Netinfo Security ›› 2016, Vol. 16 ›› Issue (3): 8-14.doi: 10.3969/j.issn.1671-1122.2016.03.002

• Orginal Article • Previous Articles     Next Articles

Research on Network Protocol Test Data Generation Method Based on Cross Location of Encoding Function

Liang GUO, Senlin LUO, Limin PAN()   

  1. Information System and Security Countermeasures Experimental Center, Beijing Institute of Technology, Beijing 100081, China
  • Received:2016-01-18 Online:2016-03-25 Published:2020-05-13

Abstract:

In order to solve the existing problem that the code coverage of network protocol test data generation method is too small, when facing the encoding mechanism such as encryption, compression, this paper presents a network protocol test data generation method based on cross location of encoding function. Through the static characteristic analysis method, finding the address of network output interface function, library encoding function and suspicious encoding function in main module. Through flow comparison method, analyzing the characteristics of network protocol data and use the encoding function address associated with the data flow of network protocol as mutation point in the test of fuzzy memory. Use software breakpoints callback method, debug network protocol binary executable program: running to the snapshot point, save process operation needs; running to the restore point, restore process context data, make the process re-execution from the snapshot point; running to the mutation point, mutate the memory data; running to network output interface function, generating test data sent to the network.

Key words: network protocol, vulnerability discovery, encoding function positioning

CLC Number: