Computer Engineering and Applications ›› 2018, Vol. 54 ›› Issue (12): 93-99.DOI: 10.3778/j.issn.1002-8331.1701-0138
Previous Articles Next Articles
LIU Jinlin, FU Guangyuan, LI Hailong, WANG Hongqiao
Online:
Published:
刘津霖,付光远,李海龙,汪洪桥
Abstract: In order to solve the serious problem about fuzzing due to the proprietary protocol is widely used, this paper proposes a proprietary protocol fuzzing method combining the protocol reverse engineering and the fuzzing technology. And aim at the disadvantage about the keywords extraction inaccurately due to existing n-gram algorithm breaks messages into the equal length subsequence, so this paper proposes an improved voting expert algorithm based on lossy counting algorithm to provide more accurate keywords extraction for proprietary protocol reverse process. Finally, the method has carried on the experimental analysis from three aspects that extracting keywords accurately, the effect of protocol reversing and the result of fuzzing. Then the existing problems of this method and the future research direction are discussed.
Key words: proprietary protocol, voting expert algorithm, lossy counting algorithm, fuzzing
摘要: 为了解决由于专有协议的广泛应用给模糊测试带来的严峻挑战,提出了一种将协议逆向工程和模糊测试相结合的专有协议模糊测试方法。并针对现有协议关键字提取算法n-gram将报文划分成等长子序列,造成关键字提取不够精确的弊端,提出基于有损计数算法改进的投票专家算法,为专有协议的逆向过程提供更加精准的协议关键字划分。对改进的投票专家算法和报文格式的逆向过程进行了详细说明。最后从准确提取关键字信息、协议逆向效果和对目标进行模糊测试三个方面对提出的方法进行了实验分析。并且,讨论了该方法存在的不足及未来的研究方向。
关键词: 专有协议, 投票专家算法, 有损计数算法, 模糊测试
LIU Jinlin, FU Guangyuan, LI Hailong, WANG Hongqiao. Proprietary protocol fuzzing method based on improved voting expert algorithm[J]. Computer Engineering and Applications, 2018, 54(12): 93-99.
刘津霖,付光远,李海龙,汪洪桥. 基于改进投票专家算法的专有协议模糊测试方法[J]. 计算机工程与应用, 2018, 54(12): 93-99.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/10.3778/j.issn.1002-8331.1701-0138
http://cea.ceaj.org/EN/Y2018/V54/I12/93