ABSTRACT
We present a new benchmark (ProFuzzBench) for stateful fuzzing of network protocols. The benchmark includes a suite of representative open-source network servers for popular protocols, and tools to automate experimentation. We discuss challenges and potential directions for future research based on this benchmark.
- Humberto J Abdelnur, Radu State, and Olivier Festor. 2007. KiF: a stateful SIP fuzzer. In Intl. Conf. on Princ., Sys. and Apps. of IP Telecom.. 47–56.Google ScholarDigital Library
- T. Alrahem, A. Chen, N. DiGiuseppe, J. Gee, S.-P. Hsiao, S. Mattox, and T. Park. 2007. Interstate: A stateful protocol fuzzer for SIP. Defcon, 15 (2007), 1–5.Google Scholar
- Greg Banks, Marco Cova, Viktoria Felmetsger, Kevin Almeroth, Richard Kemmerer, and Giovanni Vigna. 2006. SNOOZE: toward a Stateful NetwOrk prOtocol fuzZEr. In Intl. Conf. on Information Security. 343–358.Google ScholarDigital Library
- Beyond Security. 2020. beSTORM Black Box Testing. https://beyondsecurity.com/solutions/bestorm.html [Online; accessed 12-10-2020].Google Scholar
- Brian Caswell. 2020. Cyber Grand Challenge Corpus. http://www.lungetech.com/cgc-corpus/ [Online; accessed 12-01-2021].Google Scholar
- Joeri De Ruiter and Erik Poll. 2015. Protocol State Fuzzing of TLS Implementations. In 24th USENIX Security Symp.. 193–206.Google Scholar
- Brendan Dolan-Gavitt, Patrick Hulin, Engin Kirda, Tim Leek, Andrea Mambretti, Wil Robertson, Frederick Ulrich, and Ryan Whelan. 2016. LAVA: Large-scale automated vulnerability addition. In Symp. on Security and Privacy (SP). 110–121.Google ScholarCross Ref
- Paul Fiterau-Brostean, Bengt Jonsson, Robert Merget, Joeri de Ruiter, Konstantinos Sagonas, and Juraj Somorovsky. 2020. Analysis of DTLS Implementations Using Protocol State Fuzzing. In 29th USENIX Security Symp..Google Scholar
- Z. Gao, W. Dong, R. Chang, and Y. Wang. 2020. Fw-fuzz: A code coverage-guided fuzzing framework for network protocols on firmware. Concur. and Comp..Google Scholar
- Hugo Gascon, Christian Wressnegger, Fabian Yamaguchi, Daniel Arp, and Konrad Rieck. 2015. Pulsar: Stateful black-box fuzzing of proprietary network protocols. In Intl. Conf. on Sec. and Priv. in Comm. Sys.. 330–347.Google ScholarCross Ref
- Ahmad Hazimeh, Adrian Herrera, and Mathias Payer. 2020. Magma: A Ground-Truth Fuzzing Benchmark. ACM Meas. Anal. Comput. Syst., 4, 3 (2020).Google ScholarDigital Library
- George Klees, Andrew Ruef, Benji Cooper, Shiyi Wei, and Michael Hicks. 2018. Evaluating fuzz testing. In ACM Conf. on Comp. and Comm. Security. 2123–2138.Google ScholarDigital Library
- V. J. M. Manès, H. Han, C. Han, S. K. Cha, M. Egele, E. J. Schwartz, and M. Woo. 2019. The Art, Science, and Engineering of Fuzzing: A Survey. IEEE Trans. on Soft. Eng..Google ScholarCross Ref
- László Szekeres Jonathan Metzman, Abhishek Arya, and L Szekeres. 2020. FuzzBench: Fuzzer benchmarking as a service. Google Security Blog.Google Scholar
- Barton P. Miller, Louis Fredriksen, and Bryan So. 1990. An Empirical Study of the Reliability of UNIX Utilities. Commun. ACM.Google Scholar
- Van-Thuan Pham, Marcel Böhme, and Abhik Roychoudhury. 2020. AFLNET: A Greybox Fuzzer for Network Protocols. In Intl. Conf. on Software Testing, Verification and Validation (Testing Tools Track).Google Scholar
- Rapid7. 2020. Metasploit Vulnerability & Exploit Database. https://www.rapid7.com/db/?q=fuzzer&type=metasploit [Online; accessed 12-10-2020].Google Scholar
- R. Shapiro, S. Bratus, E. Rogers, and S. Smith. 2011. Identifying vulnerabilities in SCADA systems via fuzz-testing. In Intl. Conf. on Critical Infr. Protect.. 57–72.Google Scholar
- Synopsis, Inc.. 2020. Defensics Fuzz Testing. https://www.synopsys.com/software-integrity/security-testing/fuzz-testing.html [Online; accessed 12-10-2020].Google Scholar
- Ari Takanen, Jared D Demott, Charles Miller, and Atte Kettunen. 2018. Fuzzing for software security testing and quality assurance. Artech House.Google Scholar
- A. Walz and A. Sikora. 2017. Exploiting dissent: Towards fuzzing-based differential black box testing of TLS implementations. IEEE Trans. Dep. Sec. Comp..Google Scholar
- Zhiqiang Wang, Quanqi Li, Yazhe Wang, Biao Liu, Jianyi Zhang, and Qixu Liu. 2019. Medical Protocol Security: DICOM Vulnerability Mining Based on Fuzzing Technology. In ACM Conf. on Comp. and Comm. Security. 2549–2551.Google ScholarDigital Library
- Michal Zalewski. 2020. AFL Documentation - Understanding the status screen. https://github.com/mirrorer/afl/blob/master/docs/status_screen.txt [Online; accessed 12-01-2021].Google Scholar
- Yaowen Zheng, Ali Davanian, Heng Yin, Chengyu Song, Hongsong Zhu, and Limin Sun. 2019. FIRM-AFL: High-throughput greybox fuzzing of IoT firmware via augmented process emulation. In 28th USENIX Security Symp.. 1099–1114.Google Scholar
Index Terms
- ProFuzzBench: a benchmark for stateful protocol fuzzing
Recommendations
A Benchmark Characterization of the EEMBC Benchmark Suite
Benchmark consumers expect benchmark suites to be complete, accurate, and consistent, and benchmark scores serve as relative measures of performance. However, it is important to understand how benchmarks stress the processors that they aim to test. This ...
StateAFL: Greybox fuzzing for stateful network servers
AbstractFuzzing network servers is a technical challenge, since the behavior of the target server depends on its state over a sequence of multiple messages. Existing solutions are costly and difficult to use, as they rely on manually-customized artifacts ...
Green-Fuzz: Efficient Fuzzing for Network Protocol Implementations
Foundations and Practice of SecurityAbstractRecent techniques have significantly improved fuzzing, discovering many vulnerabilities in various software systems. However, certain types of systems, such as network protocols, are still challenging to fuzz. This article presents two ...
Comments