摘要
现有新型电力系统终端大都采用第三方厂商私有协议,难以对其进行解析分析。针对现有新型电力系统终端常用的Modbus协议开展逆向分析解析,基于协议分层的特点,通过从网络报文头部字段提取未知协议的有效字段部分,基于统计N-gram算法对协议字段进行分词,利用协议关键词构建Modbus协议状态机。对协议源码编译插桩,通过生成随机测试用例对Modbus服务器端程序进行模糊测试,并对测试崩溃结果进行了分析。实验结果表明,该方法能对新型电力系统终端的私有协议进行快速逆向识别和模糊测试,有较高的实用价值。
Most of the existing new power system terminals use private protocols of third-party vendors,which often proves to be challenging to analyze.The Modbus protocol commonly used in existing new power system terminals is analyzed in reverse.Based on the characteristics of protocol hierarchy,the valid fields of the unknown protocol are extracted from the header fields of network messages,and the protocol fields are divided into words based on the sta⁃tistical N-gram algorithm,and a Modbus protocol state machine is constructed using protocol keywords.Further,by protocol source code compilation and instrumentation,the Modbus server-side program is fuzzy tested by generating random test cases,and the test crash results are analyzed.The experimental results show that the scheme is capable of fast reverse identification and fuzzy testing of private protocols from third-party vendors and holds substantial prac⁃tical value.
作者
韩嘉佳
孙歆
吕磅
孙昌华
钱锦
HAN Jiajia;SUN Xin;LYU Bang;SUN Changhua;QIAN Jing(State Grid Zhejiang Electric Power Co.,Ltd.Research Institute,Hangzhou 310014,China)
出处
《浙江电力》
2023年第11期57-62,共6页
Zhejiang Electric Power
基金
国网浙江省电力有限公司科技项目(B311DS21000F)。
关键词
新型电力系统终端
协议逆向分析
动态二进制插桩
状态机比对
模糊测试
new power system terminals
protocol reverse analysis
dynamic binary instrumentation
state machine comparison
fuzzy testing
