Private protocol fuzzy test case generation method based on byte length classification

A proprietary protocol, byte-length technology, applied in electrical components, transmission systems, etc., can solve the problems of low test efficiency and low positioning accuracy, and achieve the effect of high real-time performance and low technical level

Active Publication Date: 2020-12-08
SHANGHAI UNIVERSITY OF ELECTRIC POWER
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In view of the above existing problems of low abnormality positio

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Private protocol fuzzy test case generation method based on byte length classification
  • Private protocol fuzzy test case generation method based on byte length classification
  • Private protocol fuzzy test case generation method based on byte length classification

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0030] Example 1

[0031] For the open communication protocol of industrial control system, we can clearly know the content of the protocol according to the protocol specification, and then specify the test strategy, but for the private protocol, we can't know the content of the protocol specification, so we need to analyze the protocol preliminarily. At present, the fuzzy testing methods of industrial control systems have some shortcomings, such as too simple and random fuzzy data, low accuracy of abnormal location, low testing efficiency, etc. In addition, testers need to be very familiar with protocols, and the current fuzzy testing methods for private protocols of industrial control systems can't meet the requirements of high standards, high coverage and high efficiency.

[0032] refer to Figure 1 ~ 3 An embodiment of the present invention provides a method for generating fuzzy test cases of private protocols based on byte length classification, which includes:

[0033] S1: Co...

Example Embodiment

[0060] Example 2

[0061] The technical effect adopted in this method is verified and explained. In this embodiment, OpenVAS (Open Vulnerability Assessment System) is selected to conduct a comparative test with this method, and the test results are compared by means of scientific demonstration to verify the real effect of this method.

[0062] Among them, OpenVAS (Open Vulnerability Assessment System) is a network scanner with related tools. Its core component is a server, including a set of network vulnerability testing programs, which can detect security problems in remote systems and applications. such as Figure 1 As shown in, using Kitty fuzzy testing framework combined with industrial control protocol components in ISF and traditional technical solutions, the fuzzy testing of Siemens S7comm protocol is carried out to mine vulnerabilities. First, Kitty sets the interface and target, and can connect with the target three times and COTP twice. Then, it calls the original protoco...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a private protocol fuzzy test case generation method based on byte length classification, and the method comprises the steps: carrying out the contrastive analysis of the features of a private protocol through an MSA data flow, so as to determine whether the byte length of the private protocol is variable or not; if the private protocol byte length is variable, performing content variation on a variable field of the private protocol byte length; if the private protocol byte length is not changed, performing content variation and byte length upper and lower limit variation on the invariable field; and generating a new test case according to a variation result, and sending the test case to the target device to complete the generation of the test case. According to themethod, vulnerability mining is carried out by combining the characteristics of high real-time performance and high reliability of the private protocol of the industrial control system, so that preventive measures are taken, and the method has relatively low requirements on the technical level of testers, does not need to deeply analyze the protocol, and does not need to have higher requirementson a test technology.

Description

technical field [0001] The invention relates to the technical field of private protocol fuzz testing, in particular to a method for generating private protocol fuzz test cases based on byte length classification. Background technique [0002] In recent years, attacks on programmable controllers in the power grid system have occurred frequently, seriously endangering national economic construction. For example, the Ukrainian power grid that shocked the world was attacked by hackers, resulting in large-scale power outages. The safe operation of the power grid requires higher requirements. [0003] The present invention focuses on the research on the communication security of programmable controllers in the power grid, and conducts security experiments to verify the existing problems of the communication protocol of programmable controllers in a real environment. For known problems, we can take safety protection measures to make up for the defects , to prevent being exploited b...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1433
Inventor 王勇刘金永
Owner SHANGHAI UNIVERSITY OF ELECTRIC POWER
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap