CN106412067A - Data layered generation method based on fuzzy testing of industrial control protocol - Google Patents
Data layered generation method based on fuzzy testing of industrial control protocol Download PDFInfo
- Publication number
- CN106412067A CN106412067A CN201610872299.9A CN201610872299A CN106412067A CN 106412067 A CN106412067 A CN 106412067A CN 201610872299 A CN201610872299 A CN 201610872299A CN 106412067 A CN106412067 A CN 106412067A
- Authority
- CN
- China
- Prior art keywords
- data
- script configuration
- generation method
- configuration file
- fuzz testing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/30—Definitions, standards or architectural aspects of layered protocol stacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/18—Protocol analysers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Maintenance And Management Of Digital Transmission (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a data layered generation method based on fuzzy testing of an industrial control protocol. The data layered generation method comprises the following steps of: (1), performing data layering according to a network protocol or a service requirement; (2), respectively loading script configuration files in various levels; (3), analyzing the script configuration files, and generating variables in different data types; (4), sequentially generating fuzzy testing data according to the increasing level sequence of the script configuration files; (5), stitching data generated in all the levels, so that a complete data packet is formed; and (6), sending the packaged data packet to tested equipment. The data layered generation method disclosed by the invention has the advantages that: a protocol is decomposed into multiple layers; the protocol data generation complexity is reduced; protocol data in each layer can correspond to multiple script configuration files; therefore, supports are provided for data diversity; the script configuration files can be freely combined; therefore, more service requirements can be satisfied; repetitive workloads are unnecessary; and accumulation of a fuzzy testing database is facilitated.
Description
Technical field
The present invention relates to the data hierarchy generation method based on industry control agreement fuzz testing, belong to industrial control technology neck
Domain.
Background technology
At present, with the continuous mixing together of industrialization and IT application process, increasing information technology application is arrived
Industrial circle.Meanwhile, due to the widely used general software and hardware of industrial control system and the network facilities, and and business administration
Information system integrated, lead to industrial control system more and more open, and and corporate intranet, even create with the Internet
Data exchange.So opening industry control bug excavation for industrial control equipment.For example, Application No. CN99804465.2 is special
Profit discloses the data source that a kind of data distributing system includes several and can send data item, and can be from several data sources
The data item of reception is simultaneously sold to the data selling of user by receiving data item.Data selling is included by user
Operation selects the data selection means of desired data item;Select to preserve data selection from several data sources according to specific criteria
The data source capability device of that data source of the data item selected by device;It is connected with data source capability device, receive number
Data sink according to the data item selected by the selecting device of source;It is removably mounted on above with external memory device, by number
Write the data update apparatus of external memory device according to the data item that reception device receives.
For example, the patent of Application No. CN201080054629.4 discloses a kind of data wire, including line main body and with
The interface that its two ends connects, described line main body includes:Ground floor pipe, its outer surface is provided with a card and puts device, and described card puts device
A pair of clamp group relative to each other including the circumferencial direction setting along described ground floor pipe;Spring, it is coaxially set in institute
State in ground floor pipe, and separated by a distance, it is filled with spongy layer between described spring and described ground floor pipe, described spongy layer
In be uniformly embedded with multiple inside be in hollow ball;Second layer pipe, it is coaxially set in described spring;Multiple heart yearns,
It is located in described second layer pipe;The present invention puts device by being provided with a card in data wire spaced surface, and data wire is rolled over
Stacked coiling, then will progressively block positioned at data wire and be placed on card to put in device, after all block discharge finish after, long data line is formed
Rugosity.For example, the patent of Application No. CN200810216084.7 discloses composition and the behaviour of a hand-held data input device
Make mode.It is point two groups of integrated input modules on the not ipsilateral of handheld device, wherein first group is located at the inner side or interior of equipment
Upside, specializes in thumb manipulation;Second group is located at the outside of equipment, specializes in four finger operations.Two input groups are made by the cooperating of the five fingers
Each part in part completes required movement.Again required movement is changed into independent electric signal output, to complete basic data shifting
The frequent batch input of disorder of internal organs.Data handss have abandoned the plane space distribution of button, have vacateed modern handsets valuable just
Face area;Play four finger functions beyond thumb, liberate another handss.Can allow user more quickly hand-held
Frequent, complicated, batch information input is completed on equipment.
For example, the patent of Application No. CN201010231735.7 discloses a kind of data card, including master chip, switch and
Input/output interface.Input/output interface from main frame receiving voltage signal and control signal, and by voltage signal and control signal
It is sent to switch.When described control signal is high level signal, switch conduction, voltage signal is transferred into main core via switch
Piece, causes master chip to enable general series buss function.When control signal is for low level signal, switch off, master chip is not
Can be powered, cause master chip to close general series buss function.Above-mentioned data card passes through leading of control signal controlling switch
On-off is opened, and then controls master chip to enable or close general series buss function.For example, Application No.
The patent of CN201310644047.7 discloses a kind of data wire, including housing, USB joint, data cable connector data cable,
It is provided with elastic rotary wheel, around being located on elastic rotary wheel, housing is respectively arranged at two ends with first interface to data cable in described housing
And second interface, data cable is connected through first interface with USB joint, and data cable passes through second interface and data cable connector
It is connected, first interface side is provided with the sheath body being adapted with USB joint, second interface side is provided with and is adapted with data cable connector
Sheath body.
In sum, the technical foundation of bug excavation is fuzz testing, the fuzz testing framework increased income at present have a lot, than
As sully, peach, the Test data generation of all of at present traditional Open Framework is all disposable generation, such life
The main shortcoming of one-tenth mode is as follows:
1st, due to current most industry agreement be all framework on ICP/IP protocol stack, so disposably generate data
Mode lead to the complexity of script configuration file to increase.
2nd, the disposable mode generating test data is unfavorable for the reusability of data genaration, both:The data generating every time
Process there are many repeated work.
3rd, it is unfavorable for the accumulation of fuzz testing data base.
The present invention, in order to solve above-mentioned shortcoming, does not adopt the side of overall generation when carrying out Test data generation
Formula, but layering is carried out according to the layering of agreement itself and generates, advantage of this is that, the protocol data of each layer generates phase
Mutually independent, each level can form a rule base, so can come as needed to come to using different rules
Generate different data, the maximum benefit of this way is the complexity just reducing different layers data genaration rule.
For example, if data is divided into 5 layers, every layer of gauge is then 10,9,8,7,6 respectively, then according to traditional data
Generating mode, needs the script configuration file generating to be 10*9*8*7*6=30240, if needed by the way of layering
Script configuration file is 10+9+8+7+6=40.As can be seen here using the mode that is divided into and not stratified mode answering in data genaration
Difference on miscellaneous degree is very big.
Content of the invention
It is an object of the invention to provide a kind of can overcome above-mentioned technical problem based on industry control agreement fuzz testing
Data hierarchy generation method, it is an object of the invention to providing a kind of effective mode solving fuzz testing data genaration, uses
Agreement is carried out layered shaping, and then so that the generation of protocol data is had reusable, facilitate the accumulation of test database.Number
According to can be layered according to procotol, or it is layered by user-defined mode, one script of every layer of generation
Configuration file, the present invention can generate different fuzz testing data by the combination of script configuration file.
The present invention is comprised the following steps based on the data hierarchy generation method of industry control agreement fuzz testing:
(1) data hierarchy is carried out according to procotol or business demand.
(2) load the script configuration file of each level respectively.
(3) parsing script configuration file, and generate the variable of different types of data.
(4) level according to script configuration file, sequentially generates fuzz testing data from low to high order.
(5) data that all levels of splicing generate forms a complete packet.
(6) packaged packet is sent to equipment under test.
It is an advantage of the invention that:
1st, agreement resolves into multilamellar, reduces the complexity of protocol data generation.
2nd, every layer of protocol data can correspond to multiple script configuration files, and the multiformity for data provides support.
3rd, script configuration file can be optionally combined, and disclosure satisfy that more business demands and the work that need not repeat
Measure.
4th, be conducive to the accumulation of fuzz testing data base.
Brief description
Fig. 1 is the schematic flow sheet of the data hierarchy generation method based on industry control agreement fuzz testing of the present invention;
Fig. 2 is osi model schematic diagram.
Specific embodiment
Below in conjunction with the accompanying drawings embodiments of the present invention are described in detail.As shown in figure 1,
The present invention is comprised the following steps based on the data hierarchy generation method of industry control agreement fuzz testing:
(1) data hierarchy is carried out according to procotol or business demand.
(2) load the script configuration file of each level respectively.
(3) parsing script configuration file, and generate the variable of different types of data.
(4) level according to script configuration file, sequentially generates fuzz testing data from low to high order.
(5) data that all levels of splicing generate forms a complete packet.
(6) packaged packet is sent to equipment under test.
Because ModbusTCP agreement is a kind of industry control agreement constructed on ICP/IP protocol, so assisting to ModbusTCP
The data genaration of the fuzz testing of view must include the support of ICP/IP protocol stack;Below taking ModbusTCP agreement as a example to this
Invention is described in detail.
Osi model schematic diagram as shown in Figure 2, according to OSI seven layer model carry out layering can be divided into data link layer,
Internet, transport layer, session layer, expression layer, physical layer and application layer.Can enter according to concrete condition when practical application
Row layering.
The present invention is comprised the following steps based on the data hierarchy generation method of industry control agreement fuzz testing:
(1) data is layered, according to OSI seven layer model, can ModbusTCP protocol hierarchy data link layer,
Internet, transport layer, physical layer and application layer.
(2) the script configuration file that each layer is carried out with fuzz testing is write.
(3) script configuration file is loaded into fuzz testing framework.
(4) parsing script configuration file generates different types of variable.
(5) from low to high the generation of data is carried out to each layer of script configuration file.
(6) data splicing each layer forms a complete packet.
(7) packet is sent.
The present invention based on the data hierarchy generation method of industry control agreement fuzz testing be not limited only to such layering additionally it is possible to
Flexibly it is layered according to concrete business, for example, application layer protocol can be divided into several levels to reduce script to be respectively described
The complexity of configuration file and the reusability improving script configuration file.
The present invention flexibly can be layered according to different application scenarios, and for example MMS belongs to application layer protocol, but
MMS itself has divided several levels again, and such layering equally can carry out layered shaping with the method for this patent, thus
Can be more flexible when generating the test packet of MMS, and workload can be compressed significantly.
The above, the only specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, and any
Those familiar with the art in scope disclosed by the invention, the change or replacement that can readily occur in, all should contain
Lid is within the scope of the invention as claimed.
Claims (5)
1. the data hierarchy generation method based on industry control agreement fuzz testing, it is characterised in that carrying out layered shaping to agreement, is entered
And make protocol data generation have reusable to facilitate the accumulation of test database;Data can be carried out according to procotol
Layering, one script configuration file of every layer of generation, different fuzz testing data are generated by the combination of script configuration file.
2. the data hierarchy generation method based on industry control agreement fuzz testing according to claim 1 is it is characterised in that wrap
Include following steps:
(1) data hierarchy is carried out according to procotol or business demand;
(2) load the script configuration file of each level respectively;
(3) parsing script configuration file, and generate the variable of different types of data;
(4) level according to script configuration file, sequentially generates fuzz testing data from low to high order;
(5) data that all levels of splicing generate forms a complete packet;
(6) packaged packet is sent to equipment under test.
3. the data hierarchy generation method based on industry control agreement fuzz testing according to claim 1 is it is characterised in that count
According to can also be layered by user-defined mode.
4. the data hierarchy generation method based on industry control agreement fuzz testing according to claim 1 is it is characterised in that every
The protocol data of layer can correspond to multiple script configuration files.
5. the data hierarchy generation method based on industry control agreement fuzz testing according to claim 1 or 2 any one, its
It is characterised by, described script configuration file can be optionally combined.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610872299.9A CN106412067B (en) | 2016-09-30 | 2016-09-30 | Data hierarchy generation method based on industry control agreement fuzz testing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610872299.9A CN106412067B (en) | 2016-09-30 | 2016-09-30 | Data hierarchy generation method based on industry control agreement fuzz testing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106412067A true CN106412067A (en) | 2017-02-15 |
| CN106412067B CN106412067B (en) | 2019-02-15 |
Family
ID=59229266
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610872299.9A Active CN106412067B (en) | 2016-09-30 | 2016-09-30 | Data hierarchy generation method based on industry control agreement fuzz testing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106412067B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107835102A (en) * | 2017-10-19 | 2018-03-23 | 北京威努特技术有限公司 | One kind decomposes and decomposed fuzz testing method for protocol characteristic |
| CN109104335A (en) * | 2018-08-27 | 2018-12-28 | 广东电网有限责任公司 | A kind of industrial control equipment network attack test method and system |
| CN110505111A (en) * | 2019-07-09 | 2019-11-26 | 杭州电子科技大学 | The industry control agreement fuzz testing method reset based on flow |
| CN110825630A (en) * | 2019-10-31 | 2020-02-21 | 浙江国利信安科技有限公司 | Vulnerability mining method and device |
| CN112395209A (en) * | 2021-01-21 | 2021-02-23 | 博智安全科技股份有限公司 | Industrial control protocol fuzzy test case generation method, device, equipment and storage medium |
| CN112449151A (en) * | 2019-09-05 | 2021-03-05 | 中移物联网有限公司 | Data generation method, device and computer readable storage medium |
| CN112579248A (en) * | 2019-09-27 | 2021-03-30 | 北京国双科技有限公司 | Data generation method and device |
| CN112948235A (en) * | 2021-01-28 | 2021-06-11 | 维沃移动通信有限公司 | Data packet generation method and device and electronic equipment |
| CN113872919A (en) * | 2020-06-30 | 2021-12-31 | 华为技术有限公司 | Vulnerability scanning method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103164331A (en) * | 2011-12-15 | 2013-06-19 | 阿里巴巴集团控股有限公司 | Vulnerability detecting method and device of application program |
| CN103492890A (en) * | 2011-03-09 | 2014-01-01 | 英特尔公司 | A functional fabric based test wrapper for circuit testing of ip blocks |
| CN104142888A (en) * | 2014-07-14 | 2014-11-12 | 北京理工大学 | Regularization state machine model design method with stateful protocol |
| CN104320312A (en) * | 2014-11-20 | 2015-01-28 | 国家电网公司 | Network application safety test tool and fuzz test case generation method and system |
-
2016
- 2016-09-30 CN CN201610872299.9A patent/CN106412067B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103492890A (en) * | 2011-03-09 | 2014-01-01 | 英特尔公司 | A functional fabric based test wrapper for circuit testing of ip blocks |
| CN103164331A (en) * | 2011-12-15 | 2013-06-19 | 阿里巴巴集团控股有限公司 | Vulnerability detecting method and device of application program |
| CN104142888A (en) * | 2014-07-14 | 2014-11-12 | 北京理工大学 | Regularization state machine model design method with stateful protocol |
| CN104320312A (en) * | 2014-11-20 | 2015-01-28 | 国家电网公司 | Network application safety test tool and fuzz test case generation method and system |
Non-Patent Citations (2)
| Title |
|---|
| 李航,等: "基于fuzzing测试的工业控制协议漏洞挖掘技术研究", 《电子技术应用》 * |
| 李进东,等: "基于协议分析与模糊测试的SIP漏洞挖掘研究", 《计算机工程》 * |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107835102B (en) * | 2017-10-19 | 2021-02-09 | 北京威努特技术有限公司 | Method for decomposing protocol characteristics and decomposing fuzzy test |
| CN107835102A (en) * | 2017-10-19 | 2018-03-23 | 北京威努特技术有限公司 | One kind decomposes and decomposed fuzz testing method for protocol characteristic |
| CN109104335A (en) * | 2018-08-27 | 2018-12-28 | 广东电网有限责任公司 | A kind of industrial control equipment network attack test method and system |
| CN110505111A (en) * | 2019-07-09 | 2019-11-26 | 杭州电子科技大学 | The industry control agreement fuzz testing method reset based on flow |
| CN110505111B (en) * | 2019-07-09 | 2020-12-01 | 杭州电子科技大学 | Industrial control protocol fuzzy test method based on flow playback |
| CN112449151B (en) * | 2019-09-05 | 2023-04-14 | 中移物联网有限公司 | Data generation method, device and computer readable storage medium |
| CN112449151A (en) * | 2019-09-05 | 2021-03-05 | 中移物联网有限公司 | Data generation method, device and computer readable storage medium |
| CN112579248A (en) * | 2019-09-27 | 2021-03-30 | 北京国双科技有限公司 | Data generation method and device |
| CN110825630A (en) * | 2019-10-31 | 2020-02-21 | 浙江国利信安科技有限公司 | Vulnerability mining method and device |
| CN110825630B (en) * | 2019-10-31 | 2023-04-21 | 浙江国利信安科技有限公司 | Vulnerability mining method and device |
| CN113872919A (en) * | 2020-06-30 | 2021-12-31 | 华为技术有限公司 | Vulnerability scanning method and device |
| CN113872919B (en) * | 2020-06-30 | 2022-11-22 | 华为技术有限公司 | Vulnerability scanning method and device |
| CN112395209A (en) * | 2021-01-21 | 2021-02-23 | 博智安全科技股份有限公司 | Industrial control protocol fuzzy test case generation method, device, equipment and storage medium |
| CN112948235A (en) * | 2021-01-28 | 2021-06-11 | 维沃移动通信有限公司 | Data packet generation method and device and electronic equipment |
| CN112948235B (en) * | 2021-01-28 | 2024-03-22 | 维沃移动通信有限公司 | Data packet generation method and device and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106412067B (en) | 2019-02-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106412067A (en) | Data layered generation method based on fuzzy testing of industrial control protocol | |
| CN105965179B (en) | A kind of boat hull welding process auxiliary programming system and method | |
| CN109240818A (en) | Task discharging method based on user experience in a kind of edge calculations network | |
| CN110311987A (en) | Node scheduling method, apparatus, equipment and the storage medium of microserver | |
| CN109471706A (en) | A kind of response method and system of testing test | |
| CN106548670A (en) | Online teaching platform and online teaching method | |
| CN108804322A (en) | Automated testing method, device, computer equipment and storage medium | |
| CN106202284A (en) | The system and method for questionnaire is quickly collected in a kind of mobile phone games | |
| CN109634861A (en) | Test method, device, processor and the terminal of network game protocols | |
| CN110430444A (en) | A kind of video stream processing method and system | |
| CN107770786A (en) | A kind of method of testing of network performance, equipment and system | |
| CN107766424A (en) | A kind of Data Mining management method, system, electronic equipment and storage medium | |
| CN106330560B (en) | Realize that the method and device of interior switching server is arranged in system when IOS system testing | |
| CN107229628A (en) | The method and device of distributed data base pretreatment | |
| CN105446203B (en) | A kind of robot power supply control method and system | |
| Kim et al. | Genetic reinforcement learning approach to the machine scheduling problem | |
| CN107844536A (en) | The methods, devices and systems of application program selection | |
| CN109726279A (en) | A kind of data processing method and device | |
| CN106506359A (en) | A kind of self-defined tissue middleware of network of name central site network | |
| CN206775540U (en) | Energy information system | |
| CN107294746A (en) | A kind of method and apparatus of deployment business | |
| CN106294146B (en) | Parameter replacement test method and device | |
| CN109034738A (en) | A kind of online approval system of prefabricated stream customizedization | |
| CN108092800A (en) | Industrial real-time intelligent network architecture model based on SDN meta-models | |
| CN107888957A (en) | A kind of method and television set of RTV remote television game |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |