Abstract
Fuzzing is regarded as the most promising method for protocol vulnerabilities discovering in network security of Internet of Things (IoT). However, one fatal drawback of existing fuzzing methods is that a huge number of test files are required to maintain a high test coverage. In this paper, a novel method based on protocol reverse engineering is proposed to reduce the amount of test files for fuzzing. The proposed method uses techniques in the field of protocol reverse engineering to identify message formats of IoT application-layer protocol and create test files by generating messages with error fields according to message formats. The protocol message treated as a sequence of bytes is assumed to obey a statistic process with change-points indicating the boundaries of message fields. Then, a multi-change-point detection procedure is introduced to identify change-points of byte sequences according to their statistic properties and divide them into segments according to their change-points. The message segments are further processed via a position-based occurrence probability test analysis to identify keyword fields, data fields and uncertain fields. Finally, a message generation procedure with mutation operation on message fields is applied to construct test files for fuzzing test. The results show that the proposed method can effectively find out the message fields and significantly reduce the amount of test files for fuzzing test.
Highlights
Fuzzing is a widely used security technique for discovering vulnerability in network protocol by sending a series of test files with random or fault data to software system implementing specific protocol and observing software exceptions to detect vulnerabilities within the protocol.Currently, there exist mainly two kinds of fuzzing techniques, i.e., mutation-based and generation-based fuzzing [1]
Since the problem of message field identification in this paper is a multi-change-point detection problem, the detection procedure has to be extended to a multi-round procedure presented in Section 3.1 and called MultiCUSUM
The proposed method applies protocol reverse engineering approach to improve Internet of Things (IoT) protocol fuzzing performance by creating valid and effective test files based on protocol message format and reducing greatly the size of test files
Summary
Fuzzing is a widely used security technique for discovering vulnerability in network protocol by sending a series of test files with random or fault data to software system implementing specific protocol and observing software exceptions to detect vulnerabilities within the protocol. The message formats are mainly collected or analyzed in a manual way, which is a time-consuming and error-prone process. To address these issues, protocol reverse engineering [3] is introduced to obtain protocol specification automatically. A field-based fault-injected message generation procedure conducted by the message format is applied to create fuzzing test files. A reference position would be selected for every field, and each field are tested by binomial test to make sure whether their positions are equal to the reference position with probability 1 given a significance level α The fields passing these tests are chosen as keyword fields, while the rest ones are considered as uncertain fields
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
