| With the rapid development of the fourth generation of mobile communications,the number of domestic 4G users has increased rapidly.4G has penetrated into all aspects of people’s lives and national production,and will have a big influence on national and social public safety.At present,research on 4G security at home and abroad is biased towards the theoretical aspect.Even in practice,research is mainly on E-UTRAN,while engineering practice research on core networks is relatively small.By analyzing the 4G core network model and the S1AP,we can try to find an effective security detection method for the 4G core network protocol.First,this paper studies the network architecture of the LTE core network,analyzes the signaling format and protocol flow of the S1AP,determined the format of the protocol signaling and related security algorithms used in the protocol flow.Based on this,a test case generation algorithm for S1AP is proposed.Secondly,the theoretical model of the finite state machine is studied in depth,and combined with the analysis of the complete protocol flow of the S1AP,the abstraction of the S1AP flow following the finite state machine model is proposed to obtain the finite state machine for the S1AP.The foundation is established for the realization of fuzzing system.In addition,based on the research of genetic algorithm and the characteristics of S1AP,this paper designs fitness function and operation rules,and proposes an improved genetic algorithm for S1AP fuzzing.Finally,according to the designed finite state machine and genetic algorithm model,a fuzzing system for the S1AP is designed and implemented.The system functions are tested through experiments,and the effectiveness of the system is verified by comparison experiments with mainstream fuzzing frameworks.It proved that the fuzzing system designed in this subject is effective for the S1AP fuzzing and has certain advantages. |
PDF Full Text Request