CN106412067B - Data hierarchy generation method based on industry control agreement fuzz testing - Google Patents
Data hierarchy generation method based on industry control agreement fuzz testing Download PDFInfo
- Publication number
- CN106412067B CN106412067B CN201610872299.9A CN201610872299A CN106412067B CN 106412067 B CN106412067 B CN 106412067B CN 201610872299 A CN201610872299 A CN 201610872299A CN 106412067 B CN106412067 B CN 106412067B
- Authority
- CN
- China
- Prior art keywords
- data
- configuration file
- script configuration
- fuzz testing
- industry control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/18—Protocol analysers
Abstract
The invention discloses the data hierarchy generation methods based on industry control agreement fuzz testing, the following steps are included: 1. carry out data hierarchy according to network protocol or business demand;2. loading the script configuration file of each level respectively;3. parsing script configuration file, and generate the variable of different types of data;4. sequentially generating fuzz testing data from low to high sequence according to the level of script configuration file;5. splicing the data that all levels generate forms a complete data packet;6. a packaged data packet is sent to equipment under test.The invention has the advantages that agreement resolves into multilayer, the complexity of protocol data generation is reduced;Every layer of protocol data can correspond to multiple script configuration files, provide support for the diversity of data;Script configuration file can be optionally combined, and can satisfy more business demands without duplicate workload;Be conducive to the accumulation of fuzz testing database.
Description
Technical field
The present invention relates to the data hierarchy generation methods based on industry control agreement fuzz testing, belong to industrial control technology neck
Domain.
Background technique
Currently, with the continuous mixing together of industrialization and IT application process, more and more information technology applications are arrived
Industrial circle.At the same time, since general software and hardware and the network facilities, and and business administration is widely used in industrial control system
Information system integrates, and causes industrial control system more and more open, and and corporate intranet, even produced with internet
Data exchange.So opening industry control bug excavation for industrial control equipment.For example, application No. is the special of CN99804465.2
It includes the data source that several can send data item that benefit, which discloses a kind of data distributing system, and can be from several data sources
Receiving data item and the data selling that received data item is sold to user.Data selling includes by user
The data selection means of data item needed for operation selects;It is selected to save data selection from several data sources according to specific criteria
The data source capability device of that data source of data item selected by device;It is connected with data source capability device, receives number
According to the data sink of data item selected by the selection device of source;It is removably mounted on above, will count with external memory device
According to the data update apparatus of the received data item write-in external memory device of reception device.
For example, disclose a kind of data line application No. is the patent of CN201080054629.4, including line main body and with
The interface of its both ends connection, the line main body include: first layer pipe, and outer surface is equipped with a card and puts device, and the card puts device
A pair of of snap-gauge group relative to each other including the circumferencial direction setting along the first layer pipe;Spring is coaxially set in institute
It states in first layer pipe, and separated by a distance, spongy layer, the spongy layer is filled between the spring and the first layer pipe
In be uniformly embedded with multiple inside in hollow ball;Second layer pipe is coaxially set in the spring;Multiple core wires,
It is located in the second layer pipe;The present invention puts device by being equipped at intervals with a card on data line surface, and data line is rolled over
Stacked coiling, then will be located at data line and gradually block and be placed on card and put in device, to which after all blocking and putting, strip data line is formed
Rugosity.For example, application No. is the patents of CN200810216084.7 to disclose composition and the behaviour of a hand-held data input device
Make mode.It is to be divided to two groups of integrated input modules on the not ipsilateral of handheld device, wherein first group is located at the inside or interior of equipment
Thumb manipulation is specialized in upside;Second group is located at the outside of equipment, specializes in the operation of four fingers.Two input groups are made by the cooperating of the five fingers
Each component in part completes required movement.Required movement transformation is independent electric signal output again, to complete basic data shifting
Frequent batch input in dynamic.Data hand has abandoned the plane space distribution of key, and it is valuable just to have vacateed modern handsets
Face area;It has played four other than thumb and has referred to function, liberated another hand.It can allow user more quickly hand-held
It is completed in equipment frequently, complicated, batch information input.
For example, disclose a kind of data card application No. is the patent of CN201010231735.7, including master chip, switch and
Input/output interface.Input/output interface receives voltage signal and control signal from host, and by voltage signal and controls signal
It is sent to switch.When the control signal is high level signal, switch conduction, voltage signal is transferred into main core via switch
Piece causes master chip to enable general series buss function.When controlling signal is low level signal, switch is disconnected, and master chip is not
It can be powered, master chip is caused to close general series buss function.Above-mentioned data card is led by control Signal-controlled switch
On-off is opened, and then is controlled master chip and enabled or close general series buss function.For example, application No. is
The patent of CN201310644047.7 discloses a kind of data line, including shell, USB joint, data cable connector and data cable,
Elastic rotary wheel is equipped in the shell, data cable is wound around on elastic rotary wheel, and shell both ends are respectively equipped with first interface
And second interface, data cable pass through first interface and are connected with USB joint, data cable passes through second interface and data cable connector
It is connected, the sheath body being adapted with USB joint is equipped with beside first interface, is equipped with beside second interface and is adapted with data cable connector
Sheath body.
In conclusion the technical foundation of bug excavation is fuzz testing, the fuzz testing frame increased income at present have very much, than
If the Test data generation of sully, peach, traditional Open Frameworks all at present all disposably generate, such life
It is as follows at the main disadvantage of mode:
1, since current most of industrial protocols are all frameworks on ICP/IP protocol stack, so disposably generating data
Mode cause the complexity of script configuration file to increase.
2, the mode for disposably generating test data is unfavorable for the reusability of data generation, both: the data generated every time
Process there are many repeated work.
3, it is unfavorable for the accumulation of fuzz testing database.
The present invention does not use the side integrally generated when carrying out Test data generation to solve above-mentioned disadvantage
Formula, but layering generation is carried out according to the layering of agreement itself, the advantage of doing so is that, the protocol data of each layer generates phase
It is mutually independent, a rule base can be formed on each level, it in this way can be as needed come next to different rules is used
Different data are generated, this maximum benefit of way is just to reduce the complexity of different layer data create-rules.
For example, if data are divided into 5 layers, every layer of gauge if is 10,9,8,7,6 respectively, then according to traditional data
Generating mode, the script configuration file for needing to generate are 10*9*8*7*6=30240, if needed by the way of layering
Script configuration file is 10+9+8+7+6=40.It can be seen that being answered using the mode that is divided into and not stratified mode what data generated
Difference on miscellaneous degree is very big.
Summary of the invention
The purpose of the present invention is to provide one kind can overcome above-mentioned technical problem based on industry control agreement fuzz testing
Data hierarchy generation method is used it is an object of the invention to provide a kind of mode that effective solution fuzz testing data generate
Come to agreement carry out layered shaping so that the generation of protocol data have it is reusable, facilitate the accumulation of test database.Number
It is layered according to can be layered according to network protocol, or by the customized mode of user, one script of every layer of generation
Configuration file, the present invention can generate different fuzz testing data by the combination of script configuration file.
Data hierarchy generation method based on industry control agreement fuzz testing of the invention the following steps are included:
(1) data hierarchy is carried out according to network protocol or business demand.
(2) the script configuration file of each level is loaded respectively.
(3) script configuration file is parsed, and generates the variable of different types of data.
(4) according to the level of script configuration file, fuzz testing data are sequentially generated from low to high sequence.
(5) splice the data that all levels generate and form a complete data packet.
(6) packaged data packet is sent to equipment under test.
The invention has the advantages that
1, agreement resolves into multilayer, reduces the complexity of protocol data generation.
2, every layer of protocol data can correspond to multiple script configuration files, provide support for the diversity of data.
3, script configuration file can be optionally combined, and can satisfy more business demands without duplicate work
It measures.
4, be conducive to the accumulation of fuzz testing database.
Detailed description of the invention
Fig. 1 is the flow diagram of the data hierarchy generation method of the present invention based on industry control agreement fuzz testing;
Fig. 2 is osi model schematic diagram.
Specific embodiment
Embodiments of the present invention are described in detail with reference to the accompanying drawing.As shown in Figure 1,
Data hierarchy generation method based on industry control agreement fuzz testing of the invention the following steps are included:
(1) data hierarchy is carried out according to network protocol or business demand.
(2) the script configuration file of each level is loaded respectively.
(3) script configuration file is parsed, and generates the variable of different types of data.
(4) according to the level of script configuration file, fuzz testing data are sequentially generated from low to high sequence.
(5) splice the data that all levels generate and form a complete data packet.
(6) packaged data packet is sent to equipment under test.
Since ModbusTCP agreement is a kind of industry control agreement constructed on ICP/IP protocol, so being assisted to ModbusTCP
The data of the fuzz testing of view generate must be including the support of ICP/IP protocol stack;Below to this by taking ModbusTCP agreement as an example
Invention is described in detail.
Osi model schematic diagram as shown in Figure 2, according to OSI seven layer model carry out layering can be divided into data link layer,
Network layer, transport layer, session layer, expression layer, physical layer and application layer.When practical application can according to concrete condition into
Row layering.
Data hierarchy generation method based on industry control agreement fuzz testing of the invention the following steps are included:
(1) data are layered, according to OSI seven layer model, can ModbusTCP protocol hierarchy data link layer,
Network layer, transport layer, physical layer and application layer.
(2) the script configuration file for carrying out fuzz testing to each layer is write.
(3) script configuration file is loaded into fuzz testing frame.
(4) parsing script configuration file generates different types of variable.
(5) generation of data is carried out to each layer of script configuration file from low to high.
(6) data for splicing each layer form a complete data packet.
(7) data packet is sent.
Data hierarchy generation method based on industry control agreement fuzz testing of the invention is not limited only to such layering, additionally it is possible to
It is flexibly layered according to specific business, such as application layer protocol can be divided into several levels to describe to reduce script respectively
The complexity of configuration file and the reusability for improving script configuration file.
The present invention can be flexibly layered according to different application scenarios, such as mobile agent server protocol belongs to application layer protocol, still
Mobile agent server protocol itself has divided several levels again, and such layering can equally carry out layered shaping with the method for this patent, thus
Can be more flexible when generating the test packet of mobile agent server protocol, and workload can be compressed significantly.
The above description is merely a specific embodiment, but scope of protection of the present invention is not limited thereto, any
In range disclosed by the invention, the change or replacement that can be readily occurred in should all be contained those familiar with the art
Lid is within the scope of the invention as claimed.
Claims (4)
1. the data hierarchy generation method based on industry control agreement fuzz testing, which is characterized in that layered shaping is carried out to agreement, into
And make the generation of protocol data that there is the reusable accumulation to facilitate test database;Data can be carried out according to network protocol
Layering, one script configuration file of every layer of generation generate different fuzz testing data by the combination of script configuration file,
The method includes steps in detail below:
(1) data hierarchy is carried out according to network protocol or business demand;
(2) the script configuration file of each level is loaded respectively;
(3) script configuration file is parsed, and generates the variable of different types of data;
(4) according to the level of script configuration file, fuzz testing data are sequentially generated from low to high sequence;
(5) splice the data that all levels generate and form a complete data packet;
(6) packaged data packet is sent to equipment under test.
2. the data hierarchy generation method according to claim 1 based on industry control agreement fuzz testing, which is characterized in that number
According to can also be layered by the customized mode of user.
3. the data hierarchy generation method according to claim 1 based on industry control agreement fuzz testing, which is characterized in that every
The protocol data of layer can correspond to multiple script configuration files.
4. the data hierarchy generation method according to claim 1 based on industry control agreement fuzz testing, which is characterized in that institute
Stating script configuration file can be optionally combined.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610872299.9A CN106412067B (en) | 2016-09-30 | 2016-09-30 | Data hierarchy generation method based on industry control agreement fuzz testing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610872299.9A CN106412067B (en) | 2016-09-30 | 2016-09-30 | Data hierarchy generation method based on industry control agreement fuzz testing |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106412067A CN106412067A (en) | 2017-02-15 |
CN106412067B true CN106412067B (en) | 2019-02-15 |
Family
ID=59229266
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610872299.9A Active CN106412067B (en) | 2016-09-30 | 2016-09-30 | Data hierarchy generation method based on industry control agreement fuzz testing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106412067B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107835102B (en) * | 2017-10-19 | 2021-02-09 | 北京威努特技术有限公司 | Method for decomposing protocol characteristics and decomposing fuzzy test |
CN109104335A (en) * | 2018-08-27 | 2018-12-28 | 广东电网有限责任公司 | A kind of industrial control equipment network attack test method and system |
CN110505111B (en) * | 2019-07-09 | 2020-12-01 | 杭州电子科技大学 | Industrial control protocol fuzzy test method based on flow playback |
CN112449151B (en) * | 2019-09-05 | 2023-04-14 | 中移物联网有限公司 | Data generation method, device and computer readable storage medium |
CN112579248A (en) * | 2019-09-27 | 2021-03-30 | 北京国双科技有限公司 | Data generation method and device |
CN110825630B (en) * | 2019-10-31 | 2023-04-21 | 浙江国利信安科技有限公司 | Vulnerability mining method and device |
CN113872919B (en) * | 2020-06-30 | 2022-11-22 | 华为技术有限公司 | Vulnerability scanning method and device |
CN112395209A (en) * | 2021-01-21 | 2021-02-23 | 博智安全科技股份有限公司 | Industrial control protocol fuzzy test case generation method, device, equipment and storage medium |
CN112948235B (en) * | 2021-01-28 | 2024-03-22 | 维沃移动通信有限公司 | Data packet generation method and device and electronic equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103164331A (en) * | 2011-12-15 | 2013-06-19 | 阿里巴巴集团控股有限公司 | Vulnerability detecting method and device of application program |
CN103492890A (en) * | 2011-03-09 | 2014-01-01 | 英特尔公司 | A functional fabric based test wrapper for circuit testing of ip blocks |
CN104142888A (en) * | 2014-07-14 | 2014-11-12 | 北京理工大学 | Regularization state machine model design method with stateful protocol |
CN104320312A (en) * | 2014-11-20 | 2015-01-28 | 国家电网公司 | Network application safety test tool and fuzz test case generation method and system |
-
2016
- 2016-09-30 CN CN201610872299.9A patent/CN106412067B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103492890A (en) * | 2011-03-09 | 2014-01-01 | 英特尔公司 | A functional fabric based test wrapper for circuit testing of ip blocks |
CN103164331A (en) * | 2011-12-15 | 2013-06-19 | 阿里巴巴集团控股有限公司 | Vulnerability detecting method and device of application program |
CN104142888A (en) * | 2014-07-14 | 2014-11-12 | 北京理工大学 | Regularization state machine model design method with stateful protocol |
CN104320312A (en) * | 2014-11-20 | 2015-01-28 | 国家电网公司 | Network application safety test tool and fuzz test case generation method and system |
Non-Patent Citations (2)
Title |
---|
基于fuzzing测试的工业控制协议漏洞挖掘技术研究;李航,等;《电子技术应用》;20160731;第42卷(第7期);第79~82页 |
基于协议分析与模糊测试的SIP漏洞挖掘研究;李进东,等;《计算机工程》;20160831;第42卷(第8期);第117~122页 |
Also Published As
Publication number | Publication date |
---|---|
CN106412067A (en) | 2017-02-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106412067B (en) | Data hierarchy generation method based on industry control agreement fuzz testing | |
CN106374439B (en) | Software definition implementation method based on intelligent substation Protection control system | |
CN105264930B (en) | Sending node and its reporting cached state method | |
CN104580158B (en) | A kind of distributed platform file and content distribution method and system | |
CN107276722A (en) | A kind of data transmission method and system based on UDP | |
AU2002311565A1 (en) | Load balancing devices and method therefor | |
EP1271412A3 (en) | Collaborative design | |
CN106878194A (en) | A kind of message processing method and device | |
CN107247629A (en) | Cloud computing system and cloud computing method and device for controlling server | |
CN109471706A (en) | A kind of response method and system of testing test | |
CN107770786A (en) | A kind of method of testing of network performance, equipment and system | |
CN108418752B (en) | A kind of creation method and device of aggregation group | |
CN108712320A (en) | Information push method and device | |
CN104811403B (en) | Group list processing method, apparatus and group table configuration unit based on open flows | |
CN111464352A (en) | Call link data processing method and device | |
CN107547346A (en) | A kind of message transmitting method and device | |
CN105897537A (en) | Battery management system full-vehicle communication protocol configuration method and system | |
CN109348434A (en) | A kind of sending method of scene information, sending device and terminal device | |
CN107229628A (en) | The method and device of distributed data base pretreatment | |
CN101986282A (en) | Topological adaptation method and device | |
CN109511104A (en) | Data transmission set, system, method | |
CN109445973A (en) | Position the method and device of application crash | |
CN107222296A (en) | Method, terminal device and the computer-readable recording medium of information transfer | |
CN106951646A (en) | Multi tate interface method and device in a kind of power system real-time simulation | |
CN109857533A (en) | A kind of timed task dispatching method, device and intelligent terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |