Skip to main content
SpringerLink
Log in

Modeling the search for vulnerabilities via the fuzzing method using an automation representation of network protocols

  • Published:
Automatic Control and Computer Sciences Aims and scope Submit manuscript

Abstract

Currently, fuzzing is one of the most popular methods of revealing security problems of programs, information systems, network protocols, and web resources. A formal description of network protocols as a set of the processes of switching between states has been proposed, as well as an approach to fuzzing process modeling that allows one to detect network protocol vulnerabilities based on input data generation and the analysis of network protocol process states.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. http://www.beyondsecurity.com/bestorm_fuzzing_QA_buffer_overflow.html. Cited May 20, 2013.

  2. Gorbunov, S. and Rosenbloom, A., Autofuzz: Automated Network Protocol Fuzzing Framework, Mississauga, Ontario: University of Toronto Mississauga.

  3. Makarov, A.N., Method for automated search of program errors in algorithms for processing of complexly structured data, Prikl. Diskretn. Mat., 2009, no. 3.

  4. Tsipenyuk, K., Chess, B., and McGraw, G., Seven pernicious kingdoms: A taxonomy of software security errors, IEEE Secur. Priv., 2005, vol. 3, no. 6, pp. 81–84.

    Article  Google Scholar 

  5. Pothamsetty, V. and Akyol, B.A., A vulnerability taxonomy for network protocols: Corresponding engineering best practice countermeasures, in Communications, Internet, and Information Technology, IASTED/ACTA Press, 2004, pp. 168–175.

    Google Scholar 

  6. Whalen, S., Bishop, M., and Engle, S., Protocol Vulnerability Analysis, 2005.

    Google Scholar 

  7. http://ru.wikipedia.org/wiki/%D0%9F%D0%B5%D1%80%D0%B5%D0%BF%D0%BE%D0%BB%D0%BD% D0%B5%D0%BD%D0%B8%D0%B5_%D0%B1%D1%83%D1%84%D0%B5%D1%80%D0%B0. Cited May 20, 2013.

  8. http://peachfuzzer.com/. Cited May 20, 2013.

  9. http://hotfuzz.sourceforge.net/. Cited May 20, 2013.

Download references

Author information

Authors and Affiliations

  1. Peter the Great St. Petersburg Polytechnic University, St. Petersburg, Russia

    A. I. Pechenkin & D. S. Lavrova

Authors
  1. A. I. Pechenkin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. D. S. Lavrova
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to A. I. Pechenkin.

Additional information

Original Russian Text © A.I. Pechenkin, D.S. Lavrova, 2015, published in Problemy Informatsionnoi Bezopasnosti. Komp’yuternye Sistemy.

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Pechenkin, A.I., Lavrova, D.S. Modeling the search for vulnerabilities via the fuzzing method using an automation representation of network protocols. Aut. Control Comp. Sci. 49, 826–833 (2015). https://doi.org/10.3103/S0146411615080325

Download citation

  • Received:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.3103/S0146411615080325

Keywords

Search

Navigation