Efficient industrial control protocol fuzz test method

An industrial control protocol and fuzz testing technology, applied in genetic models, genetic laws, electrical components, etc., can solve the problems of low test efficiency, combination explosion, low code coverage, etc., to ensure the abnormal occurrence rate and improve the efficiency of testing. , the effect of improving mutation efficiency

Active Publication Date: 2018-11-30
UNIV OF ELECTRONICS SCI & TECH OF CHINA
View PDF9 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Traditional fuzz testing has defects such as low code coverage and inability to identify multi-point trigger vulnerabilities
The industrial control protocol is session-oriented, highly structured, and has many control fields. The direct application of the fuzzing test method to the industrial control protocol requires the construction of a large number of mutators, facing the problem of combination explosion, and the test efficiency is not high.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Efficient industrial control protocol fuzz test method
  • Efficient industrial control protocol fuzz test method
  • Efficient industrial control protocol fuzz test method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be described in detail below in conjunction with the flow chart of the fuzzy test, taking the power system IEC104 protocol as an example. Efficient industrial control protocol fuzz testing method of the present invention is as figure 2 As shown, the multidimensional deformity sample generation process is as follows figure 1 shown.

[0038] Such as image 3 As shown, the IEC104 protocol is a protocol for communicating with the dispatching system based on Ethernet, and is generally used for network data communication between the dispatching master station and the substation. First, according to the IEC104 protocol format, the variable and immutable fields in the protocol are analyzed, as well as the vulnerabilities in the variable fields. and the Application Service Data Unit. The division of immutable domains includes initiator, APDU length, public address, etc. The APDU length is the length of the application data protocol unit of the me...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the field of industrial control safety technology and in particular relates to an efficient industrial control protocol fuzz test method, comprising the following steps: analyzing a protocol format, varying a single weak point in a protocol by adopting a strategy in a variation strategy set Mut, generating an original one-dimensional deformed sample set, sending to to-be-tested equipment as a test sample set TDB, detecting equipment exception record feedback information, calculating a fitness function, selecting a parent sample set FDB based on a roulette strategy, performing crossover and variation on individuals in the parent sample set FDB in pairs and generating a new son sample set SDB, and taking the parent sample set FDB and the son sample set SDB as a testsample set TDB for a test in a new round; and repeating by using the new test sample set TDB until dimensionality is saturated. The method provided by the invention generates a multi-dimensional testcase based on multiple strategy variances of fields at the same time, has diversity and can raise a multi-contact exception caused by adoption of different strategy variances on different fields.

Description

technical field [0001] The invention belongs to the technical field of industrial control security, and in particular relates to an efficient industrial control protocol fuzzy testing method. Background technique [0002] With the accelerated development of industrial digitalization, networking, and intelligence, industrial control security is facing new challenges such as increasing security vulnerabilities, accelerated penetration of security threats, and complex and diverse attack methods. How to solve the problem of industrial control security has become a severe challenge for enterprises, and has been highly valued by the country. Due to the high real-time and reliability requirements of industrial control systems, many traditional network security methods cannot play a good role in the field of industrial control. [0003] At present, when detecting industrial control network security vulnerabilities, technologies such as port service scanning and vulnerability featur...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N3/12
CPCG06N3/126H04L63/1425H04L63/1433H04L69/22
Inventor 丁旭阳张小松陈华超叶习军谢盈
Owner UNIV OF ELECTRONICS SCI & TECH OF CHINA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap