摘要
针对现有模糊测试工具应用于有状态网络协议时存在的测试报文合法性差、测试效率低等问题,提出了一种面向有状态网络协议的模糊测试优化方法。首先通过分析待测协议的校验规则,利用可拓展标记语言对报文中与校验相关的字段进行标记,结合标签对应的功能函数计算正确的校验数据,生成合法性高的测试报文;其次使用协议状态驱动算法识别当前协议状态并选择对应的测试报文完成测试。实验结果表明,与当前流行的协议模糊测试工具Boofuzz和Peach相比,该方法可有效提升测试报文合法性和测试效率,并发现了2个0day漏洞。
To address the problem that the existing fuzzers have low program coverage and low test efficiency when applied to stateful network protocol,this paper proposes an optimization method for stateful network protocol.Firstly,by analyzing the tested protocols' check rules,the fields related to the check in the message are marked with xml,and then the correct parity data based on functions of labels are calculated to generate high validity test messages.Secondly,the new designed state-driven algorithm is used to identify the current protocol state and select the corresponding test packets for testing.The results show that compared with popular protocol fuzzers Boofuzz and Peach,this proposed method can effectively improve test message legitimacy and test efficiency,and two 0day vulnerabilities are found.
作者
杨睿
井靖
戚旭衍
任帅
YANG Rui;JING Jing;QI Xuyan;REN Shuai(Information Engineering University,Zhengzhou 450001,China;State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China)
出处
《信息工程大学学报》
2023年第1期86-92,共7页
Journal of Information Engineering University
基金
国家重点研发计划资助项目(2019QY0502)。
关键词
模糊测试
有状态网络协议
漏洞挖掘
数据关联
状态驱动
fuzzing
stateful network protocol
vulnerability discover
data association
state drive
