SNPSFuzzer: A Fast Greybox Fuzzer for Stateful Network Protocols using Snapshots

• URL: http://arxiv.org/abs/2202.03643v2
• Date: Thu, 17 Feb 2022 03:34:18 GMT
• Title: SNPSFuzzer: A Fast Greybox Fuzzer for Stateful Network Protocols using Snapshots
• Authors: Junqiang Li, Senyi Li, Gang Sun, Ting Chen, and Hongfang Yu
• Abstract summary: SNPSFuzzer is a fast greybox fuzzer for stateful network protocol using snapshots. SNPSFuzzer dumps the context information when the network protocol program is under a specific state and restores it when the state needs to be fuzzed.
• Score: 14.927657157570053
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Greybox fuzzing has been widely used in stateless programs and has achieved great success. However, most state-of-the-art greybox fuzzers generally have the problems of slow speed and shallow state depth coverage in the process of fuzzing stateful network protocol programs which are able to remember and store details of the interactions. The existing greybox fuzzers for network protocol programs send a series of well-defined prefix sequences of input messages first and then send mutated messages to test the target state of a stateful network protocol. The process mentioned above causes a high time cost. In this paper, we propose SNPSFuzzer, a fast greybox fuzzer for stateful network protocol using snapshots. SNPSFuzzer dumps the context information when the network protocol program is under a specific state and restores it when the state needs to be fuzzed. Furthermore, we design a message chain analysis algorithm to explore more and deeper network protocol states. Our evaluation shows that, compared with the state-of-the-art network protocol greybox fuzzer AFLNET, SNPSFuzzer increases the speed of network protocol fuzzing by 112.0%-168.9% and improves path coverage by 21.4%-27.5% within 24 hours. Moreover, SNPSFuzzer exposes a previously unreported vulnerability in program Tinydtls.

Related papers

• Quantum Keyless Private Communication with Decoy States for Space Channels [0.0]
  We present the security analysis of a keyless quantum private communication protocol that transmits classical information over quantum states. Our protocol sends dummy (decoy) states optimally obtained from the true information to deceive the eavesdropper. Our protocol can be implemented with the state of the art space proof technology.
  arXiv  Detail & Related papers  (2024-09-09T15:09:01Z)
• No Peer, no Cry: Network Application Fuzzing via Fault Injection [19.345967816562364]
  We propose a fundamentally different approach that relies on fault injection rather than modifying messages. We show that Fuzztruction-Net outperforms other fuzzers in terms of coverage and bugs found. Overall, Fuzztruction-Net uncovered 23 new bugs in well-tested software, such as the web servers Nginx and Apache HTTPd and the OpenSSH client.
  arXiv  Detail & Related papers  (2024-09-02T08:35:55Z)
• Stateful protocol fuzzing with statemap-based reverse state selection [3.7687375904925484]
  Stateful Coverage-Based Greybox Fuzzing (SCGF) is considered the state-of-the-art method for network protocol greybox fuzzing. This paper proposes a statemap-based reverse state selection method for SCGF.
  arXiv  Detail & Related papers  (2024-08-13T12:11:41Z)
• Task-dependent semi-quantum secure communication in layered networks with OAM states of light [0.0]
  We present two protocols for secure communication in layered networks. First protocol allows sharing of two keys simultaneously in a network of two layers. Second protocol facilitates direct communication in one layer and key distribution in the other.
  arXiv  Detail & Related papers  (2023-06-20T17:57:00Z)
• Prior Entanglement Exponentially Improves One-Server Quantum Private Information Retrieval for Quantum Messages [60.889483085250355]
  We find an exponential gap in the communication complexities between the presence and absence of prior entanglement. We propose an efficient one-server one-round QPIR protocol with prior entanglement.
  arXiv  Detail & Related papers  (2023-04-11T10:34:53Z)
• Pay Attention to Hidden States for Video Deblurring: Ping-Pong Recurrent Neural Networks and Selective Non-Local Attention [58.49075799159015]
  We propose 2 modules to supplement the RNN architecture for video deblurring. First, we design Ping-Pong RNN that acts on updating the hidden states by referring to the features from the current and the previous time steps alternately. Second, we use a Selective Non-Local Attention(SNLA) module to additionally refine the hidden state by aligning it with the positional information from the input frame feature.
  arXiv  Detail & Related papers  (2022-03-30T05:21:05Z)
• State Selection Algorithms and Their Impact on The Performance of Stateful Network Protocol Fuzzing [10.96645260573865]
  Stateful fuzzers use state models to partition the state space and assist the test generation process. We evaluate an extensive set of state selection algorithms on the same fuzzing platform that is AFLNet.
  arXiv  Detail & Related papers  (2021-12-24T21:33:06Z)
• Better than the Best: Gradient-based Improper Reinforcement Learning for Network Scheduling [60.48359567964899]
  We consider the problem of scheduling in constrained queueing networks with a view to minimizing packet delay. We use a policy gradient based reinforcement learning algorithm that produces a scheduler that performs better than the available atomic policies.
  arXiv  Detail & Related papers  (2021-05-01T10:18:34Z)
• Enabling certification of verification-agnostic networks via memory-efficient semidefinite programming [97.40955121478716]
  We propose a first-order dual SDP algorithm that requires memory only linear in the total number of network activations. We significantly improve L-inf verified robust accuracy from 1% to 88% and 6% to 40% respectively. We also demonstrate tight verification of a quadratic stability specification for the decoder of a variational autoencoder.
  arXiv  Detail & Related papers  (2020-10-22T12:32:29Z)
• You Only Spike Once: Improving Energy-Efficient Neuromorphic Inference to ANN-Level Accuracy [51.861168222799186]
  Spiking Neural Networks (SNNs) are a type of neuromorphic, or brain-inspired network. SNNs are sparse, accessing very few weights, and typically only use addition operations instead of the more power-intensive multiply-and-accumulate operations. In this work, we aim to overcome the limitations of TTFS-encoded neuromorphic systems.
  arXiv  Detail & Related papers  (2020-06-03T15:55:53Z)
• Single-Shot Secure Quantum Network Coding for General Multiple Unicast Network with Free One-Way Public Communication [56.678354403278206]
  We propose a canonical method to derive a secure quantum network code over a multiple unicast quantum network. Our code correctly transmits quantum states when there is no attack. It also guarantees the secrecy of the transmitted quantum state even with the existence of an attack.
  arXiv  Detail & Related papers  (2020-03-30T09:25:13Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.