白丝美女被狂躁免费视频网站,500av导航大全精品,yw.193.cnc爆乳尤物未满,97se亚洲综合色区,аⅴ天堂中文在线网官网

Apparatus and method for transmitting fuzzing data for one-way protocol software fuzzing

專利號
US11176011B2
公開日期
2021-11-16
申請人
ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE(KR Daejeon)
發(fā)明人
Gae-Il An; Won-Jun Song; Yang-Seo Choi
IPC分類
G06F11/00; G06F11/263; G06F11/22
技術(shù)領(lǐng)域
fuzzing,target,data,way,may,usage,cpu,unit,step,execution
地域: Daejeon

摘要

Disclosed herein are an apparatus and method for transmitting fuzzing data. The apparatus may include one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may collect context information pertaining to a one-way fuzzing target device that uses a one-way protocol, may determine the execution state of the one-way fuzzing target device by analyzing the context information, and may transmit fuzzing data to the one-way fuzzing target device based on the result of determination of the execution state.

說明書

CROSS REFERENCE TO RELATED APPLICATION

This application claims the benefit of Korean Patent Application No. 10-2019-0157664, filed Nov. 29, 2019, which is hereby incorporated by reference in its entirety into this application.

BACKGROUND OF THE INVENTION 1. Technical Field

The present invention relates generally to fuzzing technology, and more particularly to technology for monitoring a fuzzing execution state and dynamically transmitting fuzzing data.

2. Description of the Related Art

Among various methods for testing for security vulnerabilities in computer software, fuzzing is frequently used. Fuzzing is a method for finding bugs or security vulnerabilities by randomly inputting data to a computer program in order to incur an error or crash therein and analyzing the causes of an error or a crash when the error or crash is actually incurred in response to the data.

The conventional method performed by a fuzzing system is aimed at software using a request-response protocol. Because a fuzzing target returns a response message whenever it receives data, a fuzzer may easily determine, through the response message, the time at which to transmit fuzzing data and whether the fuzzing target is terminated. Also, the fuzzer may determine whether the fuzzing data is effective by analyzing the response message. If no response message is received from the fuzzing target for a preset time period, the fuzzer may determine that the fuzzing target is terminated, and may acquire information at the time of incidence of a crash in the fuzzing target (e.g., register information) from a target-monitoring module by requesting the same.

權(quán)利要求

1
What is claimed is:1. An apparatus for transmitting fuzzing data, comprising:one or more processors; andexecutable memory for storing at least one program executed by the one or more processors,wherein the at least one program is configured tocollect context information pertaining to a one-way fuzzing target device that uses a one-way protocol,determine an execution state of the one-way fuzzing target device by analyzing the context information, andtransmit fuzzing data to the one-way fuzzing target device based on a result of determining the execution state,wherein the at least one program collects at least one of a CPU usage of the one-way fuzzing target device, a change in a size of memory, a CPU usage of a network task, and data that the one-way fuzzing target device transmits to a target counterpart device, andwherein the at least one program determines that the fuzzing data is effective when the size of the memory is changed, and determines that the fuzzing data is not effective when the size of the memory is not changed.2. The apparatus of claim 1, wherein the at least one program determines effectiveness of the fuzzing data and whether the one-way fuzzing target device operates normally.3. The apparatus of claim 2, wherein the at least one program sets a transmission rate of the fuzzing data based on the CPU usage of the one-way fuzzing target device and the CPU usage of the network task.4. The apparatus of claim 2, wherein the at least one program determines the effectiveness of the fuzzing data based on whether the data that the one-way fuzzing target device transmits to the target counterpart device is collected.5. The apparatus of claim 2, wherein the at least one program transmits test fuzzing data, corresponding to effective fuzzing data, to the one-way fuzzing target device when it is determined that the fuzzing data is effective, and determines whether the one-way fuzzing target device operates normally based on whether the data that the one-way fuzzing target device transmits to the target counterpart device is collected.6. The apparatus of claim 5, wherein the at least one program transmits the fuzzing data at a current transmission rate when it is determined that the fuzzing data is effective, and transmits the fuzzing data after changing a transmission rate to a maximum transmission rate when it is determined that the fuzzing data is not effective.7. A method for transmitting fuzzing data, performed by a fuzzing data transmission apparatus, comprising:collecting context information pertaining to a one-way fuzzing target device that uses a one-way protocol;determining an execution state of the one-way fuzzing target device by analyzing the context information; andtransmitting fuzzing data to the one-way fuzzing target device based on a result of determining the execution state,wherein collecting the context information is configured to collect at least one of a CPU usage of the one-way fuzzing target device, a change in a size of memory, a CPU usage of a network task, and data that the one-way fuzzing target device transmits to a target counterpart device, andwherein determining the execution state is configured to determine that the fuzzing data is effective when the size of the memory is changed and to determine that the fuzzing data is not effective when the size of the memory is not changed.8. The method of claim 7, wherein determining the execution state is configured to determine effectiveness of the fuzzing data and whether the one-way fuzzing target device operates normally.9. The method of claim 8, wherein determining the execution state is configured to set a transmission rate of the fuzzing data based on the CPU usage of the one-way fuzzing target device and the CPU usage of the network task.10. The method of claim 8, wherein determining the execution state is configured to determine the effectiveness of the fuzzing data based on whether the data that the one-way fuzzing target device transmits to the target counterpart device is collected.11. The method of claim 8, wherein determining the execution state is configured to:transmit test fuzzing data, corresponding to effective fuzzing data, to the one-way fuzzing target device when it is determined that the fuzzing data is effective; anddetermine whether the one-way fuzzing target device operates normally based on whether the data that the one-way fuzzing target device transmits to the target counterpart device is collected.12. The method of claim 11, wherein transmitting the fuzzing data is configured to:transmit the fuzzing data at a current transmission rate when it is determined that the fuzzing data is effective, andtransmit the fuzzing data after changing a transmission rate to a maximum transmission rate when it is determined that the fuzzing data is not effective.
微信群二維碼
意見反饋