Research And Implementation Of Fuzz Testing Security Detection Technology For SDN Network

With the rapid development of the current Internet,SDN technology has been widely used in various industries at China and abroad.More and more people have begun to pay attention to the security of SDN.In recent years,security researchers have discovered more and more security threats and problems related to SDN.Some of these security issues will cause the leakage of sensitive information,and even cause the collapse of the entire SDN system.Although traditional fuzz testing technology can perform security testing on software,due to the structural characteristics of SDN interface parameters,the generated samples often do not meet the specifications,which will bring great difficulty to security testing.At present,there are few researchers on security detection technology specifically for SDN,and it is in its infancy.A small number of open source tools use fuzz testing technology for security testing,but the generated test cases are less effective,the test scope is smaller,and the detection efficiency is not good.Based on these,this paper conducts the research and implementation of security detection technology based on fuzz testing for SDN.The main work and innovations are as follows:1)Aiming at the problem that the security of SDN networks will be threatened by the applications and the efficiency of manual testing of applications is low,this paper proposes an automated testing technology,which automatically generates and tests malicious applications based on a custom attack payload library.Compared with manual testing,the testing efficiency is improved.2)Aiming at the problem that the samples generated by traditional fuzz testing do not conform to the grammatical structure of the SDN network interface,this paper proposes a structure-aware generation model of samples,extracting and constructing the structure model through the type-repair table and type-expansion table to help generate effective samples.3)Aiming at the inefficiency of random mutation in traditional fuzz testing technology,this paper proposes a selection mutation technology based on weight ratio on the basis of generating effective samples.The mutation process is guided by the field weight table,and the mutation weight of the dangerous field is increased to make the mutation more effective.4)Aiming at the shortcomings of traditional fuzz testing technology that it not paying attention to the state information of the SDN network during the test process,this paper proposes a mutation algorithm based on context association,which maintains the context constraints of the interface so that the mutated samples are more in line with the current state of the interface,helping the testing process The coverage rate of the code in the code is improved,and more security problems are discovered.5)A fuzz testing security detection framework for SDN networks is built.Test experiments show that the prototype framework can effectively mine security defects,and the detection efficiency is higher and the detection range is more comprehensive in actual tests.