{"title":"构建通用协议模糊器的建议","authors":"D. Vasinev, M. Solovev","doi":"10.31854/1813-324x-2023-9-6-59-67","DOIUrl":null,"url":null,"abstract":"The article studies the problem of ensuring information security in the field of telecommunications using the phasing method. The analysis of modern software products designed for testing by the fuzzing method is carried out, their disadvantages are revealed, and an approach to the creation of a universal mutation protocol fuzzer is proposed. The method of test data formation allows to automate the process of searching for vulnerabilities in telecommunication protocols and pro-software. Its novelty lies in the formation of test constructs on the basis of parameters of fields of telecommunication protocols. The proposed fuzzy solution allows to form an attack vector on the basis of known parameters presented in the threat database, as well as to modify these attack vectors.","PeriodicalId":298883,"journal":{"name":"Proceedings of Telecommunication Universities","volume":"40 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2023-12-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Proposals for Universal Protocol Fuzzer Construction\",\"authors\":\"D. Vasinev, M. Solovev\",\"doi\":\"10.31854/1813-324x-2023-9-6-59-67\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The article studies the problem of ensuring information security in the field of telecommunications using the phasing method. The analysis of modern software products designed for testing by the fuzzing method is carried out, their disadvantages are revealed, and an approach to the creation of a universal mutation protocol fuzzer is proposed. The method of test data formation allows to automate the process of searching for vulnerabilities in telecommunication protocols and pro-software. Its novelty lies in the formation of test constructs on the basis of parameters of fields of telecommunication protocols. The proposed fuzzy solution allows to form an attack vector on the basis of known parameters presented in the threat database, as well as to modify these attack vectors.\",\"PeriodicalId\":298883,\"journal\":{\"name\":\"Proceedings of Telecommunication Universities\",\"volume\":\"40 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-12-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of Telecommunication Universities\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.31854/1813-324x-2023-9-6-59-67\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of Telecommunication Universities","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.31854/1813-324x-2023-9-6-59-67","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Proposals for Universal Protocol Fuzzer Construction
The article studies the problem of ensuring information security in the field of telecommunications using the phasing method. The analysis of modern software products designed for testing by the fuzzing method is carried out, their disadvantages are revealed, and an approach to the creation of a universal mutation protocol fuzzer is proposed. The method of test data formation allows to automate the process of searching for vulnerabilities in telecommunication protocols and pro-software. Its novelty lies in the formation of test constructs on the basis of parameters of fields of telecommunication protocols. The proposed fuzzy solution allows to form an attack vector on the basis of known parameters presented in the threat database, as well as to modify these attack vectors.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
