Design And Implementation Of Protocol Testing System Based On Mutation

With more and more applications of network protocols in reality,the vulnerabilities may be exploited by malicious attackers and cause serious problems.Fuzzing detects vulnerabilities in the protocol by generating and sending large amounts of mutated data to attack the protocol system.Manually generating some mutation data may be more suitable for the tested protocol,but manual mutation requires an accurate understanding of the detailed information of the protocol data,and requires tedious work to construct a large amount of mutation data,while some traditional tools generate low diversity of mutation data,the acceptance rate of mutation data is low,and the data coverage is limited,resulting in poor vulnerability detection effects.In order to solve the above problems,this thesis designs a mutation data generation model based on a generative confrontation network,which automatically learns the original protocol format to generate mutation data,and develops corresponding protocol testing software.The main research contents of this thesis are as follows:Firstly,based on the analysis of the existing protocol vulnerability detection methods and tools,in order to solve the problems of low acceptance rate of transmitted mutation data and low vulnerability detection efficiency,this thesis designs a mutation data generation model based on the generation confrontation network,which can automatically learning protocol data structure.Long Short-term Memory(LSTM)and Convolutional Neural Network(CNN)with distributional distance optimization calculation module were used for generating network and discriminating network respectively.Through continuous training of the model,the generation network and the discrimination network are in a balanced state,and the trained model is used to generate mutation data.Finally,the method proposed in this thesis is compared with the traditional Peach,Sulley,and AFL methods,and the results show that the method proposed in this thesis has achieved better results.Secondly,the corresponding protocol testing software was designed and implemented on the basis of the research of the mutation data generation method based on the generative confrontation network.Each module of the software is designed in detail,including the mutation data generation module,the mutation data execution module,the test case management module,the log record module,and the database module.Finally,by building the physical platform of the WIA-PA protocol test system,the method proposed in this thesis and the protocol test software designed in this thesis are functionally verified and analyzed.The test results show that the model can automatically learn the data structure of different protocols,can detect vulnerabilities in a variety of protocols,and the generated mutation data has a higher acceptance rate.