Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Fuzzy test method and system for stateful network protocol

A fuzzing testing and network protocol technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., can solve problems such as difficult auxiliary messages, avoid program verification failures, improve legitimacy, and improve test efficiency.

Active Publication Date: 2022-06-21
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
View PDF6 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] To this end, the present invention provides a fuzzy testing method and system for stateful network protocols, which solves the problems that the previous methods are difficult to pass the protocol data verification, uses a large number of auxiliary messages to drive the protocol state transfer, and effectively improves the legitimacy of the test messages And the efficiency of fuzz testing, more vulnerabilities can be found in a shorter time, which can effectively guarantee the security of cyberspace

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fuzzy test method and system for stateful network protocol
  • Fuzzy test method and system for stateful network protocol
  • Fuzzy test method and system for stateful network protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] In order to make the objectives, technical solutions and advantages of the present invention clearer and more comprehensible, the present invention will be described in further detail below with reference to the accompanying drawings and technical solutions.

[0030] The embodiment of the present invention provides a fuzzing test method oriented to a stateful network protocol, see figure 1 shown, including the following:

[0031] S101, extracting protocol rules from two dimensions of syntax and semantics according to the format specification of the protocol to be tested, and constructing a rule set;

[0032] S102, using the rules in the rule set to generate a message test template, and using a message label to mark fields related to mutation operations in the message test template;

[0033] S103. Obtain a test message for completing the fuzzing test by guiding the state transition of the protocol to be tested by parsing the message test template and performing a corres...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network space security testing, and particularly relates to a stateful network protocol-oriented fuzzy testing method and system.The stateful network protocol-oriented fuzzy testing method comprises the steps of extracting protocol rules from grammar and semantic dimensions according to protocol format specifications to be tested, and constructing a rule set; generating a message test template by using rules in the rule set, and marking variation operation related fields in the message test template by using a message label; analyzing the message test template and executing a corresponding mutation operation according to the message label to obtain a test message for finishing a fuzzy test by guiding the state transition of the protocol to be tested; and sending the test message to the to-be-tested protocol target program, and performing state abnormity judgment in the fuzzy test according to the reply message state. According to the method and the device, the legality of the test message can be improved, the condition of program verification failure caused by variation of special fields is avoided, the test message can be used for testing and can also be used for replacing an auxiliary message to guide protocol state transition, the test efficiency is improved, and system resources are saved.

Description

technical field [0001] The invention belongs to the technical field of cyberspace security testing, and in particular relates to a fuzzy testing method and system for a stateful network protocol. Background technique [0002] Fuzzing is an effective method to discover targeted vulnerabilities by generating large amounts of undesired mutated data as program input. Since stateful network protocols often have program syntax and semantic verification, the existing technology is good in syntax inspection, but poor in semantic inspection. Although a large number of test packets are generated, the validity of the test packets is very low. , it is difficult to go deep into the program to find potential security problems. In addition, stateful network protocols have complex state transitions. When existing fuzzing techniques are applied to stateful network protocols, they often send a series of pre-normal packets based on the protocol state machine model to guide the protocol to the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/40H04L43/18H04L69/22
CPCH04L63/1433H04L43/18H04L69/22Y02D30/50
Inventor 井靖杨睿王奕森王焕伟林键娄睿戚旭衍刘威朱兵
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com