Methods, systems, and computer readable media for converging on network protocol stack vulnerabilities using fuzzing variables, vulnerability ratings and progressive convergence
First Claim
1. A method for converging on network protocol stack vulnerabilities using fuzzing variables, vulnerability ratings and progressive convergence, the method comprising:
- defining an initial protocol field and field value space for fuzz testing of a network communications protocol stack implementation;
dividing the initial protocol field and field value space into regions corresponding to combinations of protocol fields and field values;
assigning vulnerability ratings to at least some of the regions;
executing fuzz testing of the network communications protocol stack implementation using the fields and field values defined by the regions;
updating the vulnerability ratings of the regions based on results of the testing;
identifying, based on the updated vulnerability ratings, at least one region with a higher vulnerability rating than other regions; and
dividing the at least one region into sub-regions and performing fuzz testing of the sub-regions, wherein performing fuzz testing for the sub-regions includes;
identifying at least one sub-region with a higher vulnerability rating than other sub-regions;
determining whether violation causing parameter values are sufficiently localized in the at least one sub-region; and
in response to determining that the violation causing parameter values are not sufficiently localized in the at least one sub-region, dividing the sub-region into sub-regions and performing fuzz testing for the sub-regions.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for progressive convergence on network protocol stack vulnerabilities includes defining an initial protocol field and field value space for fuzz testing of a network communications protocol stack implementation. The method further includes dividing the initial space into regions corresponding to combinations of protocol fields and field values. The method further includes assigning vulnerability ratings to at least some of the regions. The method further includes executing fuzz testing of the network communications protocol stack implementation using the protocol fields and field values corresponding to the regions. The method further includes updating the vulnerability ratings of the regions based on results of the testing. The method further includes identifying, based on the updated vulnerability ratings, at least one region with a higher vulnerability rating than other regions. The method further includes performing fuzz testing for the sub-regions.
60 Citations
18 Claims
-
1. A method for converging on network protocol stack vulnerabilities using fuzzing variables, vulnerability ratings and progressive convergence, the method comprising:
-
defining an initial protocol field and field value space for fuzz testing of a network communications protocol stack implementation; dividing the initial protocol field and field value space into regions corresponding to combinations of protocol fields and field values; assigning vulnerability ratings to at least some of the regions; executing fuzz testing of the network communications protocol stack implementation using the fields and field values defined by the regions; updating the vulnerability ratings of the regions based on results of the testing; identifying, based on the updated vulnerability ratings, at least one region with a higher vulnerability rating than other regions; and dividing the at least one region into sub-regions and performing fuzz testing of the sub-regions, wherein performing fuzz testing for the sub-regions includes; identifying at least one sub-region with a higher vulnerability rating than other sub-regions; determining whether violation causing parameter values are sufficiently localized in the at least one sub-region; and in response to determining that the violation causing parameter values are not sufficiently localized in the at least one sub-region, dividing the sub-region into sub-regions and performing fuzz testing for the sub-regions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for converging on network protocol stack vulnerabilities using fuzzing variables, vulnerability rating and progressive convergence, the system comprising:
-
a computing platform including a processor and a memory; a progressive fuzzer stored in the memory and executed by the processor for defining an initial protocol field and field value space for fuzz testing of a network communications protocol stack implementation and dividing the initial space into regions corresponding to combinations of protocol fields and field values; and a vulnerability ratings module stored in the memory and executed by the processor for assigning vulnerability ratings to at least some of the regions, wherein the progressive fuzzer executes fuzz testing of the network communications protocol stack implementation using the fields and field values defined by the regions, wherein the vulnerability ratings module or the progressive fuzzer updates the vulnerability ratings of the regions based on results of the testing, wherein the progressive fuzzer identifies, based on the updated vulnerability ratings, at least one region with a higher vulnerability rating than other regions, divides the at least one regions into sub-regions and performing fuzz testing of the sub-regions, wherein, in performing the fuzz testing for the sub-regions, the progressive fuzzer; identifies at least one sub-region with a higher vulnerability rating than other sub-regions; determines whether violation causing parameter values are sufficiently localized to the at least one sub-region; and in response to determining that the violation causing parameter values are not sufficiently localized in the at least one identified sub-region, divides the sub-region into sub-regions and performs fuzz testing for the sub-regions of the identified sub-region. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable medium having stored thereon executable instructions that when executed by the processor of a computer control the computer to perform steps comprising:
-
defining an initial protocol field and field value space for fuzz testing of a network communications protocol stack implementation; dividing the initial space into regions corresponding to combinations of protocol fields and field values; assigning vulnerability ratings to at least some of the regions; executing fuzz testing of the network communications protocol stack implementation using the fields and field values defined by the regions; updating the vulnerability ratings of the regions based on results of the testing; identifying, based on the updated vulnerability ratings, at least one region with a higher vulnerability rating than other regions; and dividing the at least one region into sub-regions and performing fuzz testing of the sub-regions, wherein performing fuzz testing for the sub-regions includes; identifying at least one sub-region with a higher vulnerability rating than other sub-regions; determining whether violation causing parameter values are sufficiently localized in the at least one sub-region; and in response to determining that the violation causing parameter values are not sufficiently localized in the at least one sub-region, dividing the sub-region into sub-regions and performing fuzz testing for the sub-regions. - View Dependent Claims (18)
-
Specification