Research On Fuzzing-Based Vulnerability Discovery In Distributed Network

Distributed network is the current development trend of the Internet, as it is high-performance, resource sharing and reliable. However, the vulnerabilities of software and system have become important network and information security risks, so it is of great significance to discover and patch them timely. Fuzzing is currently one of the most effective methods for automated testing of network security vulnerabilities mining. This method tries to find potential vulnerabilities by sending a large number of malformed data to the target program in order to trigger an abnormal crash.This paper researches on vulnerability discovery in distributed network, and Fuzz network protocols. Currently it is necessary to Fuzzing on the intermediate network devices since most Fuzzing is focused on the client or server protocol vulnerabilities mining, but few on them. Router, as an important intermediate network device, influence network status directly. In this paper, the popular Cisco router is selected as the test target. We build a Distributed Routing System consist of several Cisco routers and take a Fuzzing test on process of IOS parsing protocol packets.This paper designs a Distributed Routing System Fuzzer, DRSFuzzer, by studying the target system, the target network protocols, Fuzzing data generation algorithm and so on. The Fuzzer framework includes a tester, virtual operating environment (Dynamips), monitor module and debugger. We adopts Semi-valid Fuzzing Test Cases Generator (SFTCG) to generate fuzzy data, effectively improve test efficiency and code coverage; modify Dynamips source and add GDB server to facilitate Cisco IOS debug; monitor target by four ways to. raise the capture rate of the exception; debug IOS using GDB remote debugging technology to realize capturing abnormal signal of IOS and debugging process dynamically.Finally, we use DRSFuzzer to take a Fuzzing test on protocols, like ICMP, TFTP and FTP, and successfully dig out several vulnerabilities, which demonstrate the effectiveness of DRSFuzzer for distributed routing system.This topic is supported by MIIT Electronic Development Fund, and a related paper,"Vulnerability Mining of Cisco Router Based on Fuzzing", is published.