A dynamic taint tracking optimized fuzz testing method based on multi-modal sensor data fusion

The safety of the Industrial Internet Control Systems has been a hotspot in the information security. To meet the needs of communication, a large variety of proprietary protocols have emerged in the field of industrial control. The protocol field is often trusted in the implementation of industrial...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:EURASIP journal on wireless communications and networking Jg. 2020; H. 1; S. 1 - 21
Hauptverfasser: Li, Qianmu, Liu, Yaozong, Meng, Shunmei, Zhang, Hanrui, Shen, Haiyuan, Long, Huaqiu
Format: Journal Article
Sprache:Englisch
Veröffentlicht: Cham Springer International Publishing 03.06.2020
Springer Nature B.V
SpringerOpen
Schlagworte:
Anomalies
Communications Engineering
Control methods
Data integration
Dependence relationship
Dynamic taint analysis
Engineering
Fuzz test
Grammar generation
Information Systems Applications (incl.Internet)
Multi-modal Sensor Data Fusion in Internet of Things
Multisensor fusion
Networks
Protocol
Protocol (computers)
Signal,Image and Speech Processing
Test methods
Dependence relationship
Fuzz test
Grammar generation
Dynamic taint analysis
ISSN:1687-1499, 1687-1472, 1687-1499
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The safety of the Industrial Internet Control Systems has been a hotspot in the information security. To meet the needs of communication, a large variety of proprietary protocols have emerged in the field of industrial control. The protocol field is often trusted in the implementation of industrial control terminal code. If attackers modify the data of these fields using the protocol defect, the operation of the program can be controlled and the entire system will be affected. To cope with such security threats, academia and industry generally adopt fuzz test methods. However, the current industrial control protocol fuzz test methods generally have low code coverage, where unified description models are missing and test cases are not targeted. A method of fuzzification processing combined with dynamic multi-modal sensor communication data is proposed. To track the program execution, the dynamic pollution analysis is used to search for the input fields that affect the execution of the conditional branch and capture the dependencies between the conditional branches to guide the grammar generation of test cases, which can increase the chances of executing deep code. The experimental results show that the proposed method improves the validity and code coverage of test cases to a certain extent and greatly increases the probability of anomaly detection in the protocol implementation.
Bibliographie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:1687-1499
1687-1472
1687-1499
DOI:10.1186/s13638-020-01734-0