Title :
Vulnerability mining for network protocols based on fuzzing
Author :
Sai-Dan Zhang ; Lu-yong Zhang
Author_Institution :
Key Lab. of Universal Wireless Commun., Beijing Univ. of Posts & Telecommun., Beijing, China
Abstract :
With the development of the network, internet security is becoming a hot research topic. The vulnerabilities existed in protocol implementations may be exploited by malicious attackers and cause serious problems. So it is necessary to do research in the vulnerability mining of network protocol. This paper presents an efficient approach for detecting the flaws of network protocols based on fuzzing. A fuzzer is built by extending an intelligent tool-Sulley, aiming to test the FTP and modify its weaknesses which are unable to solve the loop structure. Then, we apply the way to three FTP servers. The results show that the approach can easily find vulnerabilities of protocol implementation.
Keywords :
Internet; computer network security; data mining; transport protocols; Internet security; fuzzing; intelligent tool-Sulley; malicious attackers; network protocols; vulnerability mining; Computer crashes; Force; Monitoring; Protocols; Security; Servers; Testing; Sulley; fuzzing; vulnerability mining;
Conference_Titel :
Systems and Informatics (ICSAI), 2014 2nd International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4799-5457-5
DOI :
10.1109/ICSAI.2014.7009365
