| 网络协议的自动化模糊测试漏洞挖掘方法 |
| |
| 引用本文: | 李伟明,张爱芳,刘建财,李之棠.网络协议的自动化模糊测试漏洞挖掘方法[J].计算机学报,2011,34(2):242-255. |
| |
| 作者姓名: | 李伟明 张爱芳 刘建财 李之棠 |
| |
| 作者单位: | 华中科技大学计算机学院,武汉,430074 |
| |
| 基金项目: | 国家自然科学基金(60573120)资助 |
| |
| 摘 要: | 随着网络应用越来越复杂和重要,对网络协议的安全性要求也越来越高.模糊测试(Fuzz Testing)作为一种重要的测试手段,通过大量数据的注入来测试网络协议的安全,能够发现拒绝服务、缓冲区溢出和格式化字符串等多种重要漏洞.但是手工进行Fuzz Testing需要精确了解网络协议细节并需要繁重的工作来构造大量测试数据集,...
|
| 关 键 词: | 协议逆向工程 模糊测试 漏洞挖掘 |
An Automatic Network Protocol Fuzz Testing and Vulnerability Discovering Method |
| |
| LI Wei-Ming,ZHANG Ai-Fang,LIU Jian-Cai,LI Zhi-Tang.An Automatic Network Protocol Fuzz Testing and Vulnerability Discovering Method[J].Chinese Journal of Computers,2011,34(2):242-255. |
| |
| Authors: | LI Wei-Ming ZHANG Ai-Fang LIU Jian-Cai LI Zhi-Tang |
| |
| Affiliation: | LI Wei-Ming ZHANG Ai-Fang LIU Jian-Cai LI Zhi-Tang(School of Computer Science,Huazhong University of Science and Technology,Wuhan 430074) |
| |
| Abstract: | Along with the increasing complexity of the network application,network protocol security is now become more and more important.Fuzz Testing often is used to discover DoS,buffer overflow,format string and other kinds of serious vulnerabilities of network protocols.But manually Fuzz Testing is very low effective and need adequate detail information about the protocols.The paper presents an automatic vulnerability discovering method which combines automatic Protocol Reverse Engineering technology and Fuzz Tes... |
| |
| Keywords: | protocol reverse engineering fuzz testing vulnerability discovering |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
