一种协议安全漏洞检测方法.docVIP

  一种协议安全漏洞检测方法 苏文杰，温巧燕** （北京邮电大学网络技术研究院，北京 100876） 5 10 摘要：随着计算机网络技术的普及和快速发展，许多关键领域越来越依赖网络交换和传输。 网络协议是计算机网络的基础，是网络能够正常运行的支柱，因此网络协议的安全性越来越 被重视。以模糊测试为核心的协议安全测试技术是当前的主流技术，发现了许多潜在的安全 漏洞。但是现有的模糊测试技术在测试中大多以人工实现或采用随机方法，导致测试效率不 高，覆盖率有限；另一方面，现有模糊测试大都使用非形式化方法，使得其难于优化和提高 效率。本文提出一种以形式化模型为核心的方法来检测网络协议中的安全漏洞，它将变异分 析和模型检测技术引入到模糊测试中，提供一种综合的协议安全测试方法。该方法可以模拟 协议的行为，自动产生测试用例。 关键词：协议安全检测；变异分析；模型检测；模糊测试； 中图分类号：TP309.2 15 An Security Vulnerability Detection Method for Protocol Implementation Su Wenjie, Wen Qiaoyan (Institute of Network Technology, Beijing University of Post and Telecommunications, 20 25 30 35 40 Beijing 100876) Abstract: With the popularity and rapid development of computer network technology, there are more and more ares depending on network information switching and transmission. Network Protocol is basement in computer network and the backbone to support network operation, so the security of network protocols are being taken seriously. The mainstream technology of protocol security testing is fuzz testing which has found many potential security vulnerabilities. However, the main methods of fuzz testing is artificial or random methods, in which the test efficiency is not high and the coverage is limited; the other hand, most of the existing fuzz testing use non-formal which is difficult to optimize and improve efficiency.This paper proposes a formal model to detect security vulnerabilities in network protocols, which introduces mutation analysis and model checking into fuzz testing and provides a synthesized protocol security testing. This method is simulated the behavior of protocols, automatically generated test cases. Key words: protocol security testing; mutation analysis; model checking; fuzz testing; 0 引言 随着计算机的不断普及，网络已成为人们生活中不可或缺的部分。网络协议在网络中扮 演重要角色，它是计算机网络的基础，是网络中各种通信实体、进程间交换信息所遵守的规 则集合，是网络能够正常运作的前提。协议规定了信息交换过程中相应的数据格式和传输规 则，互联的计算机必须遵守协议才能通信成功并解读信息。为了给网络中互联及传输的各软 硬件提供标准，国际标准化组织（International Standard Organization，ISO）提出了开放式通 信系统互联参考模型 ISO/OSI（Open System