IKEChecker:语法引导的IKE协议有状态模糊测试
TP393; 互联网密钥交换(IKE,internet key exchange)协议用于在IPSec(internet protocol security)协议中进行身份验证和密钥协商,其安全性对保护IP通信至关重要,复杂的协议逻辑导致协议实现中难免存在安全漏洞.模糊测试是检测协议实现中潜在漏洞的有效手段,但将现有模糊测试工具直接应用于IKE协议时,存在生成测试用例质量不高、难以探索深层状态空间等局限性.针对上述问题,设计了基于IKE协议语法的变异策略来减少无效测试用例的生成,同时增加测试用例的多样性;引入了基于进化策略的变异调度方案来自动优化变异算子的概率分布,进一步提高生成高质量测试用例...
Saved in:
| Published in | 网络与信息安全学报 Vol. 10; no. 4; pp. 109 - 122 |
|---|---|
| Main Authors | , , , |
| Format | Journal Article |
| Language | Chinese |
| Published |
信息工程大学,河南 郑州 450001
25.08.2024
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2096-109X |
| DOI | 10.11959/j.issn.2096-109x.2024057 |
Cover
Loading…
| Abstract | TP393; 互联网密钥交换(IKE,internet key exchange)协议用于在IPSec(internet protocol security)协议中进行身份验证和密钥协商,其安全性对保护IP通信至关重要,复杂的协议逻辑导致协议实现中难免存在安全漏洞.模糊测试是检测协议实现中潜在漏洞的有效手段,但将现有模糊测试工具直接应用于IKE协议时,存在生成测试用例质量不高、难以探索深层状态空间等局限性.针对上述问题,设计了基于IKE协议语法的变异策略来减少无效测试用例的生成,同时增加测试用例的多样性;引入了基于进化策略的变异调度方案来自动优化变异算子的概率分布,进一步提高生成高质量测试用例的概率;设计了消息处理器用来维护协议交互上下文信息并执行密码学相关的操作,从而支持在黑盒条件下对IKE协议进行测试,并实现对深层协议交互行为和状态空间的探索.基于上述方法实现了IKE协议有状态模糊测试工具IKEChecker,该工具支持对IKEv1和IKEv2协议进行测试.对两种广泛使用的支持IKE协议实现的开源软件strongSwan和Libreswan进行测试,发现4个未公开漏洞;通过与其他模糊测试工具对比,评估了IKEChecker在漏洞检测方面的效率. |
|---|---|
| AbstractList | TP393; 互联网密钥交换(IKE,internet key exchange)协议用于在IPSec(internet protocol security)协议中进行身份验证和密钥协商,其安全性对保护IP通信至关重要,复杂的协议逻辑导致协议实现中难免存在安全漏洞.模糊测试是检测协议实现中潜在漏洞的有效手段,但将现有模糊测试工具直接应用于IKE协议时,存在生成测试用例质量不高、难以探索深层状态空间等局限性.针对上述问题,设计了基于IKE协议语法的变异策略来减少无效测试用例的生成,同时增加测试用例的多样性;引入了基于进化策略的变异调度方案来自动优化变异算子的概率分布,进一步提高生成高质量测试用例的概率;设计了消息处理器用来维护协议交互上下文信息并执行密码学相关的操作,从而支持在黑盒条件下对IKE协议进行测试,并实现对深层协议交互行为和状态空间的探索.基于上述方法实现了IKE协议有状态模糊测试工具IKEChecker,该工具支持对IKEv1和IKEv2协议进行测试.对两种广泛使用的支持IKE协议实现的开源软件strongSwan和Libreswan进行测试,发现4个未公开漏洞;通过与其他模糊测试工具对比,评估了IKEChecker在漏洞检测方面的效率. |
| Abstract_FL | The internet key exchange(IKE)protocol,integral to the authentication and key negotiation process within the Internet Protocol Security(IPSec)framework,has been utilized for the protection of IP communications.Given the complex protocol logic,security vulnerabilities in the implementation of the IKE protocol are inevitably present.Fuzz testing,recognized as an effective means of detecting potential vulnerabilities in protocol implementa-tions,has been conventionally applied.However,the direct application of existing fuzzing tools to the IKE protocol has been found to present limitations,such as the generation of low-quality test cases and difficulty in exploring deep states.To address these issues,a mutation strategy based on the grammar of the IKE protocol was designed,aiming to reduce the generation of invalid test cases while increasing the diversity of generated test cases.Addition-ally,an evolutionary strategy-based mutation scheduling scheme was introduced,which automatically optimized the probability distribution of mutation operators,further increasing the likelihood of generating high-quality test cases.A message handler was designed to maintain protocol interaction context information and perform crypto-graphic operations,thereby supporting testing of the IKE protocol under black-box conditions.This enabled the ex-ploration of deep protocol interaction behavior and state space.Utilizing the aforementioned methods,an IKE pro-tocol stateful fuzz testing tool named IKEChecker was implemented,supporting testing of both IKEv1 and IKEv2 protocols.Testing was conducted on two widely used open-source IKE protocol implementations,strongSwan and Libreswan,resulting in the revelation of 4 undisclosed vulnerabilities.By comparing IKEChecker with other fuzz testing tools,its efficiency in vulnerability detection was evaluated. |
| Author | 顾纯祥 张协力 赵栋梁 郑永辉 |
| AuthorAffiliation | 信息工程大学,河南 郑州 450001 |
| AuthorAffiliation_xml | – name: 信息工程大学,河南 郑州 450001 |
| Author_FL | GU Chunxiang ZHENG Yonghui ZHANG Xieli ZHAO Dongliang |
| Author_FL_xml | – sequence: 1 fullname: ZHENG Yonghui – sequence: 2 fullname: ZHAO Dongliang – sequence: 3 fullname: GU Chunxiang – sequence: 4 fullname: ZHANG Xieli |
| Author_xml | – sequence: 1 fullname: 郑永辉 – sequence: 2 fullname: 赵栋梁 – sequence: 3 fullname: 顾纯祥 – sequence: 4 fullname: 张协力 |
| BookMark | eNo1jztLA0EAhLeIYIz5EbbCnfu4vb21kyNqMJBGwS7s3u1qYthgFsnZKdgYEatrJI2djbkiaJW_c4-f4eGjmmE-mGG2QMNMjAJgB0EXIU753sgdWmtcDLnvIMiT2mEPUtYAzf_sfBO0rR1KSANGeY2bIOiedMJLFV2p6X6VfRSrNF-nebYuXx9qkj-_VMtlsXgs51_F3X3x_lau5sXnU5Wl22BDi7FV7T9tgbPDzml47PT6R93woOdYBCl3sORYKaagZChWOiDSj5RCXhxxJrCI_IjrQJBA-whJ7mMkWCwgwjGRUmlCSQvs_vbOhNHCXAxGk5upqRcHs_FtkojrRP4c9SDk5BuiK12q |
| ClassificationCodes | TP393 |
| ContentType | Journal Article |
| Copyright | Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| Copyright_xml | – notice: Copyright © Wanfang Data Co. Ltd. All Rights Reserved. |
| DBID | 2B. 4A8 92I 93N PSX TCJ |
| DOI | 10.11959/j.issn.2096-109x.2024057 |
| DatabaseName | Wanfang Data Journals - Hong Kong WANFANG Data Centre Wanfang Data Journals 万方数据期刊 - 香港版 China Online Journals (COJ) China Online Journals (COJ) |
| DatabaseTitleList | |
| DeliveryMethod | fulltext_linktorsrc |
| DocumentTitle_FL | IKEChecker:grammar-guided stateful fuzzer for IKE protocol implementions |
| EndPage | 122 |
| ExternalDocumentID | wlyxxaqxb202404009 |
| GroupedDBID | 2B. 4A8 92I 93N ALMA_UNASSIGNED_HOLDINGS M~E PSX TCJ |
| ID | FETCH-LOGICAL-s1059-2b92ee7e0b71def83b6cee14dc97a2ac6c9f8a38f611b9621a7da012d3bbef353 |
| ISSN | 2096-109X |
| IngestDate | Thu May 29 03:56:41 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Issue | 4 |
| Keywords | IKE协议 security protocol 模糊测试 software testing 安全协议 软件测试 fuzz testing IKE protocol |
| Language | Chinese |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-s1059-2b92ee7e0b71def83b6cee14dc97a2ac6c9f8a38f611b9621a7da012d3bbef353 |
| PageCount | 14 |
| ParticipantIDs | wanfang_journals_wlyxxaqxb202404009 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-08-25 |
| PublicationDateYYYYMMDD | 2024-08-25 |
| PublicationDate_xml | – month: 08 year: 2024 text: 2024-08-25 day: 25 |
| PublicationDecade | 2020 |
| PublicationTitle | 网络与信息安全学报 |
| PublicationTitle_FL | Chinese Journal of Network and Information Security |
| PublicationYear | 2024 |
| Publisher | 信息工程大学,河南 郑州 450001 |
| Publisher_xml | – name: 信息工程大学,河南 郑州 450001 |
| SSID | ssib058759024 |
| Score | 2.3649452 |
| Snippet | TP393; 互联网密钥交换(IKE,internet key exchange)协议用于在IPSec(internet protocol... |
| SourceID | wanfang |
| SourceType | Aggregation Database |
| StartPage | 109 |
| Title | IKEChecker:语法引导的IKE协议有状态模糊测试 |
| URI | https://d.wanfangdata.com.cn/periodical/wlyxxaqxb202404009 |
| Volume | 10 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3Na9RAFA-1gngRRcVvKjqnknVmMpPMeEt2Z6lKPbXQW0k2iaXIinaLaw-i4MWKeNqLePHmxe6h6Kn_zn78Gb43yTbRVqhCCMPMe-_33rzJzJuQl3GcuwlPPelj6laQB65IeerqmFJXqDilvk47lGG-8_Jjf2lVPFyTa3OnNmtfLW33kkZn59i8kv_xKtSBXzFL9h88eygUKqAM_oU7eBjuJ_Lxg0emuZHZDyO8kBhFwjYJW8T4JPKIlsRIEjXLAjRB2QREh0QJ4MRK1SKqbRkNXsCom0RpJFMhiXysURSiTSyEQMawCYRDK6KAhKjELQ6xnMW5lqxFdEEfoVgjSKSIMrbQtqJ8lAy8qJ6xuCBQIhDWtEhYKBCSUM4GBjGaKM8KBnyKIgE_Qu6KRKFmcKHS1KoIBU4Uq0sBBYAN1QutDgGg_AZkOw_4q36SqIuO6m9KuMBXv0VWtR3bx5sXWemIoaw-gCRIGFR28qY1iGPnFoA6WKwZa0VosyjwaAlWTd8cNoewyNmDgqu1htaeKVFbOBjVtRiEFbnaR5c3LbVd3xChMUPoN9BaWvzo-4-_h798-qrfj5_3E0sibK7raQ5bKjzmZPm1mc29EvatmtozoA8VP-PcnoHe-xukzXXr5nH3SS0sWznvnCv3Uwth8XBccOZ2Ni46qnow7k-H38f7g9HBYDQ8mHx-By2jj5-me3vjL-8nuz_Hb96Ov32d7O-Of3yYDgeXnNW2WWkuueURIe4WbgxcnmieZUFGk4ClWa68xIeoj4m0o4OYxx2_o3MVeyr3GUu0z1kcpDHEZKmXJFnuSe-yM9991s2uOAuZJ3wIlnNfpkpoKUEyy5TqUJ2D0Zpede6Ulq6XU8DW-tHevXYiquvO2WqA3nDmey-2s5sQ3PaSW9YrvwD68XrY |
| linkProvider | ISSN International Centre |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=IKEChecker%3A%E8%AF%AD%E6%B3%95%E5%BC%95%E5%AF%BC%E7%9A%84IKE%E5%8D%8F%E8%AE%AE%E6%9C%89%E7%8A%B6%E6%80%81%E6%A8%A1%E7%B3%8A%E6%B5%8B%E8%AF%95&rft.jtitle=%E7%BD%91%E7%BB%9C%E4%B8%8E%E4%BF%A1%E6%81%AF%E5%AE%89%E5%85%A8%E5%AD%A6%E6%8A%A5&rft.au=%E9%83%91%E6%B0%B8%E8%BE%89&rft.au=%E8%B5%B5%E6%A0%8B%E6%A2%81&rft.au=%E9%A1%BE%E7%BA%AF%E7%A5%A5&rft.au=%E5%BC%A0%E5%8D%8F%E5%8A%9B&rft.date=2024-08-25&rft.pub=%E4%BF%A1%E6%81%AF%E5%B7%A5%E7%A8%8B%E5%A4%A7%E5%AD%A6%2C%E6%B2%B3%E5%8D%97+%E9%83%91%E5%B7%9E+450001&rft.issn=2096-109X&rft.volume=10&rft.issue=4&rft.spage=109&rft.epage=122&rft_id=info:doi/10.11959%2Fj.issn.2096-109x.2024057&rft.externalDocID=wlyxxaqxb202404009 |
| thumbnail_s | http://utb.summon.serialssolutions.com/2.0.0/image/custom?url=http%3A%2F%2Fwww.wanfangdata.com.cn%2Fimages%2FPeriodicalImages%2Fwlyxxaqxb%2Fwlyxxaqxb.jpg |