| Along with the increasing complexity of the network application, network protocol security is now become more and more important. However how to test the security of network protocols remains a very difficult problem. Fuzz Testing often used to discover DoS, buffer overflow, format string and other kinds of serious vulnerabilities of network protocols. But manually Fuzz Testing is very low effective and need adequate detail information about the protocols. The paper presents an automatic vulnerability discovering method which combines automatic Protocol Reverse Engineering technology and Fuzz Testing.The protocol reverse engineering in this paper consists of several steps, including message format identification, message classification and state machine construction. This method can minimize the manual intervention and prior knowledge. It provides protocol packet formats and the protocol state machine,which is a basis for understanding a protocol. After obtaining the protocol reverse engineering result, the method automatically generate the SPIKE-based fuzzer. Without any manual intervention in all these Processes, it greatly reduces the complexity of traditional fuzz testing.The results of testing FTP, TNS, EM and ISQLPlus protocols show that this method is more effective and accurate than manually analysis. The method is of the important application value and can improve the security of network protocols. |
PDF Full Text Request