{"title":"基于模糊的路由器协议漏洞发现研究","authors":"Zhiqiang Wang, Yuqing Zhang, Qixu Liu","doi":"10.1109/ChinaCom.2012.6417484","DOIUrl":null,"url":null,"abstract":"How to discover router vulnerabilities effectively and automatically is a critical problem to ensure network and information security. Previous research on router security is mostly about the technology of exploiting known flaws of routers. Fuzzing is a famous automated vulnerability finding technology, however, traditional Fuzzing tools are designed for testing network applications or other software. These tools are not or partly not suitable for testing routers. This paper designs a framework of discovering router protocol vulnerabilities, and proposes a mathematical model Two-stage Fuzzing Test Cases Generator (TFTCG) that improves previous methods to generate test cases. We have developed a tool called RPFuzzer based on TFTCG. RPFuzzer monitors routers by sending normal packets, keeping watch on CPU utilization and checking system logs, which can detect DoS, router reboot and so on. RPFuzzer'debugger based on modified Dynamips, which can record register values when an exception occurs. Finally, we experiment on the SNMP protocol, find 8 vulnerabilities,of which there are five unreleased vulnerabilities. The experiment has proved the effectiveness of RPFuzzer.","PeriodicalId":143739,"journal":{"name":"7th International Conference on Communications and Networking in China","volume":"4 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"A research on vulnerability discovering for router protocols based on fuzzing\",\"authors\":\"Zhiqiang Wang, Yuqing Zhang, Qixu Liu\",\"doi\":\"10.1109/ChinaCom.2012.6417484\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"How to discover router vulnerabilities effectively and automatically is a critical problem to ensure network and information security. Previous research on router security is mostly about the technology of exploiting known flaws of routers. Fuzzing is a famous automated vulnerability finding technology, however, traditional Fuzzing tools are designed for testing network applications or other software. These tools are not or partly not suitable for testing routers. This paper designs a framework of discovering router protocol vulnerabilities, and proposes a mathematical model Two-stage Fuzzing Test Cases Generator (TFTCG) that improves previous methods to generate test cases. We have developed a tool called RPFuzzer based on TFTCG. RPFuzzer monitors routers by sending normal packets, keeping watch on CPU utilization and checking system logs, which can detect DoS, router reboot and so on. RPFuzzer'debugger based on modified Dynamips, which can record register values when an exception occurs. Finally, we experiment on the SNMP protocol, find 8 vulnerabilities,of which there are five unreleased vulnerabilities. The experiment has proved the effectiveness of RPFuzzer.\",\"PeriodicalId\":143739,\"journal\":{\"name\":\"7th International Conference on Communications and Networking in China\",\"volume\":\"4 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"7th International Conference on Communications and Networking in China\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ChinaCom.2012.6417484\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"7th International Conference on Communications and Networking in China","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ChinaCom.2012.6417484","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
摘要
如何有效、自动地发现路由器漏洞,是保障网络和信息安全的关键问题。以往对路由器安全的研究大多是利用路由器已知漏洞的技术。模糊测试是一种著名的自动化漏洞发现技术,然而传统的模糊测试工具是为测试网络应用程序或其他软件而设计的。这些工具不适合或部分不适合测试路由器。本文设计了路由器协议漏洞发现框架,提出了一种两阶段模糊测试用例生成器(Two-stage Fuzzing Test case Generator, TFTCG)数学模型,改进了现有的测试用例生成方法。我们基于TFTCG开发了RPFuzzer工具。RPFuzzer通过发送正常数据包,监视CPU利用率和检查系统日志来监视路由器,可以检测DoS,路由器重启等。RPFuzzer的调试器基于修改的Dynamips,它可以记录异常发生时的寄存器值。最后,我们对SNMP协议进行了实验,发现了8个漏洞,其中有5个未发布的漏洞。实验证明了RPFuzzer的有效性。
A research on vulnerability discovering for router protocols based on fuzzing
How to discover router vulnerabilities effectively and automatically is a critical problem to ensure network and information security. Previous research on router security is mostly about the technology of exploiting known flaws of routers. Fuzzing is a famous automated vulnerability finding technology, however, traditional Fuzzing tools are designed for testing network applications or other software. These tools are not or partly not suitable for testing routers. This paper designs a framework of discovering router protocol vulnerabilities, and proposes a mathematical model Two-stage Fuzzing Test Cases Generator (TFTCG) that improves previous methods to generate test cases. We have developed a tool called RPFuzzer based on TFTCG. RPFuzzer monitors routers by sending normal packets, keeping watch on CPU utilization and checking system logs, which can detect DoS, router reboot and so on. RPFuzzer'debugger based on modified Dynamips, which can record register values when an exception occurs. Finally, we experiment on the SNMP protocol, find 8 vulnerabilities,of which there are five unreleased vulnerabilities. The experiment has proved the effectiveness of RPFuzzer.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
