SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective

Hui Zhao; Zhihui Li; Hansheng Wei; Jianqi Shi; Yanhong Huang

doi:10.1109/ICST.2019.00016

SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective

Hui Zhao
, Zhihui Li
, Hansheng Wei
, Jianqi Shi^*
, Yanhong Huang

^*此作品的通讯作者

软件工程学院

East China Normal University
Hardware/software Co-Design Technology and Application Engineering Research Center

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

74 引用（Scopus）

摘要

Industrial networks are the cornerstone of modern industrial control systems. Performing security checks of industrial communication processes helps detect unknown risks and vulnerabilities. Fuzz testing is a widely used method for performing security checks that takes advantage of automation. However, there is a big challenge to carry out security checks on industrial network due to the increasing variety and complexity of industrial communication protocols. In this case, existing approaches usually take a long time to model the protocol for generating test cases, which is labor-intensive and time-consuming. This becomes even worse when the target protocol is stateful. To help in addressing this problem, we employed a deep learning model to learn the structures of protocol frames and deal with the temporal features of stateful protocols. We propose a fuzzing framework named SeqFuzzer which automatically learns the protocol frame structures from communication traffic and generates fake but plausible messages as test cases. For proving the usability of our approach, we applied SeqFuzzer to widely-used Ethernet for Control Automation Technology (EtherCAT) devices and successfully detected several security vulnerabilities.

源语言	英语
主期刊名	Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019
出版商	Institute of Electrical and Electronics Engineers Inc.
页	59-67
页数	9
ISBN（电子版）	9781728117355
DOI	https://doi.org/10.1109/ICST.2019.00016
出版状态	已出版 - 4月 2019
活动	12th IEEE International Conference on Software Testing, Verification and Validation, ICST 2019 - Xi'an, 中国期限: 22 4月 2019 → 27 4月 2019

出版系列

姓名	Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019

会议

会议	12th IEEE International Conference on Software Testing, Verification and Validation, ICST 2019
国家/地区	中国
市	Xi'an
时期	22/04/19 → 27/04/19

访问文件

10.1109/ICST.2019.00016

其它文件与链接

链接到 Scopus 的出版物

引用此

Zhao, H., Li, Z., Wei, H., Shi, J., & Huang, Y. (2019). SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective. 在 Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019 (页码 59-67). 文章 8730177 (Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICST.2019.00016

Zhao, Hui ; Li, Zhihui ; Wei, Hansheng 等. / SeqFuzzer : An industrial protocol fuzzing framework from a deep learning perspective. Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019. Institute of Electrical and Electronics Engineers Inc., 2019. 页码 59-67 (Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019).

@inproceedings{f4ac0167f7b346148e522009ab0b4900,

title = "SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective",

abstract = "Industrial networks are the cornerstone of modern industrial control systems. Performing security checks of industrial communication processes helps detect unknown risks and vulnerabilities. Fuzz testing is a widely used method for performing security checks that takes advantage of automation. However, there is a big challenge to carry out security checks on industrial network due to the increasing variety and complexity of industrial communication protocols. In this case, existing approaches usually take a long time to model the protocol for generating test cases, which is labor-intensive and time-consuming. This becomes even worse when the target protocol is stateful. To help in addressing this problem, we employed a deep learning model to learn the structures of protocol frames and deal with the temporal features of stateful protocols. We propose a fuzzing framework named SeqFuzzer which automatically learns the protocol frame structures from communication traffic and generates fake but plausible messages as test cases. For proving the usability of our approach, we applied SeqFuzzer to widely-used Ethernet for Control Automation Technology (EtherCAT) devices and successfully detected several security vulnerabilities.",

keywords = "Deep learning, EtherCAT, Fuzzing, Industrial safety, Self learning, Vulnerability mining",

author = "Hui Zhao and Zhihui Li and Hansheng Wei and Jianqi Shi and Yanhong Huang",

note = "Publisher Copyright: {\textcopyright} 2019 IEEE.; 12th IEEE International Conference on Software Testing, Verification and Validation, ICST 2019 ; Conference date: 22-04-2019 Through 27-04-2019",

year = "2019",

month = apr,

doi = "10.1109/ICST.2019.00016",

language = "英语",

series = "Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "59--67",

booktitle = "Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019",

address = "美国",

}

Zhao, H, Li, Z, Wei, H, Shi, J & Huang, Y 2019, SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective. 在 Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019., 8730177, Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019, Institute of Electrical and Electronics Engineers Inc., 页码 59-67, 12th IEEE International Conference on Software Testing, Verification and Validation, ICST 2019, Xi'an, 中国, 22/04/19. https://doi.org/10.1109/ICST.2019.00016

SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective. / Zhao, Hui; Li, Zhihui; Wei, Hansheng 等.
Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019. Institute of Electrical and Electronics Engineers Inc., 2019. 页码 59-67 8730177 (Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019).

科研成果: 书/报告/会议事项章节 › 会议稿件 › 同行评审

TY - GEN

T1 - SeqFuzzer

T2 - 12th IEEE International Conference on Software Testing, Verification and Validation, ICST 2019

AU - Zhao, Hui

AU - Li, Zhihui

AU - Wei, Hansheng

AU - Shi, Jianqi

AU - Huang, Yanhong

PY - 2019/4

Y1 - 2019/4

N2 - Industrial networks are the cornerstone of modern industrial control systems. Performing security checks of industrial communication processes helps detect unknown risks and vulnerabilities. Fuzz testing is a widely used method for performing security checks that takes advantage of automation. However, there is a big challenge to carry out security checks on industrial network due to the increasing variety and complexity of industrial communication protocols. In this case, existing approaches usually take a long time to model the protocol for generating test cases, which is labor-intensive and time-consuming. This becomes even worse when the target protocol is stateful. To help in addressing this problem, we employed a deep learning model to learn the structures of protocol frames and deal with the temporal features of stateful protocols. We propose a fuzzing framework named SeqFuzzer which automatically learns the protocol frame structures from communication traffic and generates fake but plausible messages as test cases. For proving the usability of our approach, we applied SeqFuzzer to widely-used Ethernet for Control Automation Technology (EtherCAT) devices and successfully detected several security vulnerabilities.

AB - Industrial networks are the cornerstone of modern industrial control systems. Performing security checks of industrial communication processes helps detect unknown risks and vulnerabilities. Fuzz testing is a widely used method for performing security checks that takes advantage of automation. However, there is a big challenge to carry out security checks on industrial network due to the increasing variety and complexity of industrial communication protocols. In this case, existing approaches usually take a long time to model the protocol for generating test cases, which is labor-intensive and time-consuming. This becomes even worse when the target protocol is stateful. To help in addressing this problem, we employed a deep learning model to learn the structures of protocol frames and deal with the temporal features of stateful protocols. We propose a fuzzing framework named SeqFuzzer which automatically learns the protocol frame structures from communication traffic and generates fake but plausible messages as test cases. For proving the usability of our approach, we applied SeqFuzzer to widely-used Ethernet for Control Automation Technology (EtherCAT) devices and successfully detected several security vulnerabilities.

KW - Deep learning

KW - EtherCAT

KW - Fuzzing

KW - Industrial safety

KW - Self learning

KW - Vulnerability mining

UR - https://www.scopus.com/pages/publications/85068005290

U2 - 10.1109/ICST.2019.00016

DO - 10.1109/ICST.2019.00016

M3 - 会议稿件

AN - SCOPUS:85068005290

T3 - Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019

SP - 59

EP - 67

BT - Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 22 April 2019 through 27 April 2019

ER -

Zhao H, Li Z, Wei H, Shi J , Huang Y. SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective. 在 Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019. Institute of Electrical and Electronics Engineers Inc. 2019. 页码 59-67. 8730177. (Proceedings - 2019 IEEE 12th International Conference on Software Testing, Verification and Validation, ICST 2019). doi: 10.1109/ICST.2019.00016

SeqFuzzer: An industrial protocol fuzzing framework from a deep learning perspective

摘要

出版系列

会议

访问文件

其它文件与链接

指纹

引用此