An automated fuzz testing method and device for a physical router management protocol

A technology of fuzzy testing and management protocols, applied in digital transmission systems, data exchange networks, electrical components, etc., can solve problems such as lack of unified design standards, and achieve the effects of avoiding unresponsive states, high flexibility, and improving robustness

Active Publication Date: 2021-09-28
INST OF INFORMATION ENG CHINESE ACAD OF SCI
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] (3) Services that are more prone to vulnerabilities in routers and other network devices are often closed-source software customized by manufacturers, and there is no uniform design standard

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An automated fuzz testing method and device for a physical router management protocol
  • An automated fuzz testing method and device for a physical router management protocol
  • An automated fuzz testing method and device for a physical router management protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0043] In order to make the technical solution of the present invention more obvious and easy to understand, an embodiment is given, taking a physical router as a test object, and the detailed description is as follows in conjunction with the accompanying drawings.

[0044] Fuzzing the physical router can use computing resources to test without relying on reverse analysis of its firmware. By fully mutating each test case, the probability of security vulnerabilities being discovered can be effectively improved. How to find the common ground for effective fuzz testing among many devices without a uniform implementation standard, and use these common grounds to dig deep into security vulnerabilities is a problem worth studying.

[0045] The test object of the method of the invention is a physical router, and the fuzzy test is mainly performed on the network management protocol in the physical router. For a given network management service in a physical router, this method first u...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an automatic fuzzy testing method and device for a management protocol of a physical router. The fuzzy testing technology of a physical router takes the default URL of the management interface of the target router as an input, and recursively traverses all WEB pages through a crawler to obtain request data; for the original request data Perform format parsing and attribute marking to obtain seeds, and then mutate; send the mutated seeds to the target router as network communication data, monitor the abnormality of the target router, and realize fuzz testing; when the target router enters the unresponsive state, By controlling the automatic restart of the target router, the fuzzing test continues until completion. The invention utilizes the way of combining software and hardware and the characteristics of the management protocol in the router to improve the effectiveness of fuzzy testing on the router.

Description

technical field [0001] The present invention relates to the fuzzy testing technology of physical routers, mainly aiming at the difference between fuzzy testing of physical routers and traditional software fuzzy testing, solving the bottleneck of automatic operation in the process of fuzzy testing, and improving the effectiveness of fuzzy testing through seed generation and monitoring methods aimed at device characteristics sex. Background technique [0002] As an important vulnerability mining technology, fuzz testing uses a large amount of semi-effective data as input, which can automatically complete a large amount of repetitive work in software testing, and effectively assists the process from discovering vulnerabilities to reproducing vulnerabilities, so it is widely used in Vulnerability mining for targets such as applications, security products, operating systems, and network devices. [0003] From the perspective of the tested target of fuzz testing, fuzz testing can...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L29/06H04L29/08
CPCH04L43/50H04L63/1433H04L67/02
Inventor 张禹霍玮简鲲鹏史记卢昊良刘龙权王琛孙丹丹刘宝旭
Owner INST OF INFORMATION ENG CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap