International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 09 Issue: 08 | August 2022
p-ISSN: 2395-0072
www.irjet.net
Security Testing of Network Protocol Implementation Pradnya Kawade1 1Student,
Dept. of IT Engineering, K. J. Somaiya College of Engineering, Mumbai Maharashtra 400077, India; ---------------------------------------------------------------------***---------------------------------------------------------------------
Abstract – Inaccurate Network protocol implementation
Fuzzing, symbolic execution, static code analysis, taint tracking are most common techniques to verify network security vulnerabilities and possible threats to the network. Here, proposed method is a combination of fuzzing and symbolic execution to determine the security vulnerability in the network protocol implementation. For symbolically verifying network protocol implementations, we use two approaches. Path exploration which is symbolic executor explores each branch separately, thereby making a copy of the current state and other is bounded model checking BMC. We also use fuzzing to produce random inputs to locate security vulnerabilities in network protocols. All though fuzzing and symbolic execution not able to go deep in protocol implementation. Fuzzing is not able to create various inputs for all paths in the network protocol implementation and symbolic execution cannot achieve high path-coverage because of the state-space explosion problem. Thus we have to use combination of both for better coverage.
can bring various consequences. Therefore, security testing of Network protocol implementation is a hot topic for research in information security. Design and implementation of secure network protocol is very important nowadays. Any security flaw in network protocol implementation leads to making the whole network vulnerable. This paper includes security testing methods of implemented network protocol. We use network scanning, fuzzing for verification and exploration of network protocol. To check suitability of network protocol we use ESBMC, Map2Check and KLEE as software verifiers. Paper proposes a new FuSeBMC network verification framework model to effectively detect security vulnerabilities related to network protocol implementation.
Key Words: Network protocol, Security testing, Fuzzing, FuSeBMC, Runtime testing
1. INTRODUCTION
This combination is used to generate automatically highcoverage test packets from the network protocol implementations. Used to detect various implementation errors. Then we used FuSeBMC framework to verify security vulnerability in network protocol implementation. Paper also proposed testing of protocol at runtime in an online way which is more complex and challenging work because tester have to undergo a large amount of nonstop traces.
Implementation of Network protocol is one of the challenging task. The software bugs which were introduced during implementation of network protocol can lead to security vulnerabilities. Even a small point of flaw can make the whole network vulnerable. Thus developers need to implement strict end-to-end security to maintain the secured network. Network testing involves testing vulnerabilities in network devices, servers, DNS, TCP and FTP are hard to detect because the protocol software state-space is too large to explore. Validation of possible events such as packet access, packet loss, and timeout must have to check during protocol implementation.
2. NETWORK PROTOCOL DESIGN Network is defined as a group of computer devices that are interconnected for sharing and exchanging the information. This sharing and exchanging of information within the network should be based on certain predefined rules and these set of rules are called as Network protocol. The network is implemented based on OSI and TCP/IP network model and each layer has different protocols.
The network protocol implementation need to be verified because of various reasons like, large state-space exploration of protocol implementation, finding semantic error need a machine readable specification to check whether the implementation meets specification automatically, another reason is since many bugs manifest themselves after a long period of time until then they remained hidden. Therefore, due to these problems developers needs to develop tools to identify and verify the network protocol implementation. It’s very challenging because there are multiple manufacturers lead to different protocol implementation. Many errors can introduced during implementation and can be detected when service is in real use. Therefore, to reduce such errors developed by programmer which can cause many high risk vulnerabilities in network protocol, we need to develop a reliable and accurate verification method.
© 2022, IRJET
|
Impact Factor value: 7.529
2.1 Protocol Definition Protocols are defined by their properties. Structure of PDU that is protocol data unit and behavioral description is the main property. For proper processing of PDU transmission should be carried out on binary data. Data should be serialized at the sender and parsed at the receiver. PDU can be divided by separating metadata and actual data needs to be transmitted that is header and payload. Header includes all information required by protocol to perform its function properly. It is divided into packet fields that can represent different in formation for protocol setting. It can
|
ISO 9001:2008 Certified Journal
|
Page 1286