Fuzzing is a well-known black-box approach to the security testing of applications. Fuzzing has many advantages in terms of simplicity and effectiveness over more complex, expensive testing approaches. Unfortunately, current fuzzing tools suffer from a number of limitations, and, in particular, they provide little support for the fuzzing of stateful protocols. In this paper, we present SNOOZE, ...

Network protocol vulnerability detection plays an important role in many domains, including protocol security analysis, application security, and network intrusion detection. In this study, by analyzing the general fuzzing method of network protocols, we propose a novel approach that combines network traffic analysis with the binary reverse engineering method. For network traffic analysis, the ...

Computers make very fast, very accurate mistakes. From a refrigerator magnet. Real-world infrastructure offers many scenarios where protocols (and other details) are not released due to being considered too sensitive or for other reasons. This situation makes it hard to apply fuzzing techniques to test their security and reliability, since their full documentation is only available to their dev...

Nowadays fuzzing is a pretty common technique used both by attackers and software developers. Currently known techniques usually involve knowing the protocol/format that needs to be fuzzed and having a basic understanding of how the user input is processed inside the binary. In the past since fuzzing was little-used obtaining good results with a small amount of effort was possible. Today findin...

How to efficiently reduce the fuzzing data scale while assuring high fuzzing veracity and vulnerability coverage is a pivotal issue in program fuzz test. This paper proposes a new heuristic method for fuzzing data generation named with H-Fuzzing. H-Fuzzing achieves a high program execution path coverage by retrieving the static information and dynamic property from the program. Our experiments ...

Since the emergence of 3G cellular IP networks, internet usage via 3G data services has become ubiquitous. Therefore such network is an important target for imposters who can disrupt the internet services by attacking the network core, thereby causing significant revenue losses to mobile operators. GPRS Tunneling Protocol GTP is the primary protocol used between the 3G core network nodes. In th...

The security of network services and their protocols critically depends on minimizing their attack surface. A single flaw in an implementation can suffice to compromise a service and expose sensitive data to an attacker. The discovery of vulnerabilities in protocol implementations, however, is a challenging task: While for standard protocols this process can be conducted with regular techniques...

Right after its introduction, GSM security was reviewed in a mostly theoretical way, uncovering some major security issues. However, the costs and complexity of the required hardware prohibited most people from exploiting these weaknesses in practice and GSM became one of the most successful technologies ever introduced. However, there is an enormous amount of mobile enabled equipment out there...

We describe a largely automated and systematic analysis of TLS implementations by what we call ‘protocol state fuzzing’: we use state machine learning to infer state machines from protocol implementations, using only blackbox testing, and then inspect the inferred state machines to look for spurious behaviour which might be an indication of flaws in the program logic. For detecting the presence...

Vulnerability discovery technology becomes more and more important in software development and network security. This paper presents the classification of vulnerability discovery technologies and discusses the advantages, disadvantages and the extent of application of each class. Then we emphasize the procedure and the improvement methods of the Fuzzing test combined with protocol analysis. Fur...