A VxWorks Firmware Network Protocol Fuzzing Technology Based On Binary Static Instrumentation

VxWorks operating system is a real-time operating system designed and developed by Wind River of America,which is applied in IOT environment.Due to the perfect development environment,high reliability and real-time performance,VxWorks operating system is not only widely used in military,aviation,aerospace and other technical fields,but also occupies a big part in the field of household electronic equipment.Although the VxWorks operating system has a large user group,there are not many security researches related to VxWorks.Due to the complexity of VxWorks firmware running environment and the closed environment of IOT,the traditional fuzzing technology can not play a good role.The fuzzing of VxWorks network equipment is mainly realized through the fuzzing of the network protocol running on the target VxWorks network equipment.During the traditional network protocol fuzzing method,the completely random method is not used because most of its samples can not normally enter the process of protocol processing.Instead,fuzzing method based on model constraints.This method mutates the samples in the constrained model by traversal.But the efficiency of this method for sample variation is very low,and with the complexity of the protocol and the increase of the number of protocol variables,the number of variation samples will increase exponentially,which leads to the low efficiency of fuzzing.In contrast,the fuzzing method about feedback ofpath corresponds the variation samples of fuzzing with the execution path,so as to guide the subsequent variation process,which can improve the efficiency of sample variation.Based on that background,this paper proposes a VxWorks firmware network protocol fuzzing model based on binary static instrumentation.This model generates effective fuzzy test samples based on model constraints,and takes the feedback of path information from VxWorks firmware as the direction of subsequent mutation process.Combined with the advantages of high efficiency and good effect of random forest algorithm for decision-making,the path coverage and efficiency of fuzzing are improved.This paper designs and implements a fuzzing platform based on binary static instruction insertion and address sanitizer technology,and through the fuzzing of VxWorks TCP protocol stack,it shows that compared with the current fuzzing method for VxWorks network equipment,the method proposed in this paper improves the efficiency of fuzzy test and the ability of fuzzing,and can be used to fuzz in TCP protocol.