Fuzzing test data generation based on message matrix perturbation with keyword reference

摘要

Network protocol fuzzing tries to test the robustness of a protocol implementation through exploring the infinite amount of possible anomalous inputs to find the tests that cause invalid behaviors. Therefore, protocol fuzzing is regarded as security testing, since it is essential to prove robustness in networks. Although many good practices have been done to improve protocol fuzzing, problems in automated test case generation are still unsolved. Traditional methods using formal language and protocol specification have evident defects, especially in close networks. In order to provide useful references for test data generation, protocol reverse engineering becomes a suitable solution. But approaches adopted during the last decades cost much in computational complexity and time consumption. To break through these limitations, this paper proposes a novel message matrix perturbing mode to generate test case through data mutation for application layer protocol. It is established on the basis of the mapping relationship according to ASCII code. After the conversion from a protocol message to an integer matrix, meta-perturbations can be conducted to generate test data in all syntax levels, which preserves the flexibility in complex mutating combinations. Additionally, a new statistical keyword extracting technique with priority recursive splitting pattern is introduced to provide useful information for intelligent data mutation. Finally, we evaluate the method on HTTP request message. With the transformed message matrix and corresponding keyword reference, test cases examples for protocol fuzzing are generated through perturbing process with the combination of meta-operations. Fairly good outcomes are achieved which illustrate the feasibility and efficiency of the work in this paper.