网络协议软件漏洞挖掘技术综述  被引量：4

作　　者：喻波[1] 苏金树[1] 杨强[1] 黄见欣 盛周石 刘润昊 卢建君 梁晨 陈晨[1] 赵磊[2] YU Bo;SU Jin-Shu;YANG Qiang;HUANG Jian-Xin;SHENG Zhou-Shi;LIU Run-Hao;LU Jian-Jun;LIANG Chen;CHEN Chen;ZHAO Lei(College of Computer Science and Technology,National University of Defense Technology,Changsha 410073,China;School of Cyber Science and Engineering,University of Wuhan,Wuhan 430072,China)

机构地区：[1]国防科技大学计算机学院,湖南长沙410073 [2]武汉大学国家网络安全学院,湖北武汉430072

出　　处：《软件学报》2024年第2期872-898,共27页Journal of Software

基　　金：国家自然科学基金(61902416);湖南省自然科学基金(2019JJ50729)。

摘　　要：网络协议软件部署和应用非常广泛,在网络空间提供了诸如通信、传输、控制、管理等多样化的功能.近年来,其安全性逐渐受到学术界和工业界的重视,及时发现和修补网络协议软件漏洞,成为一项重要的课题.网络协议软件由于部署形态多样、协议交互过程复杂、相同协议规范的多个协议实现存在功能差异等特点,使得其漏洞挖掘技术面临诸多挑战.首先对网络协议软件漏洞挖掘技术进行分类,对已有关键技术的内涵进行界定.其次,进一步综述网络协议软件漏洞挖掘4个方面的技术进展,包括网络协议描述方法、挖掘对象适配技术、模糊测试技术和基于程序分析的漏洞挖掘方法,通过对比分析归纳不同方法的技术优势及评价维度.最后,总结网络协议软件漏洞挖掘的技术现状和挑战,并提炼5个潜在研究方向.The network protocol software is widely deployed and applied,and it provides diversified functions such as communication,transmission,control,and management in cyberspace.In recent years,its security has gradually attracted the attention of academia and industry.Timely finding and repairing network protocol software vulnerabilities has become an important topic.The features,such as diversified deployment methods,complex protocol interaction processes,and functional differences in multiple protocol implementations of the same protocol specification,make the vulnerability mining technique of network protocol software face many challenges.This study first classifies the vulnerability mining technologies of network protocol software and defines the connotation of existing key technologies.Secondly,this study summarizes the technical progress in four aspects of network protocol software vulnerability mining,including network protocol description method,mining object adaptation technology,fuzz testing technology,and vulnerability mining method based on program analysis.In addition,through comparative analysis,the technical advantages and evaluation dimensions of different methods are summarized.Finally,this study summarizes the technical status and challenges of network protocol software vulnerability mining and proposes five potential research directions.

关 键 词：网络协议软件 漏洞挖掘 模糊测试 程序分析 符号执行 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]