Vulnerability Mining For Network Protocols Based On Fuzzing

Rapid development of the internet has changed the way people live and work. People are increasingly dependent on the network when the internet makes our lives more convenient. The importance and complexity of the network applications put forward more requirements for network secutity. The vulnerabilities of the network have been the main reason for security problems. It is essential to researching the network vulnerability mining technologies to ensure the network security.Fuzzing is one of the most important methods of vulnerability mining. It inputs a large number of semi-walid data to the target. Then the tester monitors the target during runtime to check if any abnormal operation has happened. By analysising the exceptions, the tester can detect the faults of the target. The traditional way of the vulnerability mining requires a high level of testers and the construction of test cases by hand brings heavy workload. What else, the code coverage and the test efficiency of it are also low. In order to improve the problem, the paper designed a method of vulnerabilities mining based on fuzzing. It builds the test script based on a priori knowledge of the test objective and generates a large of test cases automatically to test the target. At the same time, the tester can monitor the situation of the target and record the exceptions which can be useful for finding the faults of the target.In this paper, a further research of the fuzzing test for network protocol has been done. Considering that the formats of many protocols on application layer are unknown, a system for analysising the format of the network protocol was designed. It gets the knowledge of the protocol by processing and analysising the packets of the network protocol. A fuzzer of the network protocols was developed by adapting and extending Sulley. Throughout the testing process, there is little human involvement and it reduces the work which the traditional testing way need.The system was applied for testing the FTP server and some faults which had been published were found. The results of the experiment are consistent with theoretical expectations.The work of this paper is the important part of the project of MIIT Electronic Development Fund. A related paper was published during the time of study. The title of the paper is "Vulnerability Mining for Network Protocols Based on Fuzzing".