anhui Province Key Laboratory of Cyberspace Security Situation Awareness and Evaluation,Hefei 230037,China)
出处
《计算机科学》
CSCD
北大核心
2022年第5期318-324,共7页
Computer Science
基金
国家重点研发项目(2017YFB0802900)。
