基于字段感知的文本协议灰盒模糊测试方法  

作　　者：孙语韬 徐向华[1] Sun Yutao;Xu Xianghua(School of Computer Science,Hangzhou Dianzi University,Hangzhou 310018,China)

机构地区：[1]杭州电子科技大学计算机学院,杭州310018

出　　处：《计算机应用研究》2024年第10期3110-3118,共9页Application Research of Computers

摘　　要：基于变异的灰盒协议模糊测试方法使用便捷、可扩展性好,但缺乏协议报文格式信息,只能对报文整体进行变异以产生测试用例,导致生成的大部分测试报文会被被测协议实现直接拒绝,严重影响测试效率。针对这一问题,提出了基于字段感知的文本协议模糊测试方法。该方法在基于变异的协议模糊测试中加入了模板学习的概念,使用分隔符划分报文字段,使用字段字典获取每个字段的合法取值;然后,针对划分后的报文,设计了多种字段级的变异策略,并根据每个字段可能的取值数量和覆盖率反馈计算相应的字段变异能量;此外,还利用对报文进行字段划分的结果,对被测协议实现的状态进行更细粒度的刻画。实验结果表明,该方法可以提高经典的基于变异的协议模糊测试框架AFLNET产生的可被被测协议实现接受的测试用例的比例,进而将测试效率提高到5倍以上。这表明基于变异的协议模糊测试方法普遍存在的可被接受的测试用例比例过低的问题确实会影响最终的测试效率,改善测试用例的被接受率可以大幅提高测试效率。The mutation-based grey-box protocol fuzzing methods are convenient and highly scalable.However,they lack the message format information of the protocol under test,resulting in most of the messages in test cases being rejected by the target protocol implementation,severely affecting the testing efficiency.To address this issue,this paper proposed a greybox fuzzing method for text protocol based on field perception.This method incorporated the concept of template learning into mutation-based protocol fuzzing.It used delimiters to segment message fields and utilized a field dictionary to obtain valid values for each field.Subsequently,this paper designed multiple field-level mutation strategies for the segmented messages and calculated the corresponding field mutation energy based on the number of valid values and coverage feedback.Moreover,this approach leveraged the results of message field segmentation to provide a more fine-grained characterization of the protocol implementation state.Experimental results demonstrate that this method can improve the proportion of test cases accepted by the target protocol implementation generated by the classic mutation-based protocol fuzzing framework AFLNET,thereby increasing testing efficiency over five times.It proves that the low acceptance rate of test cases in the commonly used mutation-based protocol fuzzing methods decrease the overall testing efficiency,and increasing the test case acceptance rate can improve the testing efficiency significantly.

关 键 词：网络安全 协议测试 模糊测试 字段感知 字段变异能量度量 细粒度状态刻画 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]