Test data generation for stateful network protocol fuzzing using a rule-based state machine

Rui Ma*, Daguang Wang, Changzhen Hu, Wendong Ji, Jingfeng Xue

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

18 Citations (Scopus)

Abstract

To improve the efficiency and coverage of stateful network protocol fuzzing, this paper proposes a new method, using a rule-based state machine and a stateful rule tree to guide the generation of fuzz testing data. The method first builds a rule-based state machine model as a formal description of the states of a network protocol. This removes safety paths, to cut down the scale of the state space. Then it uses a stateful rule tree to describe the relationship between states and messages, and then remove useless items from it. According to the message sequence obtained by the analysis of paths using the stateful rule tree and the protocol specification, an abstract data model of test case generation is defined. The fuzz testing data is produced by various generation algorithms through filling data in the fields of the data model. Using the rule-based state machine and the stateful rule tree, the quantity of test data can be reduced. Experimental results indicate that our method can discover the same vulnerabilities as traditional approaches, using less test data, while optimizing test data generation and improving test efficiency.

Original languageEnglish
Article number7488746
Pages (from-to)352-360
Number of pages9
JournalTsinghua Science and Technology
Volume21
Issue number3
DOIs
Publication statusPublished - Jun 2016

Keywords

  • fuzzing
  • rule-based state machine
  • stateful network protocol
  • stateful rule tree
  • test data generation

Fingerprint

Dive into the research topics of 'Test data generation for stateful network protocol fuzzing using a rule-based state machine'. Together they form a unique fingerprint.

Cite this