Technical Report: Stateful Fuzzer

With the recent evolution in the VoIP market, where more and more devices and services are being pushed on a very promising market, assuring their security becomes crucial. Among the most dangerous threats to VoIP, failures and bugs in the software implementation will still rank high on the list of vulnerabilities. In this paper we address the issue of detecting such vulnerabilities using a stateful fuzzer. We describe an automated attack approach capable to self-improve and to track the state context of a target device. We implemented our approach and were able to discover vulnerabilities in market leading and well known equipments and software.

[1]  Radu State,et al.  Assessing the security of VoIP Services , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.

[2]  Vtt Publications,et al.  A Functional Method for Assessing Protocol Implementation Security , 2001 .

[3]  L. Li,et al.  Automated Self-Assembly Programming Paradigm: Initial Investigations , 2006, Third IEEE International Workshop on Engineering of Autonomic & Autonomous Systems (EASE'06).

[4]  Bryan Ford,et al.  Parsing expression grammars: a recognition-based syntactic foundation , 2004, POPL '04.

[5]  Boris Beizer,et al.  Software Testing Techniques , 1983 .

[6]  David Lee,et al.  A formal approach for passive testing of protocol data portions , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[7]  Sushil Jajodia,et al.  VoIP Intrusion Detection Through Interacting Protocol State Machines , 2006, International Conference on Dependable Systems and Networks (DSN'06).

[8]  Peter M. Maurer,et al.  Generating test data with enhanced context-free grammars , 1990, IEEE Software.