College of Computer Science, Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China.
Sensors (Basel). 2020 Apr 5;20(7):2040. doi: 10.3390/s20072040.
Vulnerability mining technology is used for protecting the security of industrial control systems and their network protocols. Traditionally, vulnerability mining methods have the shortcomings of poor vulnerability mining ability and low reception rate. In this study, a test case generation model for vulnerability mining of the Modbus TCP based on an anti-sample algorithm is proposed. Firstly, a recurrent neural network is trained to learn the semantics of the protocol data unit. The softmax function is used to express the probability distribution of data values. Next, the random variable threshold and the maximum probability are compared in the algorithm to determine whether to replace the current data value with the minimum probability data value. Finally, the Modbus application protocol (MBAP) header is completed according to the protocol specification. Experiments using the anti-sample fuzzer show that it not only improves the reception rate of test cases and the ability to exploit vulnerabilities, but also detects vulnerabilities of industrial control protocols more quickly.
漏洞挖掘技术用于保护工业控制系统及其网络协议的安全。传统的漏洞挖掘方法存在漏洞挖掘能力差、接收率低的缺点。本研究提出了一种基于反样本算法的 Modbus TCP 漏洞挖掘测试用例生成模型。首先,训练一个递归神经网络来学习协议数据单元的语义。使用 softmax 函数来表示数据值的概率分布。然后,在算法中比较随机变量阈值和最大概率,以确定是否用最小概率数据值替换当前数据值。最后,根据协议规范完成 Modbus 应用协议 (MBAP) 头。使用反样本模糊测试的实验表明,它不仅提高了测试用例的接收率和漏洞利用能力,而且能够更快地检测工业控制协议的漏洞。
