Research And System Implementation Of Fuzzing Method For Industrial Control Protocol Based On Clustering

With the beginning of the fourth industrial revolution,various countries have proposed industrial development plans to seize the opportunity,and our country has also followed the pace of the world.To do so,our country proposed “Made in China 2025”,which mentioned that we need to focus on industrial development to lead the development direction of China’s manufacturing industry in the next ten years and make efforts to promote the basic realization of industrialization in our country by 2025.Different from the past,Industry 4.0 is the era of intelligence and the era of promoting industrial transformation by information technology.The combination of industrialization and informatization is becoming more and more closely,which can simplify work and improve production efficiency,but it also will expose industrial control systems to the outside,which will make security problems more and more serious.Since there are a large number of insecure control protocols in industrial control systems with weak security protection measures,this problem can make industrial control protocols become one of the main targets of attack.Fuzzing is an effective testing method for network protocol that can detect vulnerabilities in the target by sending many semi-legal random test cases.However,although traditional fuzzing algorithms can generate a large number of test cases,the test cases are less effective,which means if no additional processing is performed,a lot of resources are usually wasted.Based on the problems existing in fuzzing method in network protocol testing,this thesis proposes a fuzzing method based on clustering to improve the test efficiency.The main contents include:(1)Generated test cases through the recurrent neural network model and mutation algorithm.Firstly,regarded the target protocol communication data as sequence data,and took advantage of the ability of the recurrent neural network model to process those sequence data.After that,SRU is used as the basic unit to build a recurrent neural network model,which can generate data that conforms to the target specification,and constructed test cases by the mutation algorithm.(2)Designed a cluster-based test case selection method.Obtained the field information of the target protocol through the reverse analysis of the protocol and assigned weight to it.According to the field weight,applied the k-means algorithm to the weighted clustering of the generated test cases so that it can obtain the test data cluster center.Then,calculated the distance between the newly generated test case and each cluster center to judge its test value,and the test case with better quality is selected to achieve the purpose of improving the test efficiency.At the same time,the sliding window model is applied to the data stream formed by a large number of test cases to continuously update the cluster centers to ensure the validity of test case selection.(3)Designed and implemented an industrial control protocol fuzzing system prototype through the fuzzing method proposed in this thesis,which can provide a simple operation interface for testers.