计算机科学

计算机科学 ›› 2022, Vol. 49 ›› Issue (5): 318-324.doi: 10.11896/jsjkx.210300281

• 信息安全 • 上一篇    下一篇

基于QRNN的网络协议模糊测试用例过滤方法

胡志濠, 潘祖烈   

  1. 国防科技大学电子对抗学院 合肥230037
    安徽省网络空间安全态势感知与评估重点实验室 合肥230037
  • 收稿日期:2021-03-29 修回日期:2021-07-14 出版日期:2022-05-15 发布日期:2022-05-06
  • 通讯作者: 潘祖烈(panzulie17@nudt.edu.cn)
  • 作者简介:(huzhihao@nudt.edu.cn)
  • 基金资助:
    国家重点研发项目(2017YFB0802900)

Testcase Filtering Method Based on QRNN for Network Protocol Fuzzing

HU Zhi-hao, PAN Zu-lie   

  1. College of Electronic Engineering,National University of Defense Technology,Hefei 230037,China
    Anhui Province Key Laboratory of Cyberspace Security Situation Awareness and Evaluation,Hefei 230037,China
  • Received:2021-03-29 Revised:2021-07-14 Online:2022-05-15 Published:2022-05-06
  • About author:HU Zhi-hao,born in 1997,postgraduate.His main research interests include network security and fuzzing test.
    PAN Zu-lie,born in 1976,Ph.D,professor.His main research interests include network security,vulnerability disco-very and computer science.
  • Supported by:
    National Key R & D Program of China(2017YFB0802900).

PDF (PC)

713

摘要: 目前,网络协议模糊测试的目标趋向于大型协议实体,而传统的测试用例过滤方法主要是基于测试对象的运行状态信息,测试对象越庞大,其执行单个测试用例的时间也越长。因此,针对传统的网络协议模糊测试用例过滤方法存在无效执行时间长、效率低下的问题,依据循环神经网络模型对序列数据较强的处理和预测能力,提出一种基于QRNN的网络协议模糊测试用例过滤方法。通过学习网络协议的结构特征,包括字段取值范围和字段间约束关系,该方法可以自动过滤无效测试用例,减少协议实体测试用例的执行次数。实验结果表明,与传统的网络协议模糊测试用例过滤方法相比,所提方法可以有效降低网络协议漏洞挖掘的时间成本,显著提高网络协议模糊测试的效率。

关键词: QRNN, 测试用例过滤, 模糊测试, 深度学习, 网络协议

Abstract: At present,targets of network protocol fuzzing tend to be large protocol entities,and traditional testcase filtering me-thods are mainly based on the running status information of the test object.The larger the test object,the longer it takes to execute a single testcase.Therefore,in view of the problems of long invalid execution time and low efficiency in traditional testcase filtering methods for network protocol fuzzing,a testcase filtering method based on QRNN for network protocol fuzzing is proposed according to strong abilities of recurrent neural network models to process and predict sequence data.The method can automatically filter invalid testcases by learning structural characteristics of the network protocol,including the value range of fields and constraint relationships between fields,and reduce the number of testcases executed by the protocol entity.Experimental results show that,compared with traditional testcase filtering methods for network protocol fuzzing,the proposed method can effectively reduce the time cost of network protocol vulnerability discovery and dramatically improve the efficiency of network protocol fuzzing.

Key words: Deep learning, Fuzzing test, Network protocol, QRNN, Testcase filtering

中图分类号: 

  • TP393
[1]LI J,ZHAO B,ZHANG C.Fuzzing:asurvey[J].Cybersecurity,2018,1(1):1-13.
[2]COHEN M B,SNYDER J,ROTHERMEL G.Testing acrossconfigurations:implications for combinatorial testing[J].ACM SIGSOFT Software Engineering Notes,2006,31(6):1-9.
[3]LIANG H,PEI X,JIA X,et al.Fuzzing:State ofthe art[J].IEEE Transactions on Reliability,2018,67(3):1199-1218.
[4]PEACHTEC.Peach[EB/OL].(2017-10-06)[2021-04-17].http://www.peachfuzzer.com/products/peach-platform.
[5]Beyond Security.beSTORM[EB/OL].(2021-04-17)[2021-04-17].https://beyondsecurity.com/solutions/bestorm.html.
[6]PHAM V T,BÖHME M,ROYCHOUDHURY A.AFLNet:agreybox fuzzer for network protocols[C]//2020 IEEE 13th International Conference onSoftware Testing,Validation and Verification(ICST).IEEE,2020:460-465.
[7]LI M L,HUANG H,LU Y L.Test Case Generation Technology Based on Symbol Divideand Conquer Area for Vulnerability Mining[J].Netinfo Security,2020,20(5):39-46.
[8]GONG W,ZHANG G,ZHOU X.Learn to Accelerate Identif-ying New Test Cases in Fuzzing[C]//International Conference on Security,Pri-vacy and Anonymity in Computation,Communication and Storage.Cham:Springer,2017:298-307.
[9]KARAMCHETI S,MANN G,ROSENBERG D.ImprovingGrey-Box Fuzzing by Modeling Program Behavior[J].arXiv:1811.08973,2018.
[10]ZONG P,LV T,WANG D,et al.Fuzzguard:Filteringout un-reachable inputs in directed grey-box fuzzing through deep learning[C]//29th Security Symposium (USENIX).2020:2255-2269.
[11]ZHANG X,LI Z J.Surveyof Fuzz TestingTechnology[J].Computer Science,2016,43(5):1-8,26.
[12]JIANG Y G,CHEN X,LI J B,et al.A FuzzyTest Case Generation Method based on LSTM for S7 Protocol[J].Computer Engineering,2021,47(7):183-188.
[13]ZALEWSKI M.American fuzzy lop[EB/OL].(2017-11-05)[2021-04-17].https://github.com/mirrorer/afl.
[14]LCAMTUF.AFL fuzzing strategies[EB/OL].(2014-08-08)[2021-04-17].https://lcamtuf.blogspot.jp/2014/08/binary-fuzzing-strategies-what-works.html.
[15]SCHMIDHUBER J.Gradient Flow in RecurrentNets:the Difficulty of Learning Long-Term Dependencies[M]//Wiley-IEEE Press,2001.
[16]HOCHREITER S,SCHMIDHUBER J.Long Short-Term Me-mory[J].Neural Computation,1997,9(8):1735-1780.
[17]BRADBURY J,MERITY S,XIONG C,et al.Quasi-recu-rrent neural networks[J].arXiv:1611.01576,2016.
[18]LOU Y X,YUAN W H,PENG R Q.Speech EnhancementMethod Based on Quasi Recurrent Neural Network[J].Computer Engineering,2020,46(4):316-320.
[19]WANG Y,JIA P,LIU L,et al.A systematic reviewof fuzzingbased on machine learning techniques[J].PLoS ONE,2020,15(8):e0237749.
[20]QIU X P.Neural Networks and Deep Learning[M].Beijing:China Machine Press,2020.
[21]ZHOU Y H.Research on Network Protocol Vulnerability Mining Method Based on Deep Learning[D].Chengdu:University of Electronic Science and Technology of China,2020.
[22]XU L L,CHI D X.Machine learning classification strategy for imbalanced data sets[J].Computer Engineeringand Applications,2020,56(24):12-27.
[23]BIND 9[EB/OL].(2004-01-28)[2021-04-17].https://www.isc.org/bind/.
[1] 饶志双, 贾真, 张凡, 李天瑞.
基于Key-Value关联记忆网络的知识图谱问答方法
Key-Value Relational Memory Networks for Question Answering over Knowledge Graph
计算机科学, 2022, 49(9): 202-207. https://doi.org/10.11896/jsjkx.220300277
[2] 汤凌韬, 王迪, 张鲁飞, 刘盛云.
基于安全多方计算和差分隐私的联邦学习方案
Federated Learning Scheme Based on Secure Multi-party Computation and Differential Privacy
计算机科学, 2022, 49(9): 297-305. https://doi.org/10.11896/jsjkx.210800108
[3] 徐涌鑫, 赵俊峰, 王亚沙, 谢冰, 杨恺.
时序知识图谱表示学习
Temporal Knowledge Graph Representation Learning
计算机科学, 2022, 49(9): 162-171. https://doi.org/10.11896/jsjkx.220500204
[4] 王剑, 彭雨琦, 赵宇斐, 杨健.
基于深度学习的社交网络舆情信息抽取方法综述
Survey of Social Network Public Opinion Information Extraction Based on Deep Learning
计算机科学, 2022, 49(8): 279-293. https://doi.org/10.11896/jsjkx.220300099
[5] 黄松, 杜金虎, 王兴亚, 孙金磊.
以太坊智能合约模糊测试技术研究综述
Survey of Ethereum Smart Contract Fuzzing Technology Research
计算机科学, 2022, 49(8): 294-305. https://doi.org/10.11896/jsjkx.220500069
[6] 郝志荣, 陈龙, 黄嘉成.
面向文本分类的类别区分式通用对抗攻击方法
Class Discriminative Universal Adversarial Attack for Text Classification
计算机科学, 2022, 49(8): 323-329. https://doi.org/10.11896/jsjkx.220200077
[7] 姜梦函, 李邵梅, 郑洪浩, 张建朋.
基于改进位置编码的谣言检测模型
Rumor Detection Model Based on Improved Position Embedding
计算机科学, 2022, 49(8): 330-335. https://doi.org/10.11896/jsjkx.210600046
[8] 孙奇, 吉根林, 张杰.
基于非局部注意力生成对抗网络的视频异常事件检测方法
Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection
计算机科学, 2022, 49(8): 172-177. https://doi.org/10.11896/jsjkx.210600061
[9] 胡艳羽, 赵龙, 董祥军.
一种用于癌症分类的两阶段深度特征选择提取算法
Two-stage Deep Feature Selection Extraction Algorithm for Cancer Classification
计算机科学, 2022, 49(7): 73-78. https://doi.org/10.11896/jsjkx.210500092
[10] 程成, 降爱莲.
基于多路径特征提取的实时语义分割方法
Real-time Semantic Segmentation Method Based on Multi-path Feature Extraction
计算机科学, 2022, 49(7): 120-126. https://doi.org/10.11896/jsjkx.210500157
[11] 侯钰涛, 阿布都克力木·阿布力孜, 哈里旦木·阿布都克里木.
中文预训练模型研究进展
Advances in Chinese Pre-training Models
计算机科学, 2022, 49(7): 148-163. https://doi.org/10.11896/jsjkx.211200018
[12] 周慧, 施皓晨, 屠要峰, 黄圣君.
基于主动采样的深度鲁棒神经网络学习
Robust Deep Neural Network Learning Based on Active Sampling
计算机科学, 2022, 49(7): 164-169. https://doi.org/10.11896/jsjkx.210600044
[13] 苏丹宁, 曹桂涛, 王燕楠, 王宏, 任赫.
小样本雷达辐射源识别的深度学习方法综述
Survey of Deep Learning for Radar Emitter Identification Based on Small Sample
计算机科学, 2022, 49(7): 226-235. https://doi.org/10.11896/jsjkx.210600138
[14] 祝文韬, 兰先超, 罗唤霖, 岳彬, 汪洋.
改进Faster R-CNN的光学遥感飞机目标检测
Remote Sensing Aircraft Target Detection Based on Improved Faster R-CNN
计算机科学, 2022, 49(6A): 378-383. https://doi.org/10.11896/jsjkx.210300121
[15] 王建明, 陈响育, 杨自忠, 史晨阳, 张宇航, 钱正坤.
不同数据增强方法对模型识别精度的影响
Influence of Different Data Augmentation Methods on Model Recognition Accuracy
计算机科学, 2022, 49(6A): 418-423. https://doi.org/10.11896/jsjkx.210700210
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发