An Efficient Fuzzing Test Method for SIP Servers

doi:10.13190/j.jbupt.2015.04.003

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2015, Vol. 38 ›› Issue (4): 10-14.doi: 10.13190/j.jbupt.2015.04.003

• Papers • Previous Articles Next Articles

An Efficient Fuzzing Test Method for SIP Servers

WANG Yu-long^1,2, JIN Guo-dong¹, WANG Yu-jiao¹

1. State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China;
2. Science and Technology on Information Transmission and Dissemination in Communication Networks Laboratory, Shijiazhuang 050081, China

Received:2014-11-24 Online:2015-08-28 Published:2015-07-03

Abstract

Abstract:

An efficient fuzzing test method for session initiation protocol (SIP) servers was proposed, compared to the conventional method, the generated number of malformed SIP messages was reduced, good attacking result was produced. It establishes mappings between dangerous library functions and interfaces of the SIP server through static source code analysis. It also obtains a set of malformed SIP messages targeting those dangerous functions. Finally, it optimizes the set of malformed SIP messages by analyzing its attack effects and generating better messages through inheritance and mutation operations, and obtains the set of messages having the most notable attack effects. Experiments are carried out to verify the effectiveness of the proposed method.

Key words: session initiation protocol server, security, malformed messages, fuzzing test

CLC Number:

TP309

WANG Yu-long, JIN Guo-dong, WANG Yu-jiao. An Efficient Fuzzing Test Method for SIP Servers[J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2015, 38(4): 10-14.

[1]	LI Zineng, HU Zhiqun, XIAO Hailin, ZENG Zhangfan. UAV security communication algorithm with Intelligent Reflecting Surface and cooperative Jamming [J]. Journal of Beijing University of Posts and Telecommunications, 2023, 46(1): 69-76.
[2]	LONG Xiang, CUI Baojiang, WU Jiatong. A Binary Fuzzy Test Method for UEFI DXE Drivers [J]. Journal of Beijing University of Posts and Telecommunications, 2023, 46(1): 121-126.
[3]	. Physical Layer Security for IRS-based Cognitive NOMA V2V Network [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(6): 131-137.
[4]	SHI Zicheng, LI Xin, TANG Ying, HUANG Shanguo. Optical Packet Filtering System Based on All-Optical Pattern Matching [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(3): 96-101.
[5]	YANG Hongyu, YUAN Haihang, ZHANG Liang. A Risk Assessment Method of Network Host Node with Host Importance [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(2): 16-21.
[6]	LI Meiling, YANG Xiaoxia, CHENG Wenjie, LU Zhaoming. Physical Layer Security for CR-NOMA System in Vehicle-to-Everything [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(1): 115-120.
[7]	WANG Yong, GONG Jian, WANG Mingyue, JIANG Gongkun. A Pseudo-Random Number Generator for Integer Chaotic Map [J]. Journal of Beijing University of Posts and Telecommunications, 2022, 45(1): 58-62.
[8]	ZHANG Lei, CHEN Chuan, TAN Qi-yun, HAO Mao-xin, YANG Xue-kang. An Image Encryption Algorithm Combining S-Box and Chaotic Mapping [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(6): 40-47.
[9]	TANG Yong-li, LI Xing-yu, ZHAO Zong-qu, LI Yun-feng. Detection Method for Android Payment Cracked Application [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(4): 95-101.
[10]	XUE Jian-bin, BAI Zi-mei. Security and Efficient Authentication Scheme for Mobile Edge Computing [J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(1): 110-116.
[11]	LI Zeng-peng, WANG Jiu-ru, ZHANG Wen-yin, MA Chun-guang. A Threshold Public Key Encryption via Dual Regev Scheme [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(4): 83-87.
[12]	CHEN Pei-pei, LI Tao-shen, GE Zhi-hui, FANG Xing. Secure Beamforming Design for Full-Duplex Energy-Constrained Relaying Networks [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(2): 59-65,79.
[13]	LI Tao, ZHANG Jing, YANG Hao. Analysis and Improvement of Privacy Protection Scheme in VANET [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(1): 104-110.
[14]	LEI Wei-jia, LI Huan. Signal Combining and Self-Interference Cancellation Scheme Based on Linear Neural Network in a Full-Duplex Receiver Cooperative Jamming System [J]. Journal of Beijing University of Posts and Telecommunications, 2020, 43(1): 61-67.
[15]	XIAO Jian, LI Wen-jiang, GENG Hong-yang, ZHAI Ying-bo. An Anti-DoS Attack RFID Security Authentication Protocol in the Internet of Vehicles [J]. JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM, 2019, 42(2): 114-119.

An Efficient Fuzzing Test Method for SIP Servers

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments