Research On Modbus Protocol Vulnerabilities Mining Method Based On Dynamic Taint Analysis

Today,with the rapid development of science and technology,the industrial production environment has also begun to transform into the direction of digitalization.Industrial control systems and the Internet are becoming more and more deeply integrated,becoming more open and more changeable.At the same time,it also brings a serious problem,The safety of industrial control system cannot be guaranteed.On the one hand,the security of industrial control system cannot be guaranteed,on the other hand,the industrial control protocol cannot guarantee the safe information transmission through industrial control systems.Since the communication protocol of the industrial control system was originally only from the perspective of the usage requirements,the security of the protocol has not been designed too much,which causes the industrial control protocol to be easily found loopholes,and becomes the attacker's means of attack,making the industrial control system Security protection has been greatly threatened.Therefore,it is necessary to dig out unknown security loopholes in the industrial control protocol.In order to dig out the loopholes in the industrial control protocol,the specific research work of this article is as follows:1)Aiming at the problems in the current industrial control protocol fuzzing test technology,such as the generation of test cases is too blind and the pertinence is not strong,a key field location method based on dynamic taint analysis is proposed.With the help of dynamic binary instrumentation framework Pin,the dynamic taint analysis technology is realized,the processing process of the industrial control protocol in the server is analyzed,and the method of data mutation is combined to track the taint of the dangerous function triggered by the different fields in the agreement,and through the taint analysis The results are compared,and the key fields in the protocol are obtained,which can generate targeted test cases when fuzzing,and improve the efficiency of vulnerability mining.2)Using the positioning method,taking Modbus TCP protocol as the experimental object,using the dynamic binary instrumentation framework Pin and the fuzzing test framework Peach,the Taint?Fuzz system is designed and implemented,and the system is used to generate targeted test cases,which are fuzzy with the traditional protocol.The test method is compared by experiment,and the result shows that the method proposed in this paper has obvious optimization in the efficiency of fuzzing test,and improves the vulnerability mining ability of industrial control protocol.