HuiHui He and YongJun Wang, National University of Defense Technology ChangSha, China

Due to the interactivity of stateful network protocol, network protocol fuzzing has higher blindness and lower testcase validity. The existing blackbox-based fuzzing has the disadvantages of high randomness and blindness. The manual description of protocol specification which requires more expert knowledge, is tedious and does not support the protocol without public document, which limits the effect of current network protocol fuzzer. In this paper, we present PNFUZZ, a fuzzer that adopts the state inference based on packet clustering algorithm and coverage oriented mutation strategy. We train a clustering model through the target protocol packet, and use the model to identify the server’s protocol state, thereby optimizing the process of testcase generation. The experimental results show that the proposed approach has a certain improvement in fuzzing effect.

Fuzzing, Software Vulnerabilities, Network Protocol, Network Packet Clustering.