Private protocol fuzzy test case generation method based on byte length classification

A proprietary protocol, byte-length technology, applied in electrical components, transmission systems, etc., can solve the problems of low test efficiency and low positioning accuracy, and achieve the effect of high real-time performance and low technical level

Active Publication Date: 2020-12-08
SHANGHAI UNIVERSITY OF ELECTRIC POWER
View PDF6 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In view of the above existing problems of low abnormality positioning accuracy and low test efficiency, the present invention is proposed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Private protocol fuzzy test case generation method based on byte length classification
  • Private protocol fuzzy test case generation method based on byte length classification
  • Private protocol fuzzy test case generation method based on byte length classification

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] For the public industrial control system communication protocol, we can clearly know the content of the protocol according to the protocol specification, and then specify the test strategy, but for the private protocol, we cannot know the content of the protocol specification, and we need to conduct a preliminary analysis of the protocol. The current method of fuzzy testing for industrial control systems has shortcomings such as too simple and random fuzzy data, low accuracy for abnormal positioning, and low test efficiency. In addition, testers need to be very familiar with the protocol. The requirements of high standards, high coverage and high efficiency cannot be met.

[0032] refer to Figure 1~3 , is an embodiment of the present invention, provides a kind of private protocol fuzzy test case generation method based on byte length classification, comprising:

[0033] S1: Use the MSA data flow to compare and analyze the characteristics of the private protocol to det...

Embodiment 2

[0061] The technical effects adopted in this method are verified and explained. In this embodiment, OpenVAS (Open Vulnerability Assessment System) is selected for comparative testing with the method of the present invention, and the test results are compared by means of scientific demonstration to verify the real effect of this method.

[0062] Among them, OpenVAS (Open Vulnerability Assessment System) is a network scanner that includes related tools, and its core component is a server, including a set of network vulnerability testing programs, which can detect security problems in remote systems and applications. Such as figure 1 As shown, using the Kitty fuzz testing framework combined with the industrial control protocol components in the ISF and traditional technical solutions to execute the fuzz test protocol on the Siemens S7comm protocol to perform fuzz testing to find vulnerabilities. Firstly, Kitty sets the interface and target, and can connect with the target three t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a private protocol fuzzy test case generation method based on byte length classification, and the method comprises the steps: carrying out the contrastive analysis of the features of a private protocol through an MSA data flow, so as to determine whether the byte length of the private protocol is variable or not; if the private protocol byte length is variable, performing content variation on a variable field of the private protocol byte length; if the private protocol byte length is not changed, performing content variation and byte length upper and lower limit variation on the invariable field; and generating a new test case according to a variation result, and sending the test case to the target device to complete the generation of the test case. According to themethod, vulnerability mining is carried out by combining the characteristics of high real-time performance and high reliability of the private protocol of the industrial control system, so that preventive measures are taken, and the method has relatively low requirements on the technical level of testers, does not need to deeply analyze the protocol, and does not need to have higher requirementson a test technology.

Description

technical field [0001] The invention relates to the technical field of private protocol fuzz testing, in particular to a method for generating private protocol fuzz test cases based on byte length classification. Background technique [0002] In recent years, attacks on programmable controllers in the power grid system have occurred frequently, seriously endangering national economic construction. For example, the Ukrainian power grid that shocked the world was attacked by hackers, resulting in large-scale power outages. The safe operation of the power grid requires higher requirements. [0003] The present invention focuses on the research on the communication security of programmable controllers in the power grid, and conducts security experiments to verify the existing problems of the communication protocol of programmable controllers in a real environment. For known problems, we can take safety protection measures to make up for the defects , to prevent being exploited b...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1425H04L63/1433
Inventor 王勇刘金永
Owner SHANGHAI UNIVERSITY OF ELECTRIC POWER
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap