Network protocol fuzzy test method based on state migration traversal

A technology of state transition and fuzz testing, applied in data exchange network, digital transmission system, electrical components, etc., can solve the problems of limited application range, low test efficiency, and small probability of protocol entity anomaly, so as to reduce test time and improve The effect of testing efficiency and reducing invalid interactions

Active Publication Date: 2019-03-26
ARMY ENG UNIV OF PLA
View PDF7 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The fuzz testing of network communication protocols can be traced back to PROTOS, a network protocol security testing software developed by Oulu University in Finland in 1999. This software has detected many security vulnerabilities in protocol entity programs, but PROTOS is not a general testing framework, and the software is relatively flexible. Poor, narrow range of application
In 2002, Dave Aitel developed SPIKE, a general protocol testing framework tool. SPIKE is a customizable fuzzer framework that can easily realize code reuse, but cannot flexibly describe the constraint relationship between fields in a message, and SPIKE is only suitable for the test of stateless network protocols, and the scope of application is limited
Existing test methods usually only focus on improving the effectiveness of test cases, without considering the optimization of the test process, resulting in only a small number of packets in the test sequence belonging to test cases, and most of the others are auxiliary to guide the protocol entity to a specific state message
These auxiliary messages will generate high time overhead, so that the number of test cases that successfully complete the test per unit time is very small, the probability of causing protocol entity exceptions is correspondingly small, and the test efficiency is low
[0010] (2) Fuzz testing is a black box test, and the test coverage is difficult to guarantee
Some testing methods test based on the protocol state, guide the protocol entity to each protocol state in turn, and then fuzz the entity program, but it can only guarantee that test cases are generated in each protocol state, which does not explain the fuzzing test comprehensive coverage of
[0012] (3) It is impossible to guarantee that the input message corresponds to the state of the protocol entity, resulting in invalid interaction
Because it is uncertain whether the test case is directly discarded by the protocol entity or received and processed, the state of the protocol entity after the input of the test case is unpredictable, and there may be situations where subsequent messages do not correspond to the state of the protocol entity
If you do not judge the protocol state of the protocol entity after entering the test case, it will lead to invalid message interaction

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network protocol fuzzy test method based on state migration traversal
  • Network protocol fuzzy test method based on state migration traversal
  • Network protocol fuzzy test method based on state migration traversal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described below in conjunction with the accompanying drawings.

[0038] like figure 1 As shown, according to a preferred embodiment of the present invention, the network protocol fuzzing method based on state transition traversal includes the following steps:

[0039] (1) Acquisition of the protocol state machine: obtain the protocol state machine information of the protocol entity program according to the protocol specification information published by the protocol entity program under test, or by inferring the protocol reverse analysis method.

[0040] (2) Obtaining the optimal traversal path of the state machine: find a path that traverses all the transitions of the protocol state machine on the protocol state machine and is as short as possible. This path is called the optimal traversal path. The optimal traversal path is obtained by using the solution method of the Chinese postal route problem.

[0041] (3) Traversal path mar...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network protocol fuzzy test method based on state migration traversal, which comprises the following steps: protocol state machine obtaining, state machine optimal traversal path obtaining, traversal path marking and dynamic fuzzy testing. Based on the shortest path of all migrations of a traversal protocol state machine, the invention sequentially tests each state migration to ensure the comprehensiveness of the test range. The invention sends a test case according to the protocol state of the protocol entity, reduces the invalid message interaction, and improves thevalidity of the fuzzy test. The invention combines the input of the test case with the judgement of the protocol state, timely discovers the state abnormality of the protocol entity according to the UIO sequence of the protocol state and improves the working efficiency of the fuzzy test.

Description

technical field [0001] The invention relates to the field of network technology, in particular to a network protocol fuzzy testing method based on state transition traversal. The method obtains the shortest path for traversing all state transitions of the protocol state machine on the basis of obtaining the state machine of the network protocol, and obtains the shortest path based on each state transition Construct test cases, implement fuzzy testing for the protocol entity program, and dig out the security loopholes in the protocol entity program. Background technique [0002] Computer networks are becoming more and more popular, emerging network protocols are becoming more and more complex, and various variant protocols emerge in endlessly. Network protocols may have potential errors or loopholes in every link of protocol design, protocol model description, protocol verification, and protocol implementation. These vulnerabilities may be exploited by attackers to make the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/26H04L12/24H04L29/06
CPCH04L41/14H04L43/0817H04L63/1433H04L63/16
Inventor 洪征张洪泽周振吉冯文博李华波付梦琳黄康宇吴礼发
Owner ARMY ENG UNIV OF PLA
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap