CN104517056A - Method for extending Peach platform and testing multiple network message fields - Google Patents
Method for extending Peach platform and testing multiple network message fields Download PDFInfo
- Publication number
- CN104517056A CN104517056A CN201410748856.7A CN201410748856A CN104517056A CN 104517056 A CN104517056 A CN 104517056A CN 201410748856 A CN201410748856 A CN 201410748856A CN 104517056 A CN104517056 A CN 104517056A
- Authority
- CN
- China
- Prior art keywords
- test
- peach
- strategy
- field
- fields
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/18—Protocol analysers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
Abstract
The invention discloses a method for extending a Peach platform and testing multiple network message fields. The method comprises the following steps: cancelling the limit of original Peach which at most five fields are tested at the same time; presenting the progressive field combined test method, namely testing one field, two fields..., n-1 fields, and n fields at the same time; in allusion to the conflict of large number of test cases and limited test time generated in the combination process, namely the problem of 'combination explosion', permitting the tester to execute the lt in the PitFile; executing the Strategy and gt; setting different levels of test cast generating conditions in the label, effectively limiting the generation numbers, generating the test cast with more pertinency, and greatly improving the test efficiency of protocol safety specialist. For the safety specialist familiar with the Peach platform, the method is simple and effective, and is convenient to operate.
Description
Technical field
The present invention relates to field of computer technology, refer to the protocol testing method in network safety filed especially.
Background technology
Network security problem has caused the pay abundant attention of people at present, and agreement robustness testing is the effective measures ensureing network entity quality.As how minimum expense finds to be hidden in the important research direction that defect potential in network entity is network safety filed.At present, the research emphasis of most of testing tool and method is type and the content of injection attacks data in message field (MFLD), and can only test a field at every turn, and less to the research testing multiple network message field method simultaneously.
In network robustness field tests, have many moneys testing tool or platform, such as Scapi, AppScan, Nessus, Spike and Peach etc., but respective advantage is slightly different.Wherein, Scapi tests underlying protocol; AppScan scans Web service; Nessus regression test known bugs; Although Spike possesses the ability of discovery " 0-day " leak, its code logic, together with test data tight coupling, is not easy expansion; Peach is most active community in current protocol test field, and its achievement is used for the original function strengthening Peach by a lot of researchist.
Although the Random strategy of Peach supports the function of testing multiple message field (MFLD) to there is a few place not enough: 1) test 5 message field (MFLD)s at most simultaneously simultaneously; 2) random selecting test field, Mutator and Fault, with very strong blindness; 3) produce unlimited many test cases, and may repeat between test case, test process is systematization not only, and must artificially stop.When above defect causes security expert to carry out multi-field test based on Peach, not only have certain limitation, and have very strong blindness, testing efficiency is lower.
Starting point of the present invention is the function of expansion Peach multi-field test, namely on original Random policy grounds, increases Combination strategy.This strategy has not only broken the limitation that original Random strategy can only test at most 5 message field (MFLD)s, and systematically combines test packet field, Mutator and Fault, reduce somewhat the blindness of original Peach.In addition, by arranging test case Production conditions, limiting the quantity rank that it produces, not only efficiently solving " shot array " problem producing test case, also bring certain dirigibility to multi-field test.Because Peach development is very fast, its 2.3.7 version based on Python exploitation, 3.0.202 version then based on C# exploitation, the function of PitFile and the change of meaning tag also larger, although the present invention is for 3.0.202 version, its expansion thinking is not limited to this version.
Summary of the invention
In view of this, the invention reside in a kind of method providing the Peach of expansion platform simultaneously to test multiple network message field, being Peach increases Combination strategy.This strategy, by carrying out the mechanism of system in combination to message field (MFLD), Mutator and Fault, on the basis not changing original Peach function, improves its ability in multi-field test.In addition, in order to process " shot array " problem and the contradiction of limit test time that produce and bring in test case process, the present invention is by arranging the mode of Test cases technology condition, test case more targetedly can not only be produced, and significantly reduce the quantity rank of test case.
For solving the problem, the invention provides a kind of method that multiple network message field tested by the Peach of expansion platform simultaneously, it is characterized in that, comprising: the implementation method being provided for expanding Peach strategy; The detailed realization mechanism discussing generation combined test use-case; Resolve the parameters in <Strategy> in PitFile, obtain test case Production conditions and it acts on the mechanism that test case produces.
Security expert is according to the factor such as content measurement and test duration, select Test cases technology rule neatly, thus systematically generation has different stage test case targetedly, decreases limitation and blindness that original Peach carries out multi-field test, improves testing efficiency.
Suppose to test the field of the n in network message, the default set hop algorithm of newly-increased Combination strategy, namely in <Strategy>, combination_policy variate-value is default, the course of work, (process flow diagram is as shown in Figure 1) as described below:
(1) number of each test field is traveled through from 1, namely test at every turn 1 field, 2 field ... n-1 field, a n field.
(2) determining, in tested word hop count object situation, to select concrete test field by combinational algorithm.Specifically, suppose currently to test m (1≤m≤n) individual field, then it is right to need
the situation of kind travels through.
(3) after determining test field, combination traversal is carried out, described in being implemented as follows to Mutator and Fault of each field:
(3.1) linearization process is carried out to the Fault in multiple Mutator corresponding to each field, if the Fault that i-th field is chosen is F successively
i, 1, F
i, 2... F
i, size (i).Wherein, size (i) represents the Fault number that i-th field can be chosen.
(3.2) if combination_policy variate-value is default in <Strategy>, then selected test field and Fault are similar to the combination operation of the acquiescence of counter, namely generate following test case:
(3.3) if combination_policy variate-value is simple in <Strategy>, then combinations thereof process is simplified, produces following test case:
(4) test case selected is injected corresponding message field (MFLD), carry out fuzz testing.
The method of adding self-defined strategy for Peach is:
(1) in Peach.Core.Analyzers.PitParser.cs file, pass through test.strategy=handlePlugin<MutationStrategy, MutationStrategyAttribute> (child, null, false); Method creates the policy object called.
(2) increase Peach.Core.MutationStrategies.Combination.cs file, for realizing Combination class, this Similar integral is from MutationStrategy class.
(3) in the constructed fuction of Combination class, the analytical capabilities to <Strategy> parameter in PitFile is realized.
(4) in Combination class, GatherMutator method is rewritten, for recording the Mutators that each test field adopts.
(5) in Combination class, realize DefaultCombination and Simple Combination method respectively, these two methods realize acquiescence array mode respectively and simplify array mode, and called in GatherMutator method.
Start Combination strategy when carrying out protocol test, Peach is by Test cases technology mechanism as described above and the fuzz testing carrying out based on multi-field to target device according to Test cases technology condition.
Present invention, avoiding restriction and the blindness of Peach itself, make full use of combinational algorithm and system testing is carried out to target device, improve the efficiency of multi-field test.In addition, " shot array " problem produced for avoiding combinational algorithm, can reduce the quantity rank producing test case effectively by restrictive condition, generate and have different stage test case targetedly, makes test process more flexible, is convenient to implementation and operation.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide a further understanding of the present invention, forms a application's part, and illustrative example of the present invention and explanation thereof, for explaining the present invention, do not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 this method process flow diagram
Embodiment
For clearly demonstrating technical scheme of the present invention, edit basic PitFile herein as follows for testing http protocol.PitFile form is as follows:
According to generating test use case order from more to less, typical scene is described.
Scene 1: configure Strategy as follows strategy:
Now, Combination strategy can be chosen 1 ~ 8 field successively and carries out combined test.During elected location survey examination field number, select concrete field according to combinational algorithm.After determining concrete field, produce corresponding combined test use-case according to above-described default pattern.
Scene 2: configure Strategy as follows strategy:
With scene 1 unlike, this scene after determining concrete field, produce corresponding combined test use-case according to above-described simple pattern.
Scene 3: configure Strategy as follows strategy:
With scene 2 unlike, this scene is chosen 5 ~ 8 fields successively and is carried out combined test, and does not have 1 ~ 4 field to carry out the test case combined.
Scene 4: configure Strategy as follows strategy:
Can to fixing field unlike, this scene with scene 3, i.e. field1, field3, field4, field7, produces corresponding test case according to simple pattern.
In addition, the combination of other modes can also be carried out parameter, such as, determine minimum combination field number, and according to default schema creation test case etc., not repeat them here other situations.
For method set forth in the present invention, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (5)
1. expand the method that multiple network message field tested by Peach platform simultaneously, it is characterized in that, comprising: break the restriction that Peach itself can only test at most 5 message field (MFLD)s simultaneously; Propose multi-field combined test strategy incrementally, namely test 1 field, 2 fields simultaneously ... n-1 field, a n field; Be described as the implementation method that Peach increases self-defined strategy; Describe in detail create-rule and the implementation method of combined test use-case.
For the problem producing a large amount of test case and limit test time inconsistency in anabolic process, by arranging the mode of Test cases technology condition in the <Strategy> label in PitFile file, not only can produce test case more targetedly, and also limit the quantity rank of test case.
2. method according to claim 1, it is characterized in that, also comprise: if the optimum configurations in <Strategy> label is undesirable, then Combination strategy can provide corresponding miscue and error reason.
3. method according to claim 1, it is characterized in that, also comprise: the method for expansion Peach Test Strategy, namely on original RandomDeterministic, Sequential and Random policy grounds, the self-defining Combination strategy of newly-increased the present invention.
4. method according to claim 1, it is characterized in that, also comprise: the basic ideas of Combination strategy are not limited to the 3.0.202 version of Peach (C# language realization), be suitable for 2.3.7 version (Python realization), namely the method does not rely on the language realizing Peach yet.
5. method according to claim 1, it is characterized in that, also comprise: in <Strategy> label, the name of variable and form of presentation are not limited to form described in the invention, as long as can express information described in the invention.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410748856.7A CN104517056A (en) | 2014-12-09 | 2014-12-09 | Method for extending Peach platform and testing multiple network message fields |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410748856.7A CN104517056A (en) | 2014-12-09 | 2014-12-09 | Method for extending Peach platform and testing multiple network message fields |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104517056A true CN104517056A (en) | 2015-04-15 |
Family
ID=52792342
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410748856.7A Pending CN104517056A (en) | 2014-12-09 | 2014-12-09 | Method for extending Peach platform and testing multiple network message fields |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104517056A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108304591A (en) * | 2018-03-16 | 2018-07-20 | 深圳市买买提信息科技有限公司 | A kind of method for customizing of label, system and terminal device |
| CN111385164A (en) * | 2018-12-29 | 2020-07-07 | 江苏迪纳数字科技股份有限公司 | Communication protocol gateway function test method for actively reporting multi-protocol free combination message |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388807A (en) * | 2008-05-22 | 2009-03-18 | 清华大学 | Protocol robustness test generation method based on packet mutation |
| CN102243608A (en) * | 2010-05-13 | 2011-11-16 | 方兴 | Software security test method based on global data structure description |
| CN103324573A (en) * | 2013-07-02 | 2013-09-25 | 北京邮电大学 | PEACH platform extension method for GUI-based protocol state machine modeling |
| CN103346928A (en) * | 2013-07-02 | 2013-10-09 | 北京邮电大学 | Method for supporting breakpoint continuous test of Peach platform |
-
2014
- 2014-12-09 CN CN201410748856.7A patent/CN104517056A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101388807A (en) * | 2008-05-22 | 2009-03-18 | 清华大学 | Protocol robustness test generation method based on packet mutation |
| CN102243608A (en) * | 2010-05-13 | 2011-11-16 | 方兴 | Software security test method based on global data structure description |
| CN103324573A (en) * | 2013-07-02 | 2013-09-25 | 北京邮电大学 | PEACH platform extension method for GUI-based protocol state machine modeling |
| CN103346928A (en) * | 2013-07-02 | 2013-10-09 | 北京邮电大学 | Method for supporting breakpoint continuous test of Peach platform |
Non-Patent Citations (3)
| Title |
|---|
| DEJA VU SECURITY: "《PEACH FUZZER_Mutation Strategies》", 《HTTP://COMMUNITY.PEACHFUZZER.COM/V3/MUTATIONSTRATEGIES.HTML》 * |
| 赵丽娟: "《Fuzz安全测试技术研究》", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 * |
| 韩星: "《针对MAC层协议FUZZING测试技术的研究》", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108304591A (en) * | 2018-03-16 | 2018-07-20 | 深圳市买买提信息科技有限公司 | A kind of method for customizing of label, system and terminal device |
| CN111385164A (en) * | 2018-12-29 | 2020-07-07 | 江苏迪纳数字科技股份有限公司 | Communication protocol gateway function test method for actively reporting multi-protocol free combination message |
| CN111385164B (en) * | 2018-12-29 | 2021-11-30 | 江苏迪纳数字科技股份有限公司 | Communication protocol gateway testing method for actively reporting multi-protocol free combination message |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104142888B (en) | A kind of regularization state machine model method for designing of stateful agreement | |
| Han et al. | Fault-tolerant relay node placement in heterogeneous wireless sensor networks | |
| Vempaty et al. | Distributed inference with Byzantine data: State-of-the-art review on data falsification attacks | |
| CN106708719B (en) | Service function testing method and device | |
| Jia et al. | Impacts of malicious data on real-time price of electricity market operations | |
| Ali et al. | Towards characterizing Markov equivalence classes for directed acyclic graphs with latent variables | |
| Li et al. | CAD: command-level anomaly detection for vehicle-road collaborative charging network | |
| CN103840967A (en) | Method for locating faults in power communication network | |
| CN107689628B (en) | Power grid loop detection method | |
| CN109933535A (en) | Generation method, device and the server of test case | |
| CN103391224B (en) | Protocol hierarchy Self-adaptive method based on parallel-expansion finite state machine | |
| Andrade et al. | A biased random-key genetic algorithm for wireless backhaul network design | |
| CN104517056A (en) | Method for extending Peach platform and testing multiple network message fields | |
| Viana et al. | One step forward: Linking wireless self-organizing network validation techniques with formal testing approaches | |
| Wang et al. | Infrastructure communication sensitivity analysis of wireless sensor networks | |
| Ma et al. | Fused Gromov-Wasserstein Graph Mixup for Graph-level Classifications | |
| Dall’Asta et al. | Statistical mechanics of maximal independent sets | |
| CN101930398B (en) | Software vulnerability analysis method of variant multi-dimensional input based on Fuzzing technology | |
| Barbero et al. | Strong immersion is a well‐quasi‐ordering for semicomplete digraphs | |
| CN103188117B (en) | Information interaction server simulation testing device and method | |
| Zonouz et al. | A fuzzy Markov model for scalable reliability analysis of advanced metering infrastructure | |
| Yuan et al. | Efficient searching mechanism for trust-aware recommender systems based on scale-freeness of trust networks | |
| US20200382524A1 (en) | System and method for a secure network | |
| Li et al. | Assisting reachability verification of network configurations updates with NUV | |
| CN106294127A (en) | Object-oriented software test case generation method based on cluster |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150415 |
|
| WD01 | Invention patent application deemed withdrawn after publication |