CN113114534A - Hybrid network fuzzy test tool based on neural network - Google Patents

Hybrid network fuzzy test tool based on neural network Download PDF

Info

Publication number
CN113114534A
CN113114534A CN202110379602.2A CN202110379602A CN113114534A CN 113114534 A CN113114534 A CN 113114534A CN 202110379602 A CN202110379602 A CN 202110379602A CN 113114534 A CN113114534 A CN 113114534A
Authority
CN
China
Prior art keywords
network
data
test
fuzzy
hybrid
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110379602.2A
Other languages
Chinese (zh)
Other versions
CN113114534B (en
Inventor
苏煜程
张向宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202110379602.2A priority Critical patent/CN113114534B/en
Publication of CN113114534A publication Critical patent/CN113114534A/en
Application granted granted Critical
Publication of CN113114534B publication Critical patent/CN113114534B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/18Protocol analysers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/23Clustering techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services

Abstract

The invention discloses a hybrid network fuzzy test tool based on a neural network, which belongs to the field of network security, and the processing method comprises the following specific steps: (1) collecting and processing a data flow packet; (2) starting to execute the fuzz test; (3) starting machine learning; (4) updating a network protocol; (5) starting an auxiliary program and a network service program; (6) marking the loophole; (7) analyzing and feeding back vulnerability types; the invention can avoid modifying the fuzzy tester and the network application program, reduces the labor cost, improves the applicability, saves the manpower, material resources and financial resources, solves the problem of low coverage rate in the highly complex logic judgment program facing the network protocol in the traditional fuzzy test, reduces the state space needing traversal, and solves the problem of energy waste in the complex judgment analysis environment facing the network program.

Description

Hybrid network fuzzy test tool based on neural network
Technical Field
The invention relates to the field of network security, in particular to a hybrid network fuzzy test tool based on a neural network.
Background
A security vulnerability is a lifeline for studying security issues, and whether a penetration test is performed, new products are evaluated, or source code of critical components is audited, security vulnerabilities drive our decisions, which make us reasonably time-consuming and affect our choices over many years. In recent years, as network boundaries are increasingly blurred and new attack means are developed endlessly, the importance of software security is increasingly highlighted and is increasingly not ignored, application security tests are used as core means for guaranteeing software security, and the rapid development is naturally achieved, codes are used as basic components for constructing various applications and systems, the security problem is the root problem of software security, and along with the continuous evolution of a development mode and the change of information security trend, the large-scale, automatic and intelligent requirements are provided for the code security guarantee technology, so that the rapid, safe and automatic release of software is realized; therefore, it becomes more important to invent a hybrid network fuzzy test tool based on a neural network;
firstly, most of the existing hybrid network fuzzy test tools based on the neural network are based on manual writing or automatic generation of protocol templates by using templating, the requirement on the level of a tester is high, and generally, the labor cost is high and the applicability is not strong enough for specific protocols; therefore, a hybrid network fuzzy test tool based on a neural network is provided.
Disclosure of Invention
The invention aims to solve the defects in the prior art and provides a hybrid network fuzzy test tool based on a neural network.
In order to achieve the purpose, the invention adopts the following technical scheme:
a hybrid network fuzzy test tool based on a neural network comprises the following specific steps:
(1) collecting and processing data flow packets: collecting the data traffic packets of the existing network and carrying out clustering division processing to generate seed data;
(2) start to perform the fuzz test: starting a hybrid fuzzy test engine to start fuzzy test;
(3) starting machine learning: starting machine learning after the fuzzy test reaches a certain time;
(4) updating the network protocol: updating an original network protocol sequence;
(5) starting an auxiliary program and a network service program: the network intermediate agent equipment starts to start an auxiliary program and a network service program;
(6) marking the loophole: the auxiliary program detects the network service program and marks the vulnerability position to generate vulnerability data;
(7) vulnerability type analysis and feedback: and analyzing the vulnerability data and feeding back the vulnerability data to a user.
Further, the current network data traffic packets in the step (1) are collected through different collection software, the different collection software comprises LipPcap, WinPcap and JPcap, the collected current network data traffic packets are clustered and divided, and seed data are generated through processing, and the specific clustering and dividing steps are as follows:
the method comprises the following steps: classifying the data traffic packets of the current network according to different types, wherein the different types comprise ICMP, ICMPv4, TCP, UDP, IPv4 and IPv 6;
step two: automatically constructing Fuzz data by the ICMP, the ICMPv4, the TCP, the UDP, the IPv4 and the IPv6 data through a countermeasure generation network;
step three: a large amount of Fuzz data is constructed and processed to generate seed data.
Further, the hybrid fuzz testing engine in the step (2) starts and starts to collect seed data for fuzz testing, and performs hybrid testing with fuzz testing through symbols to generate target data, wherein the specific hybrid testing steps are as follows:
the first step is as follows: when the Fuzzing test is blocked, calling a symbol execution part, starting analysis application by symbol execution, and limiting user input according to an input value obtained by Fuzzing in the last step;
the second step is that: according to the input obtained by the fuzzer, symbol execution starts optimization, the input of an unexplored path is identified, and when a new input is found by symbol execution, the new input is immediately transmitted back to the Fuzzing part;
the third step: the fuzzy part generates variation according to the input, executes new ACom in a fuzzy mode, and meanwhile the fuzzy test engine executes in a circulating mode between fuzzy and symbol execution until the input cause of Crash is found and processed to generate template data.
Further, in the step (3), after the fuzzy test is performed for a plurality of rounds in the hybrid fuzzy test engine, the machine learning starts and the template data is collected for the analysis learning and the update data is generated, and the specific analysis learning steps are as follows:
s1, analyzing the template data generated in the process of the mixed test flow and taking the template data as an input sample;
s2, calling a coverage rate detection module afl, and by learning and analyzing the relation between Crash and the coverage rate, carrying out gradient guidance on an input generation process and identifying an input byte with the highest gradient value;
and S3, analyzing and judging which positions of the variation are helpful for improving the coverage rate, taking the weight model of the variation as a generator, inputting the original current network data traffic packet into the generator again to generate a large amount of seed data, and repeating machine learning for multiple times to generate updated data.
Further, the network protocol sequence in step (4) starts to perform protocol updating processing by receiving updated data generated by a hybrid test of fuzzy test and machine learning, and the specific protocol updating step is as follows:
SS1, making statistics on the basic block sequence generated by the original network protocol data packet file set to obtain a probability model, and simultaneously reserving the transition probability with smaller probability in the probability model and processing the transition probability to generate a special basic block sequence;
SS 2: generating new basic blocks iteratively according to the transition probability among the basic blocks until end is generated, and finally generating a new complete basic block sequence, namely a new network protocol data packet sequence;
SS 3: through continuous iteration, the network protocol sequence generator starts to fit a functional relation between the basic block sequence and the sequence of the corresponding network protocol data packet, connects the new network protocol sequence, and adds the modification data to complete the generation of the final network protocol sequence.
Further, in step (5), after receiving the new network protocol sequence, the network intermediate proxy device starts to start an auxiliary program to interact with the network service program, where the network intermediate proxy device is one of a hub, a repeater, and a switch, and the specific interaction steps are as follows:
i, starting an auxiliary program, wherein the auxiliary program checks whether a network service program is started, and if the network service program is not started, the network service program to be tested is started;
II, transmitting the environment variable into a network service program to be tested, recording coverage rate information during testing by the network service program and sending the coverage rate information to the current shared memory;
and III, when a new test is carried out, the auxiliary program repeatedly reads the input and sends the input to the target network service program through the network.
Further, the auxiliary program in the step (6) marks the position of the vulnerability by monitoring that the corresponding packet position is lost by the network server program and processes the vulnerability to generate vulnerability data.
Further, the vulnerability data in the step (7) is analyzed through a Crash processing module, and meanwhile, a symbol execution module is used for analyzing a Crash generation path and the final memory state to obtain a specific vulnerability type and feeding the vulnerability type back to a user.
Compared with the prior art, the invention has the beneficial effects that:
1. the mixed network fuzzy test tool based on the neural network is applied to the network protocol test by a method of mixing symbolic execution and fuzzy test, solves the problem of low coverage rate in a highly complex logic judgment program facing the network protocol in the traditional fuzzy test, reduces the state space needing traversal, and solves the problem of energy waste in a complex judgment analysis environment facing the network program;
2. the hybrid network fuzzy test tool based on the neural network has the advantages that the automation of template generation is realized, meanwhile, the coverage rate is checked through the shared memory based on the AFL, the fuzzy tester and the network application program are not required to be modified through the intermediate proxy application, the labor cost is reduced, the applicability is improved, and the manpower, material resources and financial resources are saved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention.
Fig. 1 is a flow chart of a hybrid network fuzzy test tool based on a neural network according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
In the description of the present invention, it is to be understood that the terms "upper", "lower", "front", "rear", "left", "right", "top", "bottom", "inner", "outer", and the like, indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the present invention and simplifying the description, and do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention.
Referring to fig. 1, a hybrid network fuzzy test tool based on a neural network includes the following steps:
(1) collecting and processing data flow packets: collecting the data traffic packets of the existing network and carrying out clustering division processing to generate seed data;
(2) start to perform the fuzz test: starting a hybrid fuzzy test engine to start fuzzy test;
(3) starting machine learning: starting machine learning after the fuzzy test reaches a certain time;
(4) updating the network protocol: updating an original network protocol sequence;
(5) starting an auxiliary program and a network service program: the network intermediate agent equipment starts to start an auxiliary program and a network service program;
(6) marking the loophole: the auxiliary program detects the network service program and marks the vulnerability position to generate vulnerability data;
(7) vulnerability type analysis and feedback: and analyzing the vulnerability data and feeding back the vulnerability data to a user.
The current network data traffic packets in the step (1) are collected through different collection software, wherein the different collection software comprises LipPcap, WinPcap and JPcap, the collected current network data traffic packets are clustered and divided and processed to generate seed data, and the specific clustering and dividing steps are as follows:
the method comprises the following steps: classifying the data traffic packets of the current network according to different types, wherein the different types comprise ICMP, ICMPv4, TCP, UDP, IPv4 and IPv 6;
step two: automatically constructing Fuzz data by the ICMP, the ICMPv4, the TCP, the UDP, the IPv4 and the IPv6 data through a countermeasure generation network;
step three: a large amount of Fuzz data is constructed and processed to generate seed data.
In the step (2), the hybrid fuzzy test engine is started and starts to collect seed data for fuzzy test, and target data is generated through hybrid test of symbolic execution and fuzzy test, wherein the specific hybrid test steps are as follows:
the first step is as follows: when the Fuzzing test is blocked, calling a symbol execution part, starting analysis application by symbol execution, and limiting user input according to an input value obtained by Fuzzing in the last step;
the second step is that: according to the input obtained by the fuzzer, symbol execution starts optimization, the input of an unexplored path is identified, and when a new input is found by symbol execution, the new input is immediately transmitted back to the Fuzzing part;
the third step: the fuzzy part generates variation according to the input, executes new ACom in a fuzzy mode, and meanwhile the fuzzy test engine executes in a circulating mode between fuzzy and symbol execution until the input cause of Crash is found and processed to generate template data.
In the step (3), after the fuzzy test is executed for a plurality of rounds in the hybrid fuzzy test engine, machine learning starts and template data is collected for analysis and learning to generate updated data, and the specific analysis and learning steps are as follows:
s1, analyzing the template data generated in the process of the mixed test flow and taking the template data as an input sample;
s2, calling a coverage rate detection module afl, and by learning and analyzing the relation between Crash and the coverage rate, carrying out gradient guidance on an input generation process and identifying an input byte with the highest gradient value;
and S3, analyzing and judging which positions of the variation are helpful for improving the coverage rate, taking the weight model of the variation as a generator, inputting the original current network data traffic packet into the generator again to generate a large amount of seed data, and repeating machine learning for multiple times to generate updated data.
In the step (4), the network protocol sequence starts to perform protocol updating processing by receiving updated data generated by a mixed test of fuzzy test and machine learning, and the specific protocol updating step is as follows:
SS1, making statistics on the basic block sequence generated by the original network protocol data packet file set to obtain a probability model, and simultaneously reserving the transition probability with smaller probability in the probability model and processing the transition probability to generate a special basic block sequence;
SS 2: generating new basic blocks iteratively according to the transition probability among the basic blocks until end is generated, and finally generating a new complete basic block sequence, namely a new network protocol data packet sequence;
SS 3: through continuous iteration, the network protocol sequence generator starts to fit a functional relation between the basic block sequence and the sequence of the corresponding network protocol data packet, connects the new network protocol sequence, and adds the modification data to complete the generation of the final network protocol sequence.
In the step (5), the network intermediate proxy device starts to start an auxiliary program to interact with the network service program after receiving the new network protocol sequence, the network intermediate proxy device is one of a hub, a repeater or a switch, and the specific interaction steps are as follows:
i, starting an auxiliary program, wherein the auxiliary program checks whether a network service program is started, and if the network service program is not started, the network service program to be tested is started;
II, transmitting the environment variable into a network service program to be tested, recording coverage rate information during testing by the network service program and sending the coverage rate information to the current shared memory;
and III, when a new test is carried out, the auxiliary program repeatedly reads the input and sends the input to the target network service program through the network.
And (6) the auxiliary program marks the position of the vulnerability by monitoring the loss of the corresponding packet position of the network server program and processes the vulnerability to generate vulnerability data.
And (4) analyzing the vulnerability data in the step (7) through a Crash processing module, and simultaneously analyzing a Crash generation path and the final memory state by using a symbol execution module to obtain a specific vulnerability type and feeding the vulnerability type back to a user.
The working principle and the using process of the invention are as follows: the wireless sensor network transmission method comprises the steps that firstly, the current network data traffic packets are collected through different collection software, the different collection software comprises LipPcap, WinPcap and JPcap, the collected current network data traffic packets are classified according to different types, the different types comprise ICMP, ICMPv4, TCP, UDP, IPv4 and IPv6, the ICMP, ICMPv4, TCP, UDP, IPv4 and IPv6 data are automatically constructed through a countermeasure generation network, a large amount of Fuzz data are constructed and processed to generate seed data, a hybrid fuzzy test engine is started and starts to collect the seed data to perform fuzzy test, mixed test of the seed data and the fuzzy test is performed to generate target data, when the fuzzy test is blocked, a symbol execution part is called, analysis application is started through symbols, user input is limited according to the input values obtained by Fuzzing, optimization is started through symbols according to the input obtained by fuzzer, recognizing the input of unexplored path, when the symbol execution discovers new input, immediately transmitting back to fuzzy part, the fuzzy part generates variation according to the input, executing new ACom in fuzzy way, simultaneously executing the fuzzy test engine in cycle between fuzzy and symbol execution until discovering the input reason causing Crash and processing the input reason to generate template data, when the fuzzy test is executed for a plurality of rounds in the hybrid fuzzy test engine, machine learning begins to analyze the template data generated in the process of the hybrid test flow and using the template data as an input sample, calling afl a coverage rate detection module, analyzing the relation between Crash and the coverage rate by learning, guiding the input generation process in gradient and recognizing the input byte with the highest gradient value, analyzing and judging which positions of variation are helpful to improve the coverage rate, using the varied weight model as a generator, inputting the original existing network data traffic packet into the generator again to generate a large amount of seed data, the method comprises the steps of repeatedly performing machine learning for many times to generate updating data, starting protocol updating processing by the network protocol sequence through the updating data generated by receiving a mixed test of fuzzy test and machine learning, starting an auxiliary program to interact with a network service program after the network intermediate agent equipment receives a new network protocol sequence, marking a vulnerability position by the auxiliary program through monitoring the loss of a corresponding packet position of the network server program and processing the vulnerability position to generate vulnerability data, analyzing the vulnerability data through a Crash processing module, and analyzing a Crash generation path and a final memory state by using a symbol execution module to obtain a specific vulnerability type and feeding the vulnerability type back to a user.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.

Claims (8)

1. A hybrid network fuzzy test tool based on a neural network is characterized in that the test method specifically comprises the following steps:
(1) collecting and processing data flow packets: collecting the data traffic packets of the existing network and carrying out clustering division processing to generate seed data;
(2) start to perform the fuzz test: starting a hybrid fuzzy test engine to start fuzzy test;
(3) starting machine learning: starting machine learning after the fuzzy test reaches a certain time;
(4) updating the network protocol: updating an original network protocol sequence;
(5) starting an auxiliary program and a network service program: the network intermediate agent equipment starts to start an auxiliary program and a network service program;
(6) marking the loophole: the auxiliary program detects the network service program and marks the vulnerability position to generate vulnerability data;
(7) vulnerability type analysis and feedback: and analyzing the vulnerability data and feeding back the vulnerability data to a user.
2. The hybrid network fuzzy test tool based on the neural network as claimed in claim 1, wherein the existing network data traffic packets in step (1) are collected by different collection software, the different collection software includes LipPcap, WinPcap and JPcap, and the collected existing network data traffic packets are clustered and divided and processed to generate seed data, and the specific clustering and dividing steps are as follows:
the method comprises the following steps: classifying the data traffic packets of the current network according to different types, wherein the different types comprise ICMP, ICMPv4, TCP, UDP, IPv4 and IPv 6;
step two: automatically constructing Fuzz data by the ICMP, the ICMPv4, the TCP, the UDP, the IPv4 and the IPv6 data through a countermeasure generation network;
step three: a large amount of Fuzz data is constructed and processed to generate seed data.
3. The hybrid network fuzzy test tool based on neural network as claimed in claim 1, wherein said hybrid fuzzy test engine starts and starts to collect seed data for fuzzy test in step (2), and generates target data by performing hybrid test with fuzzy test through symbolic execution, and the specific hybrid test steps are as follows:
the first step is as follows: when the Fuzzing test is blocked, calling a symbol execution part, starting analysis application by symbol execution, and limiting user input according to an input value obtained by Fuzzing in the last step;
the second step is that: according to the input obtained by the fuzzer, symbol execution starts optimization, the input of an unexplored path is identified, and when a new input is found by symbol execution, the new input is immediately transmitted back to the Fuzzing part;
the third step: the fuzzy part generates variation according to the input, executes new ACom in a fuzzy mode, and meanwhile the fuzzy test engine executes in a circulating mode between fuzzy and symbol execution until the input cause of Crash is found and processed to generate template data.
4. The hybrid network fuzzy test tool based on neural network as claimed in claim 1, wherein in step (3), after the fuzzy test is performed in the hybrid fuzzy test engine for a plurality of rounds, the machine learning starts to start and collects the template data for the analysis learning and generates the updated data, and the specific analysis learning steps are as follows:
s1, analyzing the template data generated in the process of the mixed test flow and taking the template data as an input sample;
s2, calling a coverage rate detection module afl, and by learning and analyzing the relation between Crash and the coverage rate, carrying out gradient guidance on an input generation process and identifying an input byte with the highest gradient value;
and S3, analyzing and judging which positions of the variation are helpful for improving the coverage rate, taking the weight model of the variation as a generator, inputting the original current network data traffic packet into the generator again to generate a large amount of seed data, and repeating machine learning for multiple times to generate updated data.
5. The hybrid network fuzzy test tool based on neural network as claimed in claim 1, wherein said network protocol sequence in step (4) starts the protocol updating process by receiving the updated data generated by the hybrid test of fuzzy test and machine learning, and the specific protocol updating steps are as follows:
SS1, making statistics on the basic block sequence generated by the original network protocol data packet file set to obtain a probability model, and simultaneously reserving the transition probability with smaller probability in the probability model and processing the transition probability to generate a special basic block sequence;
SS 2: generating new basic blocks iteratively according to the transition probability among the basic blocks until end is generated, and finally generating a new complete basic block sequence, namely a new network protocol data packet sequence;
SS 3: through continuous iteration, the network protocol sequence generator starts to fit a functional relation between the basic block sequence and the sequence of the corresponding network protocol data packet, connects the new network protocol sequence, and adds the modification data to complete the generation of the final network protocol sequence.
6. The hybrid network fuzzy test tool based on neural network as claimed in claim 1, wherein said network intermediate proxy device in step (5) starts to start the auxiliary program to interact with the network service program after receiving the new network protocol sequence, and the network intermediate proxy device is one of hub, repeater or switch, and its specific interaction steps are as follows:
i, starting an auxiliary program, wherein the auxiliary program checks whether a network service program is started, and if the network service program is not started, the network service program to be tested is started;
II, transmitting the environment variable into a network service program to be tested, recording coverage rate information during testing by the network service program and sending the coverage rate information to the current shared memory;
and III, when a new test is carried out, the auxiliary program repeatedly reads the input and sends the input to the target network service program through the network.
7. The neural network-based hybrid network fuzz testing tool of claim 1, wherein the assistant program in step (6) marks the vulnerability location by monitoring the loss of the corresponding packet location by the network server program and processes to generate vulnerability data.
8. The tool of claim 1, wherein the vulnerability data in step (7) is analyzed by a Crash processing module, and a symbolic execution module is used to analyze Crash generation paths and final memory states to obtain specific vulnerability types and feed the vulnerability types back to a user.
CN202110379602.2A 2021-04-08 2021-04-08 Hybrid network fuzzy test tool based on neural network Active CN113114534B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110379602.2A CN113114534B (en) 2021-04-08 2021-04-08 Hybrid network fuzzy test tool based on neural network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110379602.2A CN113114534B (en) 2021-04-08 2021-04-08 Hybrid network fuzzy test tool based on neural network

Publications (2)

Publication Number Publication Date
CN113114534A true CN113114534A (en) 2021-07-13
CN113114534B CN113114534B (en) 2022-11-25

Family

ID=76715144

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110379602.2A Active CN113114534B (en) 2021-04-08 2021-04-08 Hybrid network fuzzy test tool based on neural network

Country Status (1)

Country Link
CN (1) CN113114534B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666257A (en) * 2022-03-23 2022-06-24 成都卓源网络科技有限公司 Network protocol fuzzy test method and framework
CN114979033A (en) * 2022-06-13 2022-08-30 华北理工大学 Intranet neural computing system based on programmable data plane
CN115964275A (en) * 2022-12-13 2023-04-14 北京水木羽林科技有限公司 Distributed fuzzy test acceleration method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108470003A (en) * 2018-03-24 2018-08-31 中科软评科技(北京)有限公司 Fuzz testing methods, devices and systems
CN109379329A (en) * 2018-09-05 2019-02-22 中国人民解放军战略支援部队信息工程大学 Network security protocol fuzz testing method and system based on LSTM
CN109474607A (en) * 2018-12-06 2019-03-15 连云港杰瑞深软科技有限公司 A kind of industrial control network safeguard protection monitoring system
CN110912776A (en) * 2019-11-27 2020-03-24 中国科学院信息工程研究所 Automatic fuzzy test method and device for entity router management protocol
CN112052156A (en) * 2020-07-15 2020-12-08 杭州木链物联网科技有限公司 Fuzzy test method, device and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108470003A (en) * 2018-03-24 2018-08-31 中科软评科技(北京)有限公司 Fuzz testing methods, devices and systems
CN109379329A (en) * 2018-09-05 2019-02-22 中国人民解放军战略支援部队信息工程大学 Network security protocol fuzz testing method and system based on LSTM
CN109474607A (en) * 2018-12-06 2019-03-15 连云港杰瑞深软科技有限公司 A kind of industrial control network safeguard protection monitoring system
CN110912776A (en) * 2019-11-27 2020-03-24 中国科学院信息工程研究所 Automatic fuzzy test method and device for entity router management protocol
CN112052156A (en) * 2020-07-15 2020-12-08 杭州木链物联网科技有限公司 Fuzzy test method, device and system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114666257A (en) * 2022-03-23 2022-06-24 成都卓源网络科技有限公司 Network protocol fuzzy test method and framework
CN114666257B (en) * 2022-03-23 2023-11-14 成都卓源网络科技有限公司 Network protocol fuzzy test method and framework
CN114979033A (en) * 2022-06-13 2022-08-30 华北理工大学 Intranet neural computing system based on programmable data plane
CN115964275A (en) * 2022-12-13 2023-04-14 北京水木羽林科技有限公司 Distributed fuzzy test acceleration method and system
CN115964275B (en) * 2022-12-13 2023-08-29 北京水木羽林科技有限公司 Distributed fuzzy test acceleration method and system

Also Published As

Publication number Publication date
CN113114534B (en) 2022-11-25

Similar Documents

Publication Publication Date Title
CN113114534B (en) Hybrid network fuzzy test tool based on neural network
CN108600193A (en) A kind of industry control honey jar recognition methods based on machine learning
CN111488577B (en) Model building method and risk assessment method and device based on artificial intelligence
EP2782311A1 (en) Methods of testing a firewall, and apparatus therefor
CN109525457B (en) Network protocol fuzzy test method based on state transition traversal
CN111935063B (en) Abnormal network access behavior monitoring system and method for terminal equipment
CN110995764B (en) Mobile cellular network application layer data flow fuzzy test method, electronic equipment and storage medium
CN108600195A (en) A kind of quick reverse estimating method of industry control protocol format based on incremental learning
CN111143852A (en) Multi-module penetration testing system based on cooperative control
CN113676526A (en) Industrial data access management system and method
CN117411703A (en) Modbus protocol-oriented industrial control network abnormal flow detection method
CN115174221B (en) Industrial control OT network multi-target penetration test method and system
CN116094850A (en) Network protocol vulnerability detection method and system based on system state tracking graph guidance
CN103457957B (en) A kind of network penetration test macro and method with adaptation function
CN114546851A (en) Vehicle domain controller test method, system, device and storage medium
CN113849817B (en) Detection method and device for pollution loopholes of JavaScript prototype chain
CN112905493A (en) Structured fuzzy test method based on conversion test
CN114666257B (en) Network protocol fuzzy test method and framework
CN117692943A (en) WiFi6 air interface message automatic test method and device
CN117896237B (en) Multi-device intercommunication scene supervision system aiming at network networking
CN115484138B (en) Operation and maintenance tool rapid customization development method and system
Aguilar et al. Situation assessment in autonomous systems
CN116455798B (en) Automatic generation method and device for protocol program test model
CN116861673B (en) Multi-user remote online collaborative design system and method based on data sharing
CN115733638A (en) Feedback type fuzzy test method and device for local simulation of Internet of things equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant