Improved Modbus/TCP Multi-dimensional Fuzzing Test Method

The security problem of industrial control network protocols has been widely concerned in the industrial field. Modbus/TCP is widely used in the industrial control networks and is vulnerable to denial of service and other vulnerabilities. The traditional test method of Modbus/TCP protocol only mutates a single field, and does not optimize the protocol format, which leads to the problems which caused by multi-dimensional input cannot be effectively tested and finally the test efficiency is low. In this paper, an improved variation region selection strategy and a Multi-dimensional fuzzing test method are proposed. A mutation factor database based on the mutation region selection strategy is constructed, and the range of fuzzing test variation is narrowed by means of multiple sequence alignment. At the same time, the adaptive mutation factor is added to make the selection of mutation data and fields more specific. Experimental results show that, comparing with the traditional method and Peach, the method introduced in this paper can effectively reduce redundancy and improve the testing efficiency.

[1]  Hui Liu,et al.  A vulnerability detecting method for Modbus-TCP based on smart fuzzing mechanism , 2015, 2015 IEEE International Conference on Electro/Information Technology (EIT).

[2]  Stefano Marrone,et al.  Formal security assessment of Modbus protocol , 2016, 2016 11th International Conference for Internet Technology and Secured Transactions (ICITST).

[3]  Stavros A. Koubias,et al.  A Modbus/TCP Fuzzer for testing internetworked industrial systems , 2015, 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA).

[4]  Yong Tang,et al.  Using a bioinformatics approach to generate accurate exploit-based signatures for polymorphic worms , 2009, Comput. Secur..

[5]  Taeshik Shon,et al.  Grammar-based adaptive fuzzing: Evaluation on SCADA modbus protocol , 2016, 2016 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[6]  Yuqing Zhang,et al.  A research on vulnerability discovering for router protocols based on fuzzing , 2012, 7th International Conference on Communications and Networking in China.

[7]  Khaled Salah,et al.  A Modbus traffic generator for evaluating the security of SCADA systems , 2014, 2014 9th International Symposium on Communication Systems, Networks & Digital Sign (CSNDSP).

[8]  Christus,et al.  A General Method Applicable to the Search for Similarities in the Amino Acid Sequence of Two Proteins , 2022 .

[9]  Guo Fan,et al.  Polymorphic worms signature extraction based-on improved ant colony algorithm , 2014, 2014 9th International Conference on Computer Science & Education.

[10]  Hua Zhang,et al.  Improve Peach: Making Network Protocol Fuzz Testing more Precisely , 2014 .

[11]  Mark A. Gondree,et al.  DoS Exploitation of Allen-Bradley's Legacy Protocol through Fuzz Testing , 2017, ICSS.

[12]  E. J. Byres,et al.  On shaky ground - A study of security vulnerabilities in control protocols , 2006 .

[13]  João Paulo S. Medeiros,et al.  Analysis of Malicious Traffic in Modbus/TCP Communications , 2008, CRITIS.

[14]  Pedram Amini,et al.  Fuzzing: Brute Force Vulnerability Discovery , 2007 .

[15]  S. B. Needleman,et al.  A general method applicable to the search for similarities in the amino acid sequence of two proteins. , 1970, Journal of molecular biology.

[16]  Vahid Madani,et al.  Protocol mutation intrusion detection for synchrophasor communications , 2013, CSIIRW '13.