• • 上一篇    下一篇

基于模糊测试的网络协议自动化漏洞挖掘工具设计与实现

孙哲%刘大光%武学礼%伟平   

  • 基金资助:
    国家自然科学基金(61170282)

Design and Implementation of Network Protocol Auto Vulnerability Mining Tool based on Fuzzing

SUN Zhe%LIU Da-guang%WU Xue-li%WEN Wei-ping   

  • About author:中国工程物理研究院计算机应用研究所,四川绵阳,621900%北京大学软件与微电子学院,北京,102600%中国石油集团东方地球物理勘探有限责任公司,陕西长庆,710021

摘要: 文章针对传统网络协议挖掘的缺陷,着重分析了传统网络协议的分析手段、漏洞类型、产生原因和挖掘方法。文章针对传统网络协议挖掘中协议的分析过程不能自动化、构造Fuzz的数据不符合网络协议格式规范和交互的流程导致无法深入快速地进行漏洞挖掘的缺点,提出了一种基于自动化协议分析算法、流量聚类分类算法、深度数据包检测技术、Fuzz技术相互整合的自动化协议分析漏洞挖掘工具设计方案。文章设计了一套自动化协议分析的漏洞挖掘系统,给出了系统的工作流程和组织结构,以及各个模块的功能和相互之间的关系,实现了一个自动化协议分析漏洞挖掘系统的原型。文章的最大创新是通过自动化协议分析、流量聚类分类算法和DPI技术的有机结合,实现了自动化协议分析、自动形成测试路径的网络协议漏洞挖掘技术。

Abstract: Due to defects of traditional discovery in networking protocol, this paper analyzes methods of traditional network protocol analysis, vulnerability types, causes and discovery approaches, and disadvantages of traditional network protocol discovery. Thus, this paper proposes a design plan of automatic analysis and discovery tool based on integration of automatic protocol analysis technology, trafifc clustering sorting algorithm, deep packet inspection technique and Fuzz. This paper designs a set of vulnerability discovery system for automatic protocol, which provides systematic working procedure and structure, and function of each module and their interrelations;and finally gives a system model realization, based on which vulnerability discovery is conducted to the FTP server software to verify validity and efifciency of the system design plan. The major innovation of this paper is the integration of automatic protocol analysis technology, trafifc clustering sorting algorithm and DPI technology, which forms the network protocol vulnerability discovery technology that can conduct automatic protocol analysis and generate test path automatically.