A mutation-based fuzz testing approach for network protocol vulnerability detection

Mutation-based fuzz testing is a very effective approach to improve the security and reliability of protocol implementations, however, present mutation-based fuzzing technique is only effective on one field at one time, and not effective on multiple fields. What's more, there are not effective...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2012 2nd International Conference on Computer Science and Network Technology s. 1018 - 1022
Hlavní autoři: Han, Xing, Wen, Qiaoyan, Zhang, Zhao
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 01.12.2012
Témata:
Analytical models
Buffer overflows
fuzz test
Fuzzing
Knowledge based systems
MAC layer
Media Access Control
multi fields
mutation based test
Protocols
RATM
Security
Sockets
Testing
ISBN:1467329630, 9781467329637
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Mutation-based fuzz testing is a very effective approach to improve the security and reliability of protocol implementations, however, present mutation-based fuzzing technique is only effective on one field at one time, and not effective on multiple fields. What's more, there are not effective tools on fuzzing protocols based on MAC Layer. This paper presents an efficient mutation-based approach based on RATM model for multi-fields fuzzing test, which analysis the relationship among the protocol fields and the influence relationship of the fields collected. Based on these relationships, it can directly mutate corresponding testing case that might trigger the suspect vulnerabilities. And also by analyzing the results of testing, it changes the parameters of RATM to improve the quality of testing cases; besides, our methods could also fuzz protocol implementations based on MAC layer very effectively. Moreover, we design a testing framework to validate the effectiveness of RATM. We applied our approach to compare with peach on several protocol implementations and the results showed that our approach can find flaws of protocol implementation in one field and also multiple fields very effectively.
ISBN:1467329630
9781467329637
DOI:10.1109/ICCSNT.2012.6526099