Automatic network protocol analysis and vulnerability discovery based on symbolic expression

Fuzzing is an efficient method for ensuring software security.However,when one tests network-based software using this method,one may obtain unsatisfied results because of lacking the protocol format.To solve this problem,we propose a new protocol analysis technique based on symbolic expression.We use this technique to translate the crucial code into symbolic expressions and accelerate protocol analysis.In addition,we develop a translation framework which contains the function of automatic protocol format analysis and could export the protocol format to Peach platform.Finally,we apply our framework to analyze one target(eyou client) and obtain good results.