Methods, systems, and computer readable media for converging on network protocol stack vulnerabilities using fuzzing variables, vulnerability ratings and progressive convergence

摘要

A method for progressive convergence on network protocol stack vulnerabilities includes defining an initial protocol field and field value space for fuzz testing of a network communications protocol stack implementation. The method further includes dividing the initial space into regions corresponding to combinations of protocol fields and field values. The method further includes assigning vulnerability ratings to at least some of the regions. The method further includes executing fuzz testing of the network communications protocol stack implementation using the protocol fields and field values corresponding to the regions. The method further includes updating the vulnerability ratings of the regions based on results of the testing. The method further includes identifying, based on the updated vulnerability ratings, at least one region with a higher vulnerability rating than other regions. The method further includes performing fuzz testing for the sub-regions.

主权项

1. A method for converging on network protocol stack vulnerabilities using fuzzing variables, vulnerability ratings and progressive convergence, the method comprising:
defining an initial protocol field and field value space for fuzz testing of a network communications protocol stack implementation; dividing the initial protocol field and field value space into regions corresponding to combinations of protocol fields and field values; assigning vulnerability ratings to at least some of the regions; executing fuzz testing of the network communications protocol stack implementation using the fields and field values defined by the regions; updating the vulnerability ratings of the regions based on results of the testing; identifying, based on the updated vulnerability ratings, at least one region with a higher vulnerability rating than other regions; and dividing the at least one region into sub-regions and performing fuzz testing of the sub-regions, wherein performing fuzz testing for the sub-regions includes: identifying at least one sub-region with a higher vulnerability rating than other sub-regions; determining whether violation causing parameter values are sufficiently localized in the at least one sub-region; and in response to determining that the violation causing parameter values are not sufficiently localized in the at least one sub-region, dividing the sub-region into sub-regions and performing fuzz testing for the sub-regions.