A Tree-based Structure Mutation Method for Network Protocol Fuzzing
Conference: ISCTT 2021 - 6th International Conference on Information Science, Computer Technology and Transportation
11/26/2021 - 11/28/2021 at Xishuangbanna, China
Proceedings: ISCTT 2021
Pages: 6Language: englishTyp: PDF
Personal VDE Members are entitled to a 10% discount on this title
Authors:
Yang, Rui; Jing, Jing; Qi, Xuyan; Zheng, Hongbing (State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, China)
Abstract:
It is difficult to fuzz the protocol because the format of network protocol is complex and often involves syntax and semantic constraints. Traditional fuzzing often makes a trade-off between the validity of protocol message and mutation space when applied to network protocol. In this paper, we present a tree-based structure mutation method for network protocols. Firstly, the test template is parsed into a tree structure, then the tree nodes are mutated specifically, and finally the test message is reassembled for fuzzing. To demonstrate the effectiveness of our method, we evaluated it on three protocol programs, and the results show compared with the traditional mutation-based and grammar-based method, the tree-based structure mutation method can further expand the mutation space while ensuring the efficiency of the message, and has a higher probability of discovering program paths and triggering vulnerabilities.