Computer Science

Computer Science ›› 2023, Vol. 50 ›› Issue (9): 44-51.doi: 10.11896/jsjkx.230600013

• Data Security • Previous Articles     Next Articles

Network Protocol Vulnerability Mining Method Based on the Combination of Generative AdversarialNetwork and Mutation Strategy

ZHUANG Yuan1, CAO Wenfang1, SUN Guokai1, SUN Jianguo2, SHEN Linshan1, YOU Yang3, WANG Xiaopeng3, ZHANG Yunhai3   

  1. 1 College of Computer Science and Technology,Harbin Engineering University,Harbin 150001,China
    2 Hangzhou Institute of Technology,Xidian University,Hangzhou 311231,China
    3 NSFOCUS Technologies Group Co.,Ltd.,Beijing 100089,China
  • Received:2023-05-31 Revised:2023-07-22 Online:2023-09-15 Published:2023-09-01
  • About author:ZHUANG Yuan,born in 1988,Ph.D,lecturer,associate professor,master's supervisor.Her main research interests include blockchain security,machine learning,big data processing and distributed computing.
    SHENLinshan,born in 1978,master,associate professor,master's supervisor.His main research interests include industrial information security,machine learning and intelligent information processing.
  • Supported by:
    CCF-NSFOCUS(2021014),2022 Industrial Internet Innovation and Development Project--Industrial Internet Data Security Detection Response and Traceability Project(TC220H055), Fundamental Research Funds for the Central Universities(3072022TS0604) and Concept Foundation of Hangzhou Institute of Technology,Xidian University(XJ2023230024).

PDF (PC)

2034

Abstract: With the deep integration of informatization and industrialization,the security issues of industrial Internet of things(IIoT) network protocols are becoming increasingly prominent.Existing network protocol vulnerability mining techniques mainly relyon feature variation and fuzzy testing,which have the limitations of depending on expert experience and cannot overcome the challenges posed by unknown protocols.To address the vulnerability mining challenges in IIoT protocols,this paper conducts research on the automation analysis and generation of vulnerability detection rules and proposes a network protocol vulnerability mining method based on a combination of generative adversarial networks(GANs) and mutation strategies.Firstly,a network protocol analysis model based on GANs is employed to conduct deep information mining on message sequences,extract message formats,and related features,enabling the recognition of network protocol structures.Then,by combining a guided iterative mutation strategy with a mutation operator library,directed test case generation rules are constructed to reduce the time for vulnerabi-lity discovery.Ultimately,an automated vulnerability mining method for unknown industrial control network protocols is deve-loped to meet the demand for protocol automated vulnerability mining in the existing industrial control application domain.Based on the above-mentioned approach,we conduct tests on two industrial control protocols(Modbus-TCP and S7) and evaluate them in terms of test coverage,vulnerability detection capability,test case generation time,and diversity.Experimental results show that the proposed method achieves a remarkable 89.4% on the TA index.The AD index,which measures the ability to detect vu-lnerabilities in the simulated ModbusSlave system,reaches 6.87%.Additionally,the proposed method significantly reduces the time required for generating effective test cases,thereby enhancing the efficiency of industrial control protocol vulnerability discovery.

Key words: Generative adversarial network, Mutation strategy, Fuzzing test, Vulnerability mining, Network protocol

CLC Number: 

  • TP393
[1]LI D.Analysis of the Earthquake Network Virus Event and Enlightenment on Improving Industrial Control Security Protection Capability [J].Network Security Technology and Application,2019,217(1):9-10,24.
[2]RUI X.2020 China Network Security Report [J].Research on Information Security,2021,7(2):102-109.
[3]WHITEHEAD D E,OWENS K,GAMMEL D,et al.Ukraine cyber-induced power outage:Analysis and practical mitigation strategies[C]//2017 70th Annual Conference for Protective Relay Engineers(CPRE).IEEE,2017:1-8.
[4]KURDS J F,WROSS K.Computer Networking A Top-Down Approach Seventh Edition[M].China Machine Press,2021.
[5]GOODFELLOW I,POUGET-ABADIE J,MIRZA M,et al.Ge-nerative Adversarial Nets[C]//Neural Information Processing Systems.MIT Press,2014.
[6]WANG Z L,ZHANG B W.Overview of Research on Generative Adversarial Networks [J].Journal of Network and Information Security,2021,7(4):68-85.
[7]GURUMURTHY S,SARVADEVABHATLA R K,RADHAK-RISHNAN V B.DeLiGAN:Generative Adversarial Networks for Diverse and Limited Data[C]//2017 IEEE Conference on Computer Vision and Pattern Recognition(CVPR).2017.
[8]GHOSH A,KULHARIA V,NAMBOODIRI V,et al.Multi-Agent Diverse Generative Adversarial Networks[J].arXiv:1706.02906,2017.
[9]PORTER B W,BAREISS E R.PROTOS:An Experiment inKnowledge Acquisition for Heuristic Classification Tasks[M].University of Texas at Austin,1986.
[10]AITEL D.MSRPC Fuzzing with SPIKE 2006[J/OL].http://www.immunitysec/spike.html.
[11]KIM M,PARK S,YOON J,et al.File Analysis Data Auto-Creation Model For Peach Fuzzing[J].Journal of the Korea Institute of Information Security and Cryptology,2014,24(2):327-333.
[12]JI T,WANG Z,TIAN Z,et al.AFLPro:Direction sensitive fuz-zing[J].Journal of Information Security and Applications,2020,54:102497.
[13]ZALEWSKI M.Americanfuzzylop.[EB/OL].http://lcamtuf.c.cx/aflfl/.
[14]LAI Y X,YANG K X,LIU J,et al.Mining Method for Indus-trial Control Network Protocol Vulnerability Based on Fuzzy Testing [J].Computer Integrated Manufacturing System,2019,25(9):2265-2279.
[15]LV C,JI S,LI Y,et al.SmartSeed:Smart Seed Generation for Efficient Fuzzing[J].arXiv:1807.02606,2018.
[16]BOTTINGER K,GODEFROID P,SINGH R.Deep Reinforce-ment Fuzzing[C]//2018 IEEE Security and Privacy Workshops(SPW).IEEE,2018.
[17]GODEFROID P,SINGH R,PELEG H.Machine Learning for Input Fuzzing:US patent,20180285186A1[P].2018.
[18]ZHAO H,LI Z,WEI H,et al.SeqFuzzer:An Industrial ProtocolFuzzing Framework from a Deep Learning Perspective[C]//IEEE Conference on Software Testing,Validation and Verification.East China Normal University,2019.
[19]LIN P Y,TIEN C W,HUANG T C,et al.ICPFuzzer:proprietary communication protocol fuzzing by using machine learning and feedback strategies[J].Cybersecurity,2021,4(1):1-15.
[20]SONG C X,YU B,ZHOU X,et al.SPFuzz:A HierarchicalScheduling Framework For Stateful Network Protocol Fuzzing[J].IEEE Access,2019,7:18490-18499.
[21]LI Z,ZHAO H,SHI J,et al.An Intelligent Fuzzing Data Gene-ration Method Based on Deep Adversarial Learning[J].IEEE Access,2019,7:49327-49340.
[22]PANT M,ALI M,ABRAHAM A.Mixed mutation strategy embedded differential evolution[C]//2009 IEEE Congress on Evolutionary Computation.IEEE,2009:1240-1246.
[23]LI W M,ZHANG A F,LIU J C,et al.Automated Fuzzy Testing Vulnerability Mining Method for Network Protocol [J].Chinese Journal of Computer,2011,34(2):242-255.
[24]DENG J,ZHU X,XIAO X,et al.Fuzzing With Optimized Grammar-Aware Mutation Strategies[J].IEEE Access,2021,9:95061-95071.
[25]LAI Y,GAO H,LIU J.Vulnerability Mining Method for the Modbus TCP Using an Anti-Sample Fuzzer[J].Sensors,2020,20(7):2040.
[26]SASI A,HARIPRASAD K V,CHERIAN S,et al.R0fuzz:A Collaborative Fuzzer for ICS Protocols[C]//2021 12th International Conference on Computing Communication and Networking Technologies(ICCCNT).2021.
[27]XU Y,YI Y,LI T,et al.Review on cyber vulnerabilities of communication protocols in industrial control systems[C]//2017 IEEE Conference on Energy Internet and Energy System Integration(EI2).IEEE,2017.
[28]HU Z,SHI J,HUANG Y H,et al.GANFuzz:a GAN-based industrial network protocol fuzzing framework[C]//the 15th ACM International Conference.ACM,2018.
[29]LEMAY A,FERNANDEZ J M.Providing {SCADA} Network Data Sets for Intrusion Detection Research [C]//9th Workshop on Cyber Security Experimentation and Test({CSET} 16).2016.
[1] YAN Yan, SUI Yi, SI Jianwei. Remote Sensing Image Pan-sharpening Method Based on Generative Adversarial Network [J]. Computer Science, 2023, 50(8): 133-141.
[2] WANG Jinwei, ZENG Kehui, ZHANG Jiawei, LUO Xiangyang, MA Bin. GAN-generated Face Detection Based on Space-Frequency Convolutional Neural Network [J]. Computer Science, 2023, 50(6): 216-224.
[3] GU Shouke, CHEN Wen. Function Level Code Vulnerability Detection Method of Graph Neural Network Based on Extended AST [J]. Computer Science, 2023, 50(6): 283-290.
[4] YANG Yahui, MA Rongkuan, GENG Yangyang, WEI Qiang, JIA Yan. Black-box Fuzzing Method Based on Reverse-engineering for Proprietary Industrial Control Protocol [J]. Computer Science, 2023, 50(4): 323-332.
[5] LIANG Weiliang, LI Yue, WANG Pengfei. Lightweight Face Generation Method Based on TransEditor and Its Application Specification [J]. Computer Science, 2023, 50(2): 221-230.
[6] LI Xiaoling, WU Haotian, ZHOU Tao, LU Hui. Password Guessing Model Based on Reinforcement Learning [J]. Computer Science, 2023, 50(1): 334-341.
[7] ZHANG Jia, DONG Shou-bin. Cross-domain Recommendation Based on Review Aspect-level User Preference Transfer [J]. Computer Science, 2022, 49(9): 41-47.
[8] SUN Qi, JI Gen-lin, ZHANG Jie. Non-local Attention Based Generative Adversarial Network for Video Abnormal Event Detection [J]. Computer Science, 2022, 49(8): 172-177.
[9] DAI Zhao-xia, LI Jin-xin, ZHANG Xiang-dong, XU Xu, MEI Lin, ZHANG Liang. Super-resolution Reconstruction of MRI Based on DNGAN [J]. Computer Science, 2022, 49(7): 113-119.
[10] XU Guo-ning, CHEN Yi-peng, CHEN Yi-ming, CHEN Jin-yin, WEN Hao. Data Debiasing Method Based on Constrained Optimized Generative Adversarial Networks [J]. Computer Science, 2022, 49(6A): 184-190.
[11] YIN Wen-bing, GAO Ge, ZENG Bang, WANG Xiao, CHEN Yi. Speech Enhancement Based on Time-Frequency Domain GAN [J]. Computer Science, 2022, 49(6): 187-192.
[12] XU Hui, KANG Jin-meng, ZHANG Jia-wan. Digital Mural Inpainting Method Based on Feature Perception [J]. Computer Science, 2022, 49(6): 217-223.
[13] HU Zhi-hao, PAN Zu-lie. Testcase Filtering Method Based on QRNN for Network Protocol Fuzzing [J]. Computer Science, 2022, 49(5): 318-324.
[14] DOU Zhi, WANG Ning, WANG Shi-jie, WANG Zhi-hui, LI Hao-jie. Sketch Colorization Method with Drawing Prior [J]. Computer Science, 2022, 49(4): 195-202.
[15] GAO Zhi-yu, WANG Tian-jing, WANG Yue, SHEN Hang, BAI Guang-wei. Traffic Prediction Method for 5G Network Based on Generative Adversarial Network [J]. Computer Science, 2022, 49(4): 321-328.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.