Computer Science

Computer Science ›› 2025, Vol. 52 ›› Issue (11A): 241100173-9.doi: 10.11896/jsjkx.241100173

• Information Security • Previous Articles     Next Articles

Survey on Fuzz Testing Techniques for Network Protocols

HAN Luchao1, ZHANG Wei2   

  1. 1 National Natural Science Foundation of China,Beijing 100085,China
    2 CSCEC Electronic Information Technology Co.,Ltd.,Beijing 100123,China
  • Online:2025-11-15 Published:2025-11-10

PDF (PC)

10

Abstract: Fuzz testing,as one of the automatic bug detection techniques,has found a large number of bugs in recent years by continuously inputting random or semi-random variant data to the target under test,leading to anomalies or crashes of the target under test.This paper focuses on fuzz testing for network protocol software implementation,and systematically analyses and summarises the research results related to network protocol fuzz testing in recent years.First,the basic process of network protocol fuzz testing is taken as the traction,and the working principle of fuzz testing technology in the testing phases of protocol message pre-processing,test case generation,fuzz test execution,and test anomaly monitoring and other testing phases are elaborated,as well as the progress of its representative research work.Then,through the application of mainstream protocol fuzz testing tools in the large-scale integrated testing of multiple network protocols,the evaluation and validation of mainstream network protocol fuzz testing tools are realised.Finally,the research results in recent years are analysed and summarised.Then,the evaluation and validation of the current mainstream network protocol fuzz testing tools are achieved through the application of mainstream protocol fuzz testing tools in the large-scale integrated testing of multiple network protocols;finally,the future development direction and challenges of network protocol fuzz testing technology are summarised and outlooked.

Key words: Fuzz testing, Vulnerability detection, Network protocols, Test case generation, Protocol reverse engineering

CLC Number: 

  • TP393
[1]MANÈS V J M,HAN H S,HAN C,et al.The art,science,and engineering of fuzzing:A survey[J].IEEE Transactions on Software Engineering,2019,47(11):2312-2331.
[2]XU W,LI P,ZHANG W B,et al.Survey of network protocolfuzzing [J].Application Research of Computers,2023,40 (8):2241-2249.
[3]GODEFROID P.Fuzzing:Hack,art,and science[J].Communications of the ACM,2020,63(2):70-76.
[4]REN Z,ZHENG H,ZHANG J,et al.A Review of FuzzingTechniques[J].Journal of Computer Research and Development,2021,58(5):944.
[5]LIANG H,PEI X,JIA X,et al.Fuzzing:State of the art[J].IEEE Transactions on Reliability,2018,67(3):1199-1218.
[6]BOEHME M,CADAR C,ROYCHOUDHURY A.Fuzzing:Challenges and Reflections[J].IEEE Software,2021,38(3):79-86.
[7]ECEIZA M,FLORES J L,ITURBE M.Fuzzing the Internet of Things:A Review on the Techniques and Challenges for Efficient Vulnerability Discovery in Embedded Systems[J].IEEE Internet of Things Journal,2021,8(13):10390-10411.
[8]田一嵋.智能汽车网络漏洞检测技术的研究与实现[D].成都:电子科技大学,2019.
[9]SPIKEFuzzer Platform[EB/OL].(2022-02-12).http://www.immunitysec.com.
[10]Peach Fuzzer Platform[EB/OL].(2022-02-12).http://www.peachfuzzer.com/products/peach-platform/.
[11]Sulley:A pure-python fully automated and unattended fuzzing framework[EB/OL].(2021-01-23).https://www.github.com/OpenRCE/sulley.
[12]ZHANG H Z,HONG Z,ZHOU S L,et al.Fuzzing Optimization Method Based on Protocol State Migration Traversal[J].Computer Engineering and Applications,2020,56(4):82-91.
[13]LI Y H,HONG Z,LIN P H.Fuzzing Test Case GenerationMethod Based on Depth-first Search[J].Computer Science,2021,48(12):85-93.
[14]LI J L,CHEN Y L,LI Z,et al.Mining RTSP Protocol Vulnerabilities Based on Traversal of Protocol State Graph[J].ComputerScience,2018,45(9):171-176.
[15]AICHERNIG B K,MUŠKARDIN E,PFERSCHER A.Learning-based fuzzing of IoT message brokers[C]//14th IEEE Conference on Software Testing,Verification and Validation.2021:47-58.
[16]FITERAU-BROSTEAN P,JONSSON B,MERGET R,et al.Analysis of DTLS Implementations Using Protocol State Fuzzing[C]//29th USENIX Security Symposium.2020:2523-2540.
[17]YU Y,CHEN Z,GAN S,et al.SGPFuzzer:A state-driven smart graybox protocol fuzzer for network protocol implementations[J].IEEE Access,2020,8:198668-198678.
[18]PHAM V T,BÖHME M,ROYCHOUDHURY A.AFLnet:agreybox fuzzer for network protocols[C]//IEEE 13th International Conference on Software Testing,Validation and Verification.2020:460-465.
[19]BLUMBERGS B,VAARANDI R.Bbuzz:A bit-aware fuzzingframework for network protocol systematic reverse engineering and analysis[C]//IEEE Military Communications Conference.2017:707-712.
[20]LUO J Z,SHAN C,CAI J,et al.IoT Application-Layer Protocol Vulnerability Detection using Reverse Engineering[J].Symmetry,2018,10(11):561.
[21]FENG X,SUN R,ZHU X,et al.Snipuzz:Black-box fuzzing of IoT firmware via message snippet inference[C]//ACM SIGSAC Conference on Computer and Communications Security.2021:337-350.
[22]HE H H,WANG Y J.PNFUZZ:A stateful network protocolfuzzing approach based on packet clustering [J].Computer Science & Information Technology,2020:61-69.
[23]FAN R,CHANG Y.Machine learning for black-box fuzzing of network protocols[C]//International Conference on Information and Communications Security.2017:621-632.
[24]GAO Z,DONG W,CHANG R,et al.The Stacked Seq2seq-attention Model for Protocol Fuzzing[C]//IEEE 7th International Conference on Computer Science and Network Technology.2019:126-130.
[25]ZHAO H,LI Z,WEI H,et al.SeqFuzzer:An industrial protocol fuzzing framework from a deep learning perspective[C]//12th IEEE Conference on software testing,validation and verification.2019:59-67.
[26]LV W,XIONG J,SHI J,et al.A deep convolution generative adversarial networks based fuzzing framework for industry control protocols[J].Journal of Intelligent Manufacturing,2021,32(2):441-457.
[27]JERO S,PACHECO M L,GOLDWASSER D,et al.Leveraging textual specifications for grammar-based fuzzing of network protocols[C]//The AAAI Conference on Artificial Intelligence.2019:9478-9483.
[28]HU Z H,PAN Z L.Testcase Filtering Method Based on QRNN for Network Protocol Fuzzing[J].Computer Science,2022,49(5):318-324.
[29]LIU X,CUI B,FU J,et al.HFuzz:Towards automatic fuzzing testing of NB-IoT core network protocols implementations[J].Future Generation Computer Systems,2020,108:390-400.
[30]SONG C,YU B,ZHOU X,et al.SPFuzz:a hierarchical scheduling framework for stateful network protocol fuzzing[J].IEEE Access,2019,7:18490-18499.
[31]LI M,HE L,TENG Y X,et al.Research on network protocol vulnerability discovery based on fuzz testing[C]//IEEE 2nd Information Technology,Networking,Electronic and Automation Control Conference.2017:1354-1358.
[32]LUO Z,ZUO F,JIANG Y,et al.Polar:Function code aware fuzz testing of ics protocol[J].ACM Transactions on Embedded Computing Systems,2019,18(5s):1-22.
[33]REDINI N,CONTINELLA A,DAS D,et al.DIANE:identifying fuzzing triggers in Apps to generate under-constrained inputs for IoT devices[C]//IEEE Symposium on Security and Privacy.2021:484-500.
[34]GASCON H,WRESSNEGGER C,YAMAGUCHI F,et al.Pulsar:Stateful black-box fuzzing of proprietary network protocols[C]//International Conference on Security and Privacy in Communication Systems,2015:330-347.
[35]LIN P Y,TIEN C W,HUANG T C,et al.ICPFuzzer:proprietary communication protocol fuzzing by using machine learning and feedback strategies[J].Cybersecurity,2021,4(1):1-15.
[36]NATELLA R.StateAFL:Greybox Fuzzing for Stateful Net-work Servers[J].Empirical Software Engineering,2022,27(7):191.
[37]PETERSON A,JERO S,HOQUE E,et al.aBBRate:Automating BBR Attack Exploration Using a Model-Based Approach[C]//International Symposium on Research in Attacks,Intrusions and Defenses.2020:225-240.
[38]YU B,WANG P,YUE T,et al.Poster:Fuzzing IoT firmware via multi-stage message generation[C]//ACM SIGSAC Confe-rence on Computer and Communications Security.2019:2525-2527.
[39]ZHENG Y,DAVANIAN A,YIN H,et al.FIRM-AFL:High-Throughput Greybox Fuzzing of IoT Firmware via Augmented Process Emulation[C]//2019 USENIX Security Symposium.2019:1099-1114.
[40]KIM J,YU J,KIM H,et al.FIRM-COV:high-coverage greybox fuzzing for IoT firmware via optimized process emulation[J].IEEE Access,2021,9:101627-101642.
[41]MAIER D,SEIDEL L,PARK S.Basesafe:Baseband sanitizedfuzzing through emulation[C]//13th ACM Conference on Security and Privacy in Wireless and Mobile Networks.2020:122-132.
[42]LUO Z,ZUO F,SHEN Y,et al.ICS protocol fuzzing:Coverage guided packet crack and generation[C]//57th ACM/IEEE Design Automation Conference.2020:1-6.
[43]ALSHMRANY K,CORDEIRO L.Finding security vulnerabilities in network protocol implementations[J].arXiv:2001.09592,2020.
[44]ZOU Y H,BAI J J,ZHOU J,et al.TCP-Fuzz:Detecting Memory and Semantic Bugs in TCP Stacks with Fuzzing[C]//2021 USENIX Annual Technical Conference.2021:489-502.
[45]MOUKAHAL L J,ZULKERNINE M,SOUKUP M.Vulnera-bility-Oriented Fuzz Testing for Connected Autonomous Vehicle Systems[J].IEEE Transactions on Reliability,2021,70(4):1422-1437.
[46]WEN S,MENG Q,FENG C,et al.Protocol vulnerability detection based on network traffic analysis and binary reverse engineering[J].PloS One,2017,12(10):e0186188.
[47]KIM S J,CHO J,LEE C,et al.Smart seed selection-based effective black box fuzzing for IoT protocol[J].The Journal of Supercomputing,2020,76(12):10140-10154.
[48]GAO Z,DONG W,CHANG R,et al.Fw-fuzz:A code coverage-guided fuzzing framework for network protocols on firmware[J].Concurrency and Computation:Practice and Experience,2022,34(16):1-15.
[49]SANISLAV F S.Development of fuzzing methodologies for testing the resilience of the SATA protocol[D].Politecnico di Torino,2020.
[50]CASTEUR G,AUBARET A,BLONDEAU B,et al.Fuzzing attacks for vulnerability discovery within MQTT protocol[C]//International Wireless Communications and Mobile Computing.2020:420-425.
[51]YU J Z,LUO Z X,XIAF S Y,et al.SPFuzz:Stateful Path based Parallel Fuzzing for Protocols in Autonomous Vehicles[C]//Proceedings of the 61st ACM/IEEE Design Automation Confe-rence(DAC’24).Association for Computing Machinery,New York,NY,USA,2024:1-6.
[52]SEREBRYANY K.OSS-Fuzz:Google’s continuous fuzzingservice for open source software[EB/OL].(2021-11-09).https://github.com/google/oss-fuzz/.
[1] ZHOU Tao, DU Yongping, XIE Runfeng, HAN Honggui. Vulnerability Detection Method Based on Deep Fusion of Multi-dimensional Features from Heterogeneous Contract Graphs [J]. Computer Science, 2025, 52(9): 368-375.
[2] SUN Qiming, HOU Gang, JIN Wenjie, HUANG Chen, KONG Weiqiang. Survey on Fuzzing of Embedded Software [J]. Computer Science, 2025, 52(7): 13-25.
[3] BAO Shenghong, YAO Youjian, LI Xiaoya, CHEN Wen. Integrated PU Learning Method PUEVD and Its Application in Software Source CodeVulnerability Detection [J]. Computer Science, 2025, 52(6A): 241100144-9.
[4] SHI Heyuan, CHEN Shijun, ZHANG Qiang, SHEN Yuheng, JIANG Yu, SHI Ronghua. Configuration-guided Directed Kernel Fuzzing for Real-time Linux [J]. Computer Science, 2025, 52(6A): 240400161-8.
[5] ZHANG Xuming, SHI Yaqing, HUANG Song, WANG Xingya, HU Jinchang, LU Jiangtao. Survey of Open-source Software Component Vulnerability Detection and Automatic RepairTechnology [J]. Computer Science, 2025, 52(6): 1-20.
[6] XIAO Ziqin, SHI Yaqing, QU Yubin. Research on Optimization of Test Case Generation Based on Neuron Coverage Index [J]. Computer Science, 2025, 52(11): 339-348.
[7] REN Jiadong, LI Shangyang, REN Rong, ZHANG Bing, WANG Qian. Web Access Control Vulnerability Detection Approach Based on Site Maps [J]. Computer Science, 2024, 51(9): 416-424.
[8] SHAO Wenxin, YANG Zhibin, LI Wei, ZHOU Yong. Natural Language Requirements Based Approach for Automatic Test Cases Generation of SCADE Models [J]. Computer Science, 2024, 51(7): 29-39.
[9] WANG Shuanqi, ZHAO Jianxin, LIU Chi, WU Wei, LIU Zhao. Fuzz Testing Method of Binary Code Based on Deep Reinforcement Learning [J]. Computer Science, 2024, 51(6A): 230800078-7.
[10] LI Qiuyue, HAN Daojun, ZHANG Lei, XU Tao. Fine-grained Vulnerability Detection Based on Hierarchical Attention Networks and Integral Gradients [J]. Computer Science, 2024, 51(12): 326-333.
[11] LIU Jiahao, JIANG He. DeepGenFuzz:An Efficient PDF Application Fuzzing Test Case Generation Framework Based on Deep Learning [J]. Computer Science, 2024, 51(12): 53-62.
[12] LIU Yingying, YANG Qiuhui, YAO Bangguo, LIU Qiaoyun. Study on REST API Test Case Generation Method Based on Dependency Model [J]. Computer Science, 2023, 50(9): 101-107.
[13] LIU Ziwen, YU Lijuan, SU Yixing, ZHAO Yao, SHI Zhu. Test Case Generation Based on Web Application Front-end Behavior Model [J]. Computer Science, 2023, 50(7): 18-26.
[14] LIU Zerun, ZHENG Hong, QIU Junjie. Smart Contract Vulnerability Detection Based on Abstract Syntax Tree Pruning [J]. Computer Science, 2023, 50(4): 317-322.
[15] YANG Yahui, MA Rongkuan, GENG Yangyang, WEI Qiang, JIA Yan. Black-box Fuzzing Method Based on Reverse-engineering for Proprietary Industrial Control Protocol [J]. Computer Science, 2023, 50(4): 323-332.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.