Research On The Vulnerability Mining Method Of Industrial Control Protocol Based On Fuzzing

Industrial Internet is a new type of infrastructure that deeply integrates the next generation of information and communication technologies with industrial systems,providing important support for the digitalization,networking,and intelligent development of industry.Industrial control protocols,on the other hand,carry the communication and data exchange between various industrial devices and systems in the industrial Internet,and their security is crucial for the normal operation and security of the industrial Internet.As industrial control protocol vulnerabilities increasingly threaten the security of the industrial Internet,vulnerability mining techniques for industrial control protocols have gradually become a research hotspot.Currently,fuzzing-based vulnerability mining techniques for industrial control protocols are considered effective methods,but there are still some problems:(1)it is difficult to describe the format of industrial control protocols,and testing personnel need to spend a lot of time and cost designing protocol models and generating test cases；(2)the code coverage is low,and it does not consider the execution status triggered by test cases,making it difficult to effectively trigger crashes by deepening the protocol state space；(3)the testing efficiency is low,and redundant seed scheduling strategies prolong the overall testing cycle,making it difficult to efficiently complete testing tasks.Therefore,this article proposes a deep learning and coverage-guided industrial control protocol fuzz testing technique around these issues.The method mainly includes the following three research contents.Firstly,in order to automatically generate well-formed and highly mutated test cases,an automated generation of abnormal test cases is achieved through deep learning-based test case generation techniques and mutation weight-optimized sampling algorithms.The generated test cases not only conform to the protocol specifications but also retain good mutation degrees,allowing the test cases to reach deeper levels of protocol state space and trigger the tested objects to crash.Secondly,in order to improve code coverage and conduct more comprehensive fuzz testing of industrial control protocols,based on the coverage-guided fuzz testing tool AFL,the execution feedback information is used to guide the generation of effective inputs,making it easier for test cases to traverse as much code as possible.Finally,to improve the efficiency of fuzz testing,the seed scheduling strategy in AFL is optimized,and a reinforcement learning-based seed scheduling algorithm is proposed.A reasonable energy allocation strategy and seed selection criteria are designed,using the optimal seed to detect more potential vulnerabilities with fewer execution times.Based on the above research contents,this paper designs and implements an industrial control protocol fuzz testing system,and carries out fuzz testing experiments on Modbus simulation software.The results show that the test case generation model of this system performs above 90% in test case identification and reception rate.The number of code paths triggered by this system is 1.2 times that of AFLNet,and the efficiency of vulnerability detection is improved by about 48%.This verifies that the system can effectively learn the characteristics of industrial control protocols and efficiently detect vulnerabilities in industrial control network protocols.