针对MAC层协议FUZZING测试技术的研究
|
摘要
随着计算机技术和信息技术的飞速发展,信息网络已经逐渐成为社会发展的重要保证。互联网一直是信息网络的重要载体,近两年兴起的移动互联网地位也变得愈发重要。在信息网络上有很多敏感信息,包括个人的隐私,甚至是国家机密。网络服务软件作为防御网络攻击的第一道防线,其协议实现的安全性就变得尤为重要。如何能够快速准确地发现协议实现的漏洞是目前需要迫切解决的问题,但现在针对网络协议的Fuzzing测试技术还存在协议知识获取自动化程度低、多字段测试效果差、评价过于简单等问题。
本文以这些不足为研究起点,针对基于MAC层协议的Fuzzing测试技术进行研究,取得如下成果:
1.针对上述三个主要问题,分别提出了三种解决方案:一个协议的描述格式PRDF,能够更加有效地对协议进行描述;一个协议字段的关系分析算法RATM,可以优化多字段的字段选取,加速测试进行;一个协议的评价方法,能够更加全面地对测试效果做出评价。
2.设计了一个基于上述理论算法的Fuzzing测试框架,该框架的特点是不需要用户进行复杂的协议描述文件的书写,就可以轻松的进行测试,可以让使用者将精力更多地放在如何测试上,而不是放在工具的学习使用上。
With the rapid development of information technology, information network has become an important guarantee for the development of the society. The Internet has been an important carrier of the information network. In recent years the mobile Internet has appeared and become increasingly important. There is much sensitive information in the information network, including personal privacy and even state secrets. The software that provides network service is the first line of defense against the network threats, and its security becomes very important. So how to quickly and accurately find the vulnerability of the network service software before its release is the urgent need. However, the Fuzzing test technology with respect to network protocols still has some problems, for example, the low automatic degree of knowledge acquisition, the inefficiency for multi-fields test, and the evaluation problems.
Based on these disadvantages, we research on the fuzzing test technology based on mac layer, and make some achievements as follows:
1. According to the three main problems, we put forward (1) a protocol description format PRDF, which can be more effective to describe the protocol;(2) A protocol field relationship analysis algorithm RATM, which can optimize multi-fields field selection and accelerate the test;(3) A method of evaluation of agreement, which can be more comprehensive to evaluate the test results.
2. Design a Fuzzing test framework based on the algorithm we put forward above, where the users need not write the protocol description document. The users can easily use it, and focus their contribution on the test instead of learning how to use the tools.
本文以这些不足为研究起点,针对基于MAC层协议的Fuzzing测试技术进行研究,取得如下成果:
1.针对上述三个主要问题,分别提出了三种解决方案:一个协议的描述格式PRDF,能够更加有效地对协议进行描述;一个协议字段的关系分析算法RATM,可以优化多字段的字段选取,加速测试进行;一个协议的评价方法,能够更加全面地对测试效果做出评价。
2.设计了一个基于上述理论算法的Fuzzing测试框架,该框架的特点是不需要用户进行复杂的协议描述文件的书写,就可以轻松的进行测试,可以让使用者将精力更多地放在如何测试上,而不是放在工具的学习使用上。
With the rapid development of information technology, information network has become an important guarantee for the development of the society. The Internet has been an important carrier of the information network. In recent years the mobile Internet has appeared and become increasingly important. There is much sensitive information in the information network, including personal privacy and even state secrets. The software that provides network service is the first line of defense against the network threats, and its security becomes very important. So how to quickly and accurately find the vulnerability of the network service software before its release is the urgent need. However, the Fuzzing test technology with respect to network protocols still has some problems, for example, the low automatic degree of knowledge acquisition, the inefficiency for multi-fields test, and the evaluation problems.
Based on these disadvantages, we research on the fuzzing test technology based on mac layer, and make some achievements as follows:
1. According to the three main problems, we put forward (1) a protocol description format PRDF, which can be more effective to describe the protocol;(2) A protocol field relationship analysis algorithm RATM, which can optimize multi-fields field selection and accelerate the test;(3) A method of evaluation of agreement, which can be more comprehensive to evaluate the test results.
2. Design a Fuzzing test framework based on the algorithm we put forward above, where the users need not write the protocol description document. The users can easily use it, and focus their contribution on the test instead of learning how to use the tools.
引文
[1]Wei-Ming Li, Ai-Fang Zhang, Jian-Cai Liu, and Zhi-Tang Li. "An automatic network protocol fuzz testing and vulnerability discovering method". Chinese Journal of Computers. vol 34, pp.242-255, Feb 2011.
[2]Fan Pan, Lifa Wu, Hong Zheng, Ying Hou. "Formal Description of Protocol Specifications for Fuzz Testing". American Journal of Engineering and Technology Research. Vol.11,No.12,2011.
[3]Zhao Zhang, Qiao-Yan Wen, Wen Tang.An Efficient Mutation-based Fuzz Testing Approach for Detecting Flaws of Network Protocol,2012
[4]刘驰,郑康锋,李晖.基于协议分析的漏洞挖掘研究.2009年研究生学术交流会通信与信息技术论文集2009.
[5]吴志勇,王红川,孙乐吕,潘祖烈,刘京菊Fuzzing技术综述.计算机应用研究.2010年03期.
[6]章烨.Fuzzing安全技术研究[硕十学位论文].西安电子科技大学,2010.
[7]Oehlert P. Violating assumption with fuzzing. IEEE Security and Privacy 20053(2):58-62.
[8]Goderfoid P, Klarlund N, Sen K. DAET:directed automated random testing. ACMSigplan Notices 2005 40(6):213-223.
[9]Cynthia Phillips, Laura Painton Swiler. A graph-based system for network vulnerability analysis. ACM 1999.
[10]Paul Ammann, Duminda Wijesekera, Saket Kaushik. Analysis and verification-Scalable graph-based network vulnerability analysis. ACM 2002.
[11]Zhiyong Wu, J. William Atwood, Xueyong Zhu. A New Fuzzing Technique forSoftware Vulnerability Mining. International Conference on Software Engineering,2009
[12]Antunes, Neves, Correia, Verssimo. "Vulnerability discovery with attack injection". IEEE Trans. on Software Engineering, vol 36, pp.357-370, June 2010.
[13]Dave. "MSRFC fuzzing with spike 2006," Technology Report, Immunity Inc,2006.
[14]Evron, Rathaus, Fly, Jenik, Maynor, Miller, Naveh, "Open source fuzzing tools", Dec 2007.
[15]Miller, Fredriksen. "An empirical study of the reliability of unix utilities", Communications of the ACM. vol 33, pp.32-44, Dec 1990
[16]The Peach Project. http://peachfuzzer.com
[17]The Wireshark Project. http://wireshark.org
[18]网络协议http://baike.baidu.com/view/16603.htm
[19]MAC协议http://baike.baidu.com/view/3751222.htm
[20]工业安全事件http://www.cctime.com/html/2012-6-28/2012628124922165.htm
[2]Fan Pan, Lifa Wu, Hong Zheng, Ying Hou. "Formal Description of Protocol Specifications for Fuzz Testing". American Journal of Engineering and Technology Research. Vol.11,No.12,2011.
[3]Zhao Zhang, Qiao-Yan Wen, Wen Tang.An Efficient Mutation-based Fuzz Testing Approach for Detecting Flaws of Network Protocol,2012
[4]刘驰,郑康锋,李晖.基于协议分析的漏洞挖掘研究.2009年研究生学术交流会通信与信息技术论文集2009.
[5]吴志勇,王红川,孙乐吕,潘祖烈,刘京菊Fuzzing技术综述.计算机应用研究.2010年03期.
[6]章烨.Fuzzing安全技术研究[硕十学位论文].西安电子科技大学,2010.
[7]Oehlert P. Violating assumption with fuzzing. IEEE Security and Privacy 20053(2):58-62.
[8]Goderfoid P, Klarlund N, Sen K. DAET:directed automated random testing. ACMSigplan Notices 2005 40(6):213-223.
[9]Cynthia Phillips, Laura Painton Swiler. A graph-based system for network vulnerability analysis. ACM 1999.
[10]Paul Ammann, Duminda Wijesekera, Saket Kaushik. Analysis and verification-Scalable graph-based network vulnerability analysis. ACM 2002.
[11]Zhiyong Wu, J. William Atwood, Xueyong Zhu. A New Fuzzing Technique forSoftware Vulnerability Mining. International Conference on Software Engineering,2009
[12]Antunes, Neves, Correia, Verssimo. "Vulnerability discovery with attack injection". IEEE Trans. on Software Engineering, vol 36, pp.357-370, June 2010.
[13]Dave. "MSRFC fuzzing with spike 2006," Technology Report, Immunity Inc,2006.
[14]Evron, Rathaus, Fly, Jenik, Maynor, Miller, Naveh, "Open source fuzzing tools", Dec 2007.
[15]Miller, Fredriksen. "An empirical study of the reliability of unix utilities", Communications of the ACM. vol 33, pp.32-44, Dec 1990
[16]The Peach Project. http://peachfuzzer.com
[17]The Wireshark Project. http://wireshark.org
[18]网络协议http://baike.baidu.com/view/16603.htm
[19]MAC协议http://baike.baidu.com/view/3751222.htm
[20]工业安全事件http://www.cctime.com/html/2012-6-28/2012628124922165.htm