通过协作数据包生成并行模糊物联网消息传输协议

IF 2.7 3区计算机科学 Q2 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems Pub Date : 2024-11-06 DOI:10.1109/TCAD.2024.3444705

Zhengxiong Luo;Junze Yu;Qingpeng Du;Yanyang Zhao;Feifan Wu;Heyuan Shi;Wanli Chang;Yu Jiang

{"title":"通过协作数据包生成并行模糊物联网消息传输协议","authors":"Zhengxiong Luo;Junze Yu;Qingpeng Du;Yanyang Zhao;Feifan Wu;Heyuan Shi;Wanli Chang;Yu Jiang","doi":"10.1109/TCAD.2024.3444705","DOIUrl":null,"url":null,"abstract":"Internet of Things (IoT) messaging protocols play an important role in facilitating communications between users and IoT devices. Mainstream IoT platforms employ brokers, server-side implementations of IoT messaging protocols, to enable and mediate this user-device communication. Due to the complex nature of managing communications among devices with diverse roles and functionalities, comprehensive testing of the protocol brokers necessitates collaborative parallel fuzzing. However, being unaware of the relationship between test packets generated by different parties, existing parallel fuzzing methods fail to explore the brokers’ diverse processing logic effectively. This article introduces MPF\n<sc>uzz\n, a parallel fuzzing tool designed to secure IoT messaging protocols through collaborative packet generation. The approach leverages the critical role of certain fields within IoT messaging protocols that specify the logic for message forwarding and processing by protocol brokers. MPF\n<sc>uzz\n employs an information synchronization mechanism to synchronize these key fields across different fuzzing instances and introduces a semantic-aware refinement module that optimizes generated test packets by utilizing the shared information and field semantics. This strategy facilitates a collaborative refinement of test packets across otherwise isolated fuzzing instances, thereby boosting the efficiency of parallel fuzzing. We evaluated MPF\n<sc>uzz\n on six widely used IoT messaging protocol implementations. Compared to two state-of-the-art protocol fuzzers with parallel capabilities, Peach and AFLNet, as well as two representative parallel fuzzers, SPFuzz and AFLTeam, MPF\n<sc>uzz\n achieves (6.1%, \n<inline-formula> <tex-math>$174.5\\times $ </tex-math></inline-formula>\n), (20.2%, \n<inline-formula> <tex-math>$607.2\\times $ </tex-math></inline-formula>\n), (1.9%, \n<inline-formula> <tex-math>$4.1\\times $ </tex-math></inline-formula>\n), and (17.4%, \n<inline-formula> <tex-math>$570.2\\times $ </tex-math></inline-formula>\n) higher branch coverage and fuzzing speed under the same computing resource. Furthermore, MPF\n<sc>uzz\n exposed seven previously unknown vulnerabilities in these extensively tested projects, all of which have been assigned with CVE identifiers.","PeriodicalId":13251,"journal":{"name":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","volume":"43 11","pages":"3431-3442"},"PeriodicalIF":2.7000,"publicationDate":"2024-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Parallel Fuzzing of IoT Messaging Protocols Through Collaborative Packet Generation\",\"authors\":\"Zhengxiong Luo;Junze Yu;Qingpeng Du;Yanyang Zhao;Feifan Wu;Heyuan Shi;Wanli Chang;Yu Jiang\",\"doi\":\"10.1109/TCAD.2024.3444705\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Internet of Things (IoT) messaging protocols play an important role in facilitating communications between users and IoT devices. Mainstream IoT platforms employ brokers, server-side implementations of IoT messaging protocols, to enable and mediate this user-device communication. Due to the complex nature of managing communications among devices with diverse roles and functionalities, comprehensive testing of the protocol brokers necessitates collaborative parallel fuzzing. However, being unaware of the relationship between test packets generated by different parties, existing parallel fuzzing methods fail to explore the brokers’ diverse processing logic effectively. This article introduces MPF\\n<sc>uzz\\n, a parallel fuzzing tool designed to secure IoT messaging protocols through collaborative packet generation. The approach leverages the critical role of certain fields within IoT messaging protocols that specify the logic for message forwarding and processing by protocol brokers. MPF\\n<sc>uzz\\n employs an information synchronization mechanism to synchronize these key fields across different fuzzing instances and introduces a semantic-aware refinement module that optimizes generated test packets by utilizing the shared information and field semantics. This strategy facilitates a collaborative refinement of test packets across otherwise isolated fuzzing instances, thereby boosting the efficiency of parallel fuzzing. We evaluated MPF\\n<sc>uzz\\n on six widely used IoT messaging protocol implementations. Compared to two state-of-the-art protocol fuzzers with parallel capabilities, Peach and AFLNet, as well as two representative parallel fuzzers, SPFuzz and AFLTeam, MPF\\n<sc>uzz\\n achieves (6.1%, \\n<inline-formula> <tex-math>$174.5\\\\times $ </tex-math></inline-formula>\\n), (20.2%, \\n<inline-formula> <tex-math>$607.2\\\\times $ </tex-math></inline-formula>\\n), (1.9%, \\n<inline-formula> <tex-math>$4.1\\\\times $ </tex-math></inline-formula>\\n), and (17.4%, \\n<inline-formula> <tex-math>$570.2\\\\times $ </tex-math></inline-formula>\\n) higher branch coverage and fuzzing speed under the same computing resource. Furthermore, MPF\\n<sc>uzz\\n exposed seven previously unknown vulnerabilities in these extensively tested projects, all of which have been assigned with CVE identifiers.\",\"PeriodicalId\":13251,\"journal\":{\"name\":\"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems\",\"volume\":\"43 11\",\"pages\":\"3431-3442\"},\"PeriodicalIF\":2.7000,\"publicationDate\":\"2024-11-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10745793/\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10745793/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

摘要

物联网（IoT）消息传输协议在促进用户与物联网设备之间的通信方面发挥着重要作用。主流物联网平台采用物联网消息传输协议的服务器端实施--代理，来实现和调解这种用户与设备之间的通信。由于管理具有不同角色和功能的设备间通信的复杂性，对协议代理进行全面测试需要进行协同并行模糊测试。然而，由于不了解各方生成的测试数据包之间的关系，现有的并行模糊方法无法有效探索协议代理的不同处理逻辑。本文介绍的 MPFuzz 是一种并行模糊工具，旨在通过协作生成数据包来确保物联网消息协议的安全。该方法利用了物联网消息传输协议中某些字段的关键作用，这些字段指定了协议代理的消息转发和处理逻辑。MPFuzz 采用信息同步机制，在不同的模糊实例中同步这些关键字段，并引入语义感知细化模块，利用共享信息和字段语义优化生成的测试数据包。这种策略有助于在原本孤立的模糊实例之间协同完善测试数据包，从而提高并行模糊处理的效率。我们在六种广泛使用的物联网消息协议实现上对 MPFuzz 进行了评估。与两款具有并行能力的一流协议模糊器Peach和AFLNet，以及两款具有代表性的并行模糊器SPFuzz和AFLTeam相比，MPFuzz在相同计算资源下的分支覆盖率和模糊速度分别提高了（6.1%，174.5美元/次）、（20.2%，607.2美元/次）、（1.9%，4.1美元/次）和（17.4%，570.2美元/次）。此外，MPFuzz 在这些广泛测试的项目中暴露了 7 个以前未知的漏洞，所有这些漏洞都已分配了 CVE 标识符。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Parallel Fuzzing of IoT Messaging Protocols Through Collaborative Packet Generation

Internet of Things (IoT) messaging protocols play an important role in facilitating communications between users and IoT devices. Mainstream IoT platforms employ brokers, server-side implementations of IoT messaging protocols, to enable and mediate this user-device communication. Due to the complex nature of managing communications among devices with diverse roles and functionalities, comprehensive testing of the protocol brokers necessitates collaborative parallel fuzzing. However, being unaware of the relationship between test packets generated by different parties, existing parallel fuzzing methods fail to explore the brokers’ diverse processing logic effectively. This article introduces MPF uzz , a parallel fuzzing tool designed to secure IoT messaging protocols through collaborative packet generation. The approach leverages the critical role of certain fields within IoT messaging protocols that specify the logic for message forwarding and processing by protocol brokers. MPF uzz employs an information synchronization mechanism to synchronize these key fields across different fuzzing instances and introduces a semantic-aware refinement module that optimizes generated test packets by utilizing the shared information and field semantics. This strategy facilitates a collaborative refinement of test packets across otherwise isolated fuzzing instances, thereby boosting the efficiency of parallel fuzzing. We evaluated MPF uzz on six widely used IoT messaging protocol implementations. Compared to two state-of-the-art protocol fuzzers with parallel capabilities, Peach and AFLNet, as well as two representative parallel fuzzers, SPFuzz and AFLTeam, MPF uzz achieves (6.1%,

$174.5\times $

), (20.2%,

$607.2\times $

), (1.9%,

$4.1\times $

), and (17.4%,

$570.2\times $

) higher branch coverage and fuzzing speed under the same computing resource. Furthermore, MPF uzz exposed seven previously unknown vulnerabilities in these extensively tested projects, all of which have been assigned with CVE identifiers.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 工程技术-工程：电子与电气

CiteScore

5.60

自引率

13.80%

发文量

500

审稿时长

7 months

期刊介绍： The purpose of this Transactions is to publish papers of interest to individuals in the area of computer-aided design of integrated circuits and systems composed of analog, digital, mixed-signal, optical, or microwave components. The aids include methods, models, algorithms, and man-machine interfaces for system-level, physical and logical design including: planning, synthesis, partitioning, modeling, simulation, layout, verification, testing, hardware-software co-design and documentation of integrated circuit and system designs of all complexities. Design tools and techniques for evaluating and designing integrated circuits and systems for metrics such as performance, power, reliability, testability, and security are a focus.