| As the technology of Internet develops these years, the drive for information security among users is getting stronger and stronger. There has been lots of theories and technologies in the field of information security which has been realized in anti-virus software, firewall and other products, meanwhile users'awareness of security issues and vigilance reached a high level. However, on the contrary, the overall status of security did not change obviously, and viruses, Trojan horses and worms are still influencing a large number of computers. Why? Vulnerabilities are the most important root of these security matters.The research on vulnerabilities include vulnerability mining, analysis and exploitation, in which vulnerability mining process is the fundamental part as well as the most essential technique and both the software publishers and attackers are interested in the subject. Work on the subject of vulnerability has been continuing for several years. We can perform code audit to test if there are vulnerabilities in one software if the source code is available. As for no-source-code softwares, the method of Fuzz testing is used. All these techniques has achieved a good result, however, the efficiency of vulnerability mining has been low for more and more Internet softwares whose codes are not public as the result of the fact that the hit ratio of the test cases of Fuzz testing is low, its pertinency is weak and its coverage of codes is low.Traditional techniques of vulnerability mining's theory and realization is analyzed in this paper, and its disadvantage of low hit ratio and relative superficial mining is found. And it stem from the fact that in traditional method researchers are unaware of the data structure and communication procedure which result in so random construction of abnormal test cases. Based on the work described above, the technology of protocol analysis is researched and it is the method of analyzing the transmission package of Internet softwares after capturing it and getting to know its data structure and the procedures of communication from which we can somewhat accurately conclude the definition of the un-public protocol. The technology of vulnerability mining based on protocol analysis is given in this paper by combining those two techniques described above.A vulnerability mining system on the basis of protocol analysis is designed in this paper, and the detail information of its architecture and main function modules are described, and a realization of the prototype is given. Finally, we use the system to analyze the protocol of one database software and one remote control software to find out its vulnerabilities to verify our system's feasibility and efficiency.The proposal of combining protocol analysis with vulnerability mining is the creative originality in this paper. The efficiency of mining is highly raised by using the result of protocol analysis to guide the construction of test cases and the procedure of Fuzz testing. |
PDF Full Text Request