AFLNET: a greybox fuzzer for network protocols

Van-Thuan Pham, Marcel Bohme, Abhik Roychoudhury

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

5 Citations (Scopus)

Abstract

Server fuzzing is difficult. Unlike simple command-line tools, servers feature a massive state space that can be traversed effectively only with well-defined sequences of input messages. Valid sequences are specified in a protocol. In this paper, we present AFLNET, the first greybox fuzzer for protocol implementations. Unlike existing protocol fuzzers, AFLNET takes a mutational approach and uses state-feedback to guide the fuzzing process. AFLNET is seeded with a corpus of recorded message exchanges between the server and an actual client. No protocol specification or message grammars are required. AFLNET acts as a client and replays variations of the original sequence of messages sent to the server and retains those variations that were effective at increasing the coverage of the code or state space. To identify the server states that are exercised by a message sequence, AFLNET uses the server's response codes. From this feedback, AFLNET identifies progressive regions in the state space, and systematically steers towards such regions. The case studies with AFLNET on two popular protocol implementations demonstrate a substantial performance boost over the state-of the-art. AFLNET discovered two new CVEs which are classified as critical (CVSS score CRITICAL 9.8).

Original languageEnglish
Title of host publicationProceedings - 2020 IEEE 13th International Conference on Software Testing, Verification and Validation, ICST 2020
EditorsCorina Pasareanu, Andreas Zeller
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages460-465
Number of pages6
ISBN (Electronic)9781728157771, 9781728157788
ISBN (Print)9781728157795
DOIs
Publication statusPublished - 2020
EventInternational Conference on Software Testing, Verification and Validation 2020 - Porto, Portugal
Duration: 24 Oct 202028 Oct 2020
Conference number: 13th
https://ieeexplore.ieee.org/xpl/conhome/9149738/proceeding (Proceedings)
https://icst2020.info (Website)

Conference

ConferenceInternational Conference on Software Testing, Verification and Validation 2020
Abbreviated titleICST 2020
CountryPortugal
CityPorto
Period24/10/2028/10/20
Internet address

Cite this