Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Regularization state machine model design method with stateful protocol

A technology of state machine model and design method, which is applied in the field of security vulnerability detection, can solve problems such as low efficiency and large amount of test data, and achieve the effect of efficient testing

Active Publication Date: 2014-11-12
BEIJING INSTITUTE OF TECHNOLOGYGY
View PDF1 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] Although traditional fuzz testing is the most effective and good at finding the highest level of dangerous vulnerabilities, it is widely used in the field of vulnerability detection, but it also has problems such as large amount of test data and low efficiency.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Regularization state machine model design method with stateful protocol
  • Regularization state machine model design method with stateful protocol
  • Regularization state machine model design method with stateful protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] The present invention will be further described below in conjunction with the drawings and specific embodiments.

[0028] 1. Regularized state machine model

[0029] The formal description model of network protocol plays an important role in network protocol fuzz testing. The formal description model is a data model that expresses the network protocol in a way that is easier to understand and analyze its characteristics according to the text description of its protocol specification (such as RFC documents, etc.), which is convenient for network protocol testing. .

[0030] A stateful network protocol is a network protocol related to context information, data information and historical traces. The communication process of a stateful network protocol is very complicated, usually including handshake, authentication and other processes. Generally, the support for fuzz testing is not perfect. Most of the generated test data can only cover the first interaction state, and i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a regularization state machine model design method with a stateful protocol. The regularization state machine model design method is used for improving a traditional fuzz test aiming at a stateful network protocol, enables a test case generated by the traditional fuzz test to be targeted but not indigested, has a wide cover range and is efficient. The regularization state machine model design method comprises the steps of step 1, obtaining the protocol specifications of a to-be-tested network protocol, and obtaining the protocol rules and a preliminary protocol state machine model through format analysis on the to-be-tested network protocol; step 2, generating a regularization state machine model for simplifying state space according to the preliminary protocol state machine model and the information of the state rules; step 3, generating a state generating tree combined with a state and the rules according to the protocol rules and the regularization state machine model, simplifying the relation between the state and a message through the state generating tree, and eliminating insignificant combinations; step 4, generating a preliminary test case; step 5, carrying out regular variation on the preliminary test case, and obtaining a final test case set.

Description

technical field [0001] The invention relates to a method for designing a regularized state machine model of a stateful protocol, and belongs to the technical field of security loophole detection. Background technique [0002] The security design and implementation of network protocols is not only related to people's privacy and property security, but also related to the interests of the country. Network protocol vulnerability has become a research hotspot in the field of information security. Currently, the vulnerability mining technologies for network protocols include: fuzzy testing technology, manual testing, binary comparison, static analysis, and dynamic analysis. Among them, fuzz testing technology is the most widely used and researched. [0003] Fuzz testing is currently the most effective method for security testing and vulnerability mining. Many of the currently announced security vulnerabilities were detected using fuzzing techniques, and there are many fuzzing ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/36
Inventor 胡昌振马锐韩雪单纯王勇
Owner BEIJING INSTITUTE OF TECHNOLOGYGY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products