命令行接口模糊测试漏洞挖掘研究及应用  被引量:1

Research and application of CLI vulnerability mining by fuzz testing

在线阅读下载全文

作  者:樊志强[1] 王洪宇 刘日昇 Fan Zhiqiang;Wang Hongyu;Liu Risheng(ZTE Nanjing Institute,Nanjing 210012,China;ZTE Shanghai Institute,Shanghai 201203,China)

机构地区:[1]中兴通讯股份有限公司南京研究所,江苏南京210012 [2]中兴通讯股份有限公司上海研究所,上海201203

出  处:《网络安全与数据治理》2023年第7期61-66,78,共7页CYBER SECURITY AND DATA GOVERNANCE

摘  要:5G数据网络设备是现代通信的基础设施,其安全可靠性直接影响整个网络的安全可靠程度。命令行接口作为网络设备的基本操作接口,研究其存在的漏洞对提升整个网络安全具有至关重要的意义。基于模糊测试提出一种命令行接口漏洞挖掘方法,并对注入点分析及界定、模糊测试漏洞挖掘数据模型处理、模糊测试算法优化及模糊测试漏洞挖掘流程等关键技术及过程进行深入研究。研究成果直接运用到命令行接口模糊测试漏洞挖掘系统中,实现包含网络设备信息收集、模糊测试漏洞挖掘数据建模、网络设备响应信息分析、模糊测试漏洞挖掘执行、漏洞挖掘后分析及生成漏洞报告等关键功能。最后对未来提升命令行接口模糊测试漏洞挖掘系统的效率和有效性进行了讨论和展望。5G data network devices are the infrastructure of modern communications,and the security and reliability directly ensure that the entire network is secure and reliable.As the basic operating interface of network devices,the command line interface is of vital significance for improving the security of the entire network.Based on the fuzz testing,a command line interface vulnerability mining method is proposed,and the key technologies and processes such as injection point analysis and definition,fuzziness test vulnerability mining data model processing,fuzziness test algorithm optimization and fuzziness test vulnerability mining process are studied deeply.The research results are directly applied to the fuzziness vulnerability mining system of the command line interface to implement key functions such as network device information collection,fuzziness data modeling,network device response information analysis,vulnerability mining execution,analysis after vulnerability mining,and vulnerability report generation.Finally,it discusses and looks to the future to improve the efficiency and effectiveness of the fuzziness vulnerability mining system of the command line interface.

关 键 词:模糊测试 命令行接口 网络设备 漏洞挖掘 网络安全 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象