Improve Peach: Making Network Protocol Fuzz Testing more Precisely

Abstract

Peach is an indispensable tool for network security experts, but, it is not perfect in the coarse controlling granularity. This paper analyzes the core code of Peach and makes improvements of Peach in three aspects: 1) applying different Mutators to test different fields in PDU; 2) starting a fuzz test at any test case according to a config.xml file; 3) executing the specified number of test cases in each test. These contributions make fuzz testing like software debugging, and locate a network protocol implementation's bug triggered by which test case more precisely with less time and less test cases than ever before. This paper also adds a replaying test scenario to Peach based on our contributions. Experimental results demonstrate that the features this paper improved to Peach could save lots of time with lower costs when applying Peach to test protocol implementations.