SeqFuzzer: An Industrial Protocol Fuzzing Framework from a Deep Learning Perspective
Title | SeqFuzzer: An Industrial Protocol Fuzzing Framework from a Deep Learning Perspective |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Zhao, Hui, Li, Zhihui, Wei, Hansheng, Shi, Jianqi, Huang, Yanhong |
Conference Name | 2019 12th IEEE Conference on Software Testing, Validation and Verification (ICST) |
Publisher | IEEE |
ISBN Number | 978-1-7281-1736-2 |
Keywords | Collaboration, composability, compositionality, Computer architecture, computer network security, Control Automation Technology devices, Data models, Decoding, Deep Learning, deep learning model, deep learning perspective, EtherCAT, Fuzz Testing, fuzzing, fuzzing framework, industrial communication processes, industrial communication protocols, industrial network, industrial protocol fuzzing framework, Industrial Safety, learning (artificial intelligence), Local area networks, modern industrial control systems, Policy Based Governance, policy-based governance, privacy, protocol frame structures, protocol frames, protocol verification, Protocols, pubcrawl, security, security checks, security vulnerabilities, self learning, SeqFuzzer, stateful protocols, target protocol, vulnerability mining |
Abstract | Industrial networks are the cornerstone of modern industrial control systems. Performing security checks of industrial communication processes helps detect unknown risks and vulnerabilities. Fuzz testing is a widely used method for performing security checks that takes advantage of automation. However, there is a big challenge to carry out security checks on industrial network due to the increasing variety and complexity of industrial communication protocols. In this case, existing approaches usually take a long time to model the protocol for generating test cases, which is labor-intensive and time-consuming. This becomes even worse when the target protocol is stateful. To help in addressing this problem, we employed a deep learning model to learn the structures of protocol frames and deal with the temporal features of stateful protocols. We propose a fuzzing framework named SeqFuzzer which automatically learns the protocol frame structures from communication traffic and generates fake but plausible messages as test cases. For proving the usability of our approach, we applied SeqFuzzer to widely-used Ethernet for Control Automation Technology (EtherCAT) devices and successfully detected several security vulnerabilities. |
URL | https://ieeexplore.ieee.org/document/8730177 |
DOI | 10.1109/ICST.2019.00016 |
Citation Key | zhao_seqfuzzer_2019 |
- Protocols
- learning (artificial intelligence)
- Local area networks
- modern industrial control systems
- Policy Based Governance
- policy-based governance
- privacy
- protocol frame structures
- protocol frames
- protocol verification
- Industrial Safety
- pubcrawl
- security
- security checks
- security vulnerabilities
- self learning
- SeqFuzzer
- stateful protocols
- target protocol
- vulnerability mining
- deep learning perspective
- composability
- Compositionality
- computer architecture
- computer network security
- Control Automation Technology devices
- Data models
- Decoding
- deep learning
- deep learning model
- collaboration
- EtherCAT
- Fuzz Testing
- fuzzing
- fuzzing framework
- industrial communication processes
- industrial communication protocols
- industrial network
- industrial protocol fuzzing framework