论文信息 - Identifying Vulnerabilities in SCADA Systems via Fuzz-Testing

Identifying Vulnerabilities in SCADA Systems via Fuzz-Testing

Security vulnerabilities typically arise from bugs in input validation and in the application logic. Fuzz-testing is a popular security evaluation technique in which hostile inputs are crafted and passed to the target software in order to reveal bugs. However, in the case of SCADA systems, the use of proprietary protocols makes it difficult to apply existing fuzz-testing techniques as they work best when the protocol semantics are known, targets can be instrumented and large network traces are available. This paper describes a fuzz-testing solution involving LZFuzz, an inline tool that provides a domain expert with the ability to effectively fuzz SCADA devices.

[1] Dawson R. Engler,et al. EXE: automatically generating inputs of death , 2006, CCS '06.

[2] Duminda Wijesekera,et al. Status-Based Access Control , 2008, TSEC.

[3] Barton P. Miller,et al. An empirical study of the reliability of UNIX utilities , 1990, Commun. ACM.

[4] Zachary N. J. Peterson,et al. Analysis of Mutation and Generation-Based Fuzzing , 2007 .

[5] Sergey Bratus,et al. LZfuzz: a fast compression-based fuzzer for poorly documented protocols , 2008 .

[6] Abraham Lempel,et al. A universal algorithm for sequential data compression , 1977, IEEE Trans. Inf. Theory.

[7] Exploiting 802 . 11 Wireless Driver Vulnerabilities on Windows Nov , 2007 .

[8] Ian H. Witten,et al. Identifying Hierarchical Structure in Sequences: A linear-time algorithm , 1997, J. Artif. Intell. Res..