基于协议状态机遍历的模糊测试优化方法

doi:10.3778/j.issn.1002-8331.1811-0190

计算机工程与应用 ›› 2020, Vol. 56 ›› Issue (4): 82-91.DOI: 10.3778/j.issn.1002-8331.1811-0190

基于协议状态机遍历的模糊测试优化方法

张洪泽，洪征，周胜利，冯文博

1.中国人民解放军陆军工程大学指挥控制工程学院，南京 210000
2.浙江警察学院计算机与信息技术系，杭州 310000

出版日期:2020-02-15 发布日期:2020-03-06

Fuzzing Optimization Method Based on Protocol State Migration Traversal

ZHANG Hongze, HONG Zheng, ZHOU Shengli, FENG Wenbo

1.Institute of Command and Control Engineering, Army Engineering University of PLA, Nanjing 210000, China
2.Department of Computer and Information Technology, Zhejiang Police College, Hangzhou 310000, China

Online:2020-02-15 Published:2020-03-06

摘要/Abstract

摘要：

针对现有的协议模糊测试技术存在报文重复交互、输入盲目等问题，提出一种基于协议状态迁移遍历的模糊测试优化方法。该方法将协议状态迁移遍历问题转化为中国邮路问题，求解遍历所有协议状态迁移的最短路径，并依据该最短路径对各个状态迁移进行测试。在测试过程中，通过分析协议实体在执行测试用例后的响应报文，动态调整后续的报文输入，进而避免无效交互。同时利用UIO序列判断协议实体状态是否发生异常迁移，及时检测协议逻辑漏洞。实验结果表明，该模糊测试优化方法可以显著提高测试效率与漏洞挖掘能力。

关键词: 模糊测试, 协议状态机, 协议状态迁移, 中国邮路问题, UIO序列

Abstract:

There are many problems such as repetitive message interaction, blind input and so on in the current protocol fuzzing techniques. This paper presents a fuzzing method based on protocol state migration traversal. The method transforms protocol state migration traversal into a Chinese postman problem, and obtains the shortest path traversing all protocol state transitions. The method then tests each state transition according to the shortest path. In the process of fuzzing, message input is dynamically adjusted through analyzing the response message of protocol entity so as to avoid invalid interaction. In addition, the UIO sequence is used to determine whether the protocol entity state is abnormally migrated or not in order to detect the protocol logic vulnerability in time. Experimental results show that the fuzzing optimization method can significantly improve the fuzzing efficiency and the vulnerability mining ability.

Key words: fuzzing, protocol state machine, protocol state migration, Chinese postman problem, UIO sequence

张洪泽，洪征，周胜利，冯文博. 基于协议状态机遍历的模糊测试优化方法[J]. 计算机工程与应用, 2020, 56(4): 82-91.

ZHANG Hongze, HONG Zheng, ZHOU Shengli, FENG Wenbo. Fuzzing Optimization Method Based on Protocol State Migration Traversal[J]. Computer Engineering and Applications, 2020, 56(4): 82-91.

[1]	张婉莹，曹晓梅. 基于污点分析的白盒模糊测试方案[J]. 计算机工程与应用, 2019, 55(18): 236-240.
[2]	许航，赵世斌，朱俊虎，彭建山，林宏阳. 灰盒模糊测试自适应技术研究[J]. 计算机工程与应用, 2019, 55(14): 87-97.
[3]	林宏阳，彭建山，赵世斌，朱俊虎，许航. JavaScript引擎漏洞检测方法综述[J]. 计算机工程与应用, 2019, 55(11): 16-24.
[4]	刘津霖，付光远，李海龙，汪洪桥. 基于改进投票专家算法的专有协议模糊测试方法[J]. 计算机工程与应用, 2018, 54(12): 93-99.
[5]	康红凯，吴礼发，洪征，庄洪林，张亚丰. 一种基于FSM的BGP-4协议模糊测试方法[J]. 计算机工程与应用, 2017, 53(6): 111-117.
[6]	陈涛，潘雪增，陈健，陈小平，陆魁军. 基于FSM的协议一致性测试序列生成算法研究[J]. 计算机工程与应用, 2010, 46(6): 60-62.
[7]	郑剑^1,2,江建慧¹. 一种启发式UIO序列生成算法[J]. 计算机工程与应用, 2008, 44(20): 96-98.

基于协议状态机遍历的模糊测试优化方法

Fuzzing Optimization Method Based on Protocol State Migration Traversal

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 7

编辑推荐

Metrics