一种Cisco IOS启发式模糊测试方法
일충Cisco IOS계발식모호측시방법
A Heuristic Fuzzing Test Method for Cisco IOS
  • 万方数据
    计算机工程 계산궤공정
    COMPUTER ENGINEERING
    2014年 12期 68-73 ,共6页

    陈立根%刘胜利%肖达%彭飞

    진립근%류성리%초체%팽비

    思科互联网操作系统%网络安全%启发式模糊测试%漏洞挖掘%污点分析 思科互聯網操作繫統%網絡安全%啟髮式模糊測試%漏洞挖掘%汙點分析
    사과호련망조작계통%망락안전%계발식모호측시%루동알굴%오점분석
    Cisco Internet Operating System ( IOS )%network security%heuristic fuzzing test%vulnerability mining%taint analysis
    在思科互联网操作系统( Cisco IOS)中,系统安全漏洞已经成为信息安全风险的主要根源之一,全面发现与及时修补IOS的漏洞非常必要。为此,提出一种基于细粒度污点分析的启发式模糊测试方法。给出细粒度污点传播规则的形式化描述,以及基于细粒度污点分析的安全敏感操作判定规则,为获取启发式信息提供依据;采用启发式测试用例生成的方法,设计并实现Cisco IOS漏洞挖掘原型系统CTaintMiner,测试结果表明,系统具备较好的漏洞挖掘能力,验证了启发式模糊测试方法的有效性。
    재사과호련망조작계통( Cisco IOS)중,계통안전루동이경성위신식안전풍험적주요근원지일,전면발현여급시수보IOS적루동비상필요。위차,제출일충기우세립도오점분석적계발식모호측시방법。급출세립도오점전파규칙적형식화묘술,이급기우세립도오점분석적안전민감조작판정규칙,위획취계발식신식제공의거;채용계발식측시용례생성적방법,설계병실현Cisco IOS루동알굴원형계통CTaintMiner,측시결과표명,계통구비교호적루동알굴능력,험증료계발식모호측시방법적유효성。
    Cisco Internet Operating System ( IOS ) is an operating system running on Cisco routing and switching equipment. Its security is very important. As the system security vulnerability becomes one of the main causes of information security risk,to discover and timely repair vulnerabilities in IOS is very necessary. A heuristic fuzzing method based on fine-grained taint analysis is proposed. Fine-grained taint propagation rules are presented in formal description. Judgment rules based on fine-grained taint analysis are proposed,providing the basis to acquire heuristic information. A method to generate heuristic test cases is proposed. It designs and develops a vulnerability mining prototype system named CTaintMiner for Cisco IOS. The mining system is used to do practical tests,and results show that CTaintMiner mining system has a better ability to do vulnerability mining and verifies the validity of the test method.
    원문보기 원문다운로드 사이트로이동
저자의 최근 논문