Abstract
A growing awareness is brought that the safety and security of industrial control systems cannot be dealt with in isolation, and the safety and security of industrial control protocols (ICPs) should be considered jointly. Fuzz testing (fuzzing) for the ICP is a common way to discover whether the ICP itself is designed and implemented with flaws and network security vulnerability. Traditional fuzzing methods promote the safety and security testing of ICPs, and many of them have practical applications. However, most traditional fuzzing methods rely heavily on the specification of ICPs, which makes the test process a costly, time-consuming, troublesome and boring task. And the task is hard to repeat if the specification does not exist. In this study, we propose a smart and automated protocol fuzzing methodology based on improved deep convolution generative adversarial network and give a series of performance metrics. An automated and intelligent fuzzing framework BLSTM-DCNNFuzz for application is designed. Several typical ICPs, including Modbus and EtherCAT, are applied to test the effectiveness and efficiency of our framework. Experiment results show that our methodology outperforms the existing ones like General Purpose Fuzzer and other deep learning based fuzzing methods in convenience, effectiveness, and efficiency.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Aitel, D. (2002). The advantages of block-based protocol analysis for security testing. Immunity Inc., February 105:106.
Banks, G., Cova, M., Felmetsger, V., Almeroth, K., Kemmerer, R., & Vigna, G. (2006). Snooze: Toward a stateful network protocol fuzzer. In International conference on information security (pp 343–358). Berlin: Springer.
Bell, R. (2006). Introduction to IEC 61508. In Proceedings of the 10th Australian workshop on safety critical systems and software (Vol. 55, pp. 3–12) Australian Computer Society, Inc.
Bocaniala, C. D., Da Costa, J. S., & Palade, V. (2005). Fuzzy-based refinement of the fault diagnosis task in industrial devices. Journal of Intelligent Manufacturing, 16(6), 599–614.
Böttinger, K., Godefroid, P., & Singh, R. (2018). Deep reinforcement fuzzing. In 2018 IEEE security and privacy workshops (SPW) (pp. 116–122). IEEE.
Carpanzano, E., Ferrucci, L., Mandrioli, D., Mazzolini, M., Morzenti, A., & Rossi, M. (2014). Automated formal verification for flexible manufacturing systems. Journal of Intelligent Manufacturing, 25(5), 1181–1195.
Chockalingam, V., Larson, I., Lin, D., & Nofzinger, S. (2016). Detecting attacks on the can protocol with machine learning. In 8th annual EECS 588 security symposium.
Collins, G. (2019). Pymodbus 2.2.0. https://github.com/riptideio/pymodbus/.
Dai, A. M., & Le, Q. V. (2015). Semi-supervised sequence learning. In Advances in neural information processing systems (pp. 3079–3087).
Dai, Z., Yang, Z., Yang, Y., Carbonell, J., Le, Q. V., & Salakhutdinov, R. (2019). Transformer-xl: Attentive language models beyond a fixed-length context. arXiv preprint arXiv:1901.02860.
Devarajan, G. (2007). Unraveling scada protocols: Using sulley fuzzer. In Defon 15 hacking conference.
Feng, Z. L., & Yu, J. X. (2012). Design and implementation of rs485 bus communication protocol. Computer Engineering 20.
Godefroid, P., Kiezun, A., & Levin, M. Y. (2008). Grammar-based whitebox fuzzing. In Proceedings of the 29th ACM SIGPLAN conference on programming language design and implementation (pp. 206–215).
Godefroid, P., Peleg, H., & Singh, R. (2017). Learn&fuzz: Machine learning for input fuzzing. In 2017 32nd IEEE/ACM international conference on automated software engineering (ASE) (pp. 50–59). IEEE.
Goodfellow, I., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., Courville, A., & Bengio, Y. (2014). Generative adversarial nets. In Advances in neural information processing systems (pp. 2672–2680).
Gulrajani, I., Ahmed, F., Arjovsky, M., Dumoulin, V., & Courville, A. C. (2017). Improved training of wasserstein gans. In Advances in neural information processing systems (pp. 5767–5777).
Guo, T., Zhang, P., Wang, X., & Wei, Q. (2013). Gramfuzz: Fuzzing testing of web browsers based on grammar analysis and structural mutation. In 2013 second international conference on informatics and applications (ICIA) (pp. 212–215). IEEE.
Heusel, M., Ramsauer, H., Unterthiner, T., Nessler, B., & Hochreiter, S. (2017). Gans trained by a two time-scale update rule converge to a local Nash equilibrium. In Advances in neural information processing systems (pp. 6626–6637).
Hodován, R., Kiss, Á., & Gyimóthy, T. (2018). Grammarinator: A grammar-based open source fuzzer. In Proceedings of the 9th ACM SIGSOFT international workshop on automating TEST case design, selection, and evaluation (pp. 45–48). ACM.
Hsiang, S. H., Lin, Y. W., & Lai, J. W. (2012). Application of fuzzy-based taguchi method to the optimization of extrusion of magnesium alloy bicycle carriers. Journal of Intelligent Manufacturing, 23(3), 629–638.
Ioffe, S., & Szegedy, C. (2015). Batch normalization: Accelerating deep network training by reducing internal covariate shift. arXiv preprint arXiv:1502.03167.
Kingma, D. P., & Ba, J. (2014). Adam: A method for stochastic optimization. corr arXiv:1412.6980 (2014)
Levy, O., & Goldberg, Y. (2014). Neural word embedding as implicit matrix factorization. In Advances in neural information processing systems (pp. 2177–2185).
Lucic, M., Kurach, K., Michalski, M., Gelly, S., & Bousquet, O. (2018). Are gans created equal? a large-scale study. In Advances in neural information processing systems (pp. 700–709).
Lunkeit, A., & Schieferdecker, I. (2018). Model-based security testing-deriving test models from artefacts of security engineering. 2018 IEEE international conference on software testing (pp. 244–251). IEEE: Verification and Validation Workshops (ICSTW).
Mack, M. A., Anspach, C. L. A., Lostoski, D. A., Daily, G., Klein, P. J., Bliss, R. E. (2012). Industrial operator interface terminal. US Patent App. 29/393,523.
Miller, B. P., Fredriksen, L., & So, B. (1990). An empirical study of the reliability of unix utilities. Communications of the ACM, 33(12), 32–44.
Miller, B. P., Koski, D., Lee, C. P., Maganty, V., Murthy, R., Natarajan, A., & Steidl, J. (1995). Fuzz revisited: A re-examination of the reliability of unix utilities and services. Tech. rep., Technical Report CS-TR-1995-1268, University of Wisconsin.
Orebaugh, A., Ramirez, G., & Beale, J. (2006). Wireshark & Ethereal network protocol analyzer toolkit. Amsterdam: Elsevier.
Peng, H., Li, J., He, Y., Liu, Y., Bao, M., Wang, L., Song, Y., & Yang, Q. (2018). Large-scale hierarchical text classification with recursively regularized deep graph-CNN. In Proceedings of the 2018 world wide web conference (pp. 1063–1072).
Peroli, M., De Meo, F., Viganò, L., & Guardini, D. (2018). Mobster: A model-based security testing framework for web applications. Software Testing, Verification and Reliability, 28(8), e1685.
Piggin, R. (2013). Development of industrial cyber security standards: Iec 62443 for scada and industrial control system security. In: IET conference on control and automation 2013: Uniting problems and solutions (pp. 1–6). IET.
Pourjavad, E., & Mayorga, R. V. (2019). A comparative study and measuring performance of manufacturing systems with mamdani fuzzy inference system. Journal of Intelligent Manufacturing, 30(3), 1085–1097.
Pratama, M., Dimla, E., Lai, C. Y., & Lughofer, E. (2019). Metacognitive learning approach for online tool condition monitoring. Journal of Intelligent Manufacturing, 30(4), 1717–1737.
Radford, A., Metz, L., & Chintala, S. (2015). Unsupervised representation learning with deep convolutional generative adversarial networks. arXiv preprint arXiv:1511.06434
Rajpal, M., Blum, W., & Singh, R. (2017). Not all bytes are equal: Neural byte sieve for fuzzing. arXiv preprint arXiv:1711.04596.
Roberts, J. D, Jr., Ihnat, J., & Smith, W, Jr. (1972). Microprogrammed control unit (mcu) programming reference manual. ACM Sigmicro Newsletter, 3(3), 18–57.
Salamon, J., & Bello, J. P. (2017). Deep convolutional neural networks and data augmentation for environmental sound classification. IEEE Signal Processing Letters, 24(3), 279–283.
Sun, H. P., Huang, Y., Wang, X. F., Zhang, Y., & Shen, H. B. (2015). Improving accuracy of protein contact prediction using balanced network deconvolution. Proteins: Structure, Function, and Bioinformatics, 83(3), 485–496.
Sutskever, I., Martens, J., Dahl, G., & Hinton, G. (2013). On the importance of initialization and momentum in deep learning. In International conference on machine learning (pp. 1139–1147).
Utting, M., Pretschner, A., & Legeard, B. (2012). A taxonomy of model-based testing approaches. Software Testing, Verification and Reliability, 22(5), 297–312.
Voyiatzis, AG., Katsigiannis, K., & Koubias, S. (2015). A modbus/tcp fuzzer for testing internetworked industrial systems. In 2015 IEEE 20th conference on emerging technologies & factory automation (ETFA) (pp. 1–6). IEEE.
Wollschlaeger, M., Sauter, T., & Jasperneite, J. (2017). The future of industrial communication: Automation networks in the era of the internet of things and industry 4.0. IEEE Industrial Electronics Magazine, 11(1), 17–27.
Yue, G., Ping, G., & Lanxin, L. (2018). An end-to-end model based on cnn-lstm for industrial fault diagnosis and prognosis. In 2018 international conference on network infrastructure and digital content (IC-NIDC) (pp. 274–278). IEEE.
Zhang, X., Zhao, J., & LeCun, Y. (2015). Character-level convolutional networks for text classification. In Advances in neural information processing systems (pp. 649–657).
Zhang, Z., & Chen, S. (2017). Real-time seam penetration identification in arc welding based on fusion of sound, voltage and spectrum signals. Journal of Intelligent Manufacturing, 28(1), 207–218.
Zhou, P., Qi, Z., Zheng, S., Xu, J., Bao, H., & Xu, B. (2016). Text classification improved by integrating bidirectional lstm with two-dimensional max pooling. arXiv preprint arXiv:1611.06639.
Acknowledgements
This work was supported in part by the Shanghai Science and Technology Committee Rising-Star Program under Grant 18QB1402000, and in part by the National Natural Science Foundation of China under Grant No.61772347 and No.61602178.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Lv, W., Xiong, J., Shi, J. et al. A deep convolution generative adversarial networks based fuzzing framework for industry control protocols. J Intell Manuf 32, 441–457 (2021). https://doi.org/10.1007/s10845-020-01584-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10845-020-01584-z