Online Vulnerability Mining For Network Protocols Of Surveillance Camera

At present,with the continuous promotion of Internet of things,the security of the Internet of things has become a key part that can not be ignored.As a kind of Internet of things terminal equipment for security protection,video surveillance equipment should have high security guarantee.However,in the more and more common video surveillance equipment,there are often some vulnerabilities that result in very serious consequences.In particular,the vulnerabilities excavated from network protocols have a greater impact.Once the vulnerabilities of protocols such as RTSP / SIP are excavated,their impact will cover a variety of monitoring devices,such as DVR / NVR,which support this protocol,and this will be of great importance to society.The public interest security aspect causes the very big influence.It is one of the main methods to detect high risk vulnerabilities through fuzzy testing of network protocols.Fuzzy testing can detect software vulnerabilities by executing a large amount of random data.It is helpful for the deep analysis of the network protocol of the video surveillance equipment.However,there are many problems in the existing fuzzy test framework,such as the large number of test cases,the aimlessness of test data,and the long time of test execution.The efficiency of fuzzy testing is not high,and the classification of test cases which may have anomalies is not accurate enough,resulting in greater redundancy,which makes it time-consuming and laborious to replay the acquired malformed data.In order to solve the above problems,this paper proposes a packet base block de-reduplication algorithm and a network protocol state graph traversal algorithm.A new framework based on fuzzy test is designed for the network protocol of video surveillance equipment,which not only reduces the construction of some redundant test cases,but also improves the efficiency of generating use cases.The main contributions of this paper include the following:(1)In this paper,the basic block de-reduplication algorithm is proposed to preprocess the data packet and generate less definition raw data.According to the protocol syntax specification,the test cases can be generated in accordance with the protocol,so that the monitoring equipment can be fuzzy tested.(2)In view of the network protocol of video surveillance equipment is designed based on a new framework of fuzzy test,using the protocol state diagram method,improve the coverage of the traversal path during execution,effectiveness and generation of test cases.And the RTSP protocol and SIP protocol were verified in the actual environment.(3)The new framework of network protocol based on fuzzy test,and according to the method of sending TCP packet sent to the test case,judge whether the target device caused by target device crashes or abnormal,for subsequent playback and confirmation of abnormal packets,reducing the vulnerability of the time,improve the efficiency of vulnerability mining.(4)The framework and algorithm proposed in this paper are experimentally verified.By writing a replay script,the test cases that cause the exception of the target program are confirmed.