Fuzzing Technology Based on Information Theory for Industrial Proprietary Protocol

With the rapid development of Industrial Internet Things (IIoT), programmable logic controllers (PLCs) are becoming increasingly intelligent, leading to improved productivity. However, this also brings about a growing number security vulnerabilities. As result, efficiently identifying potential vulnerabilities in PLCs has become crucial research topic for researchers. This article proposes method fuzzing industrial proprietary protocols effectively identify PLCs’ protocols. The aim study is develop protocol approach that can uncover To achieve this, presents structure parsing algorithm specifically designed PLC protocols, utilizing information theory. Additionally, case generation based on genetic algorithms introduced select test cases adhere format specifications while exhibiting high degree mutation. methodology consists several steps. Firstly, proposed used analyze two known namely Modbus TCP and S7Comm. results obtained from then compared with correct validate its effectiveness. Next, applied formats models. Finally, analysis results, subjected fuzzing. Overall, approach, incorporating algorithm, successfully identifies denial-of-service Notably, one these zero-day vulnerability, indicating it was previously unknown undisclosed.