A Novel Interactive Network Fuzzer for System Security Assessment
Jaime C. Acosta, Christian Murga, Alberto Morales, Caesar Zapata
Network security testing can be done at different levels of fidelity. This can involve simply scanning a network to identify any open ports for services and versions of services, to uncovering novel vulnerabilities in proprietary or undocumented services. The granularity of such an analysis depends not only on time and cost, but also on the availability of client software that can be used to interact with the different services. Complexity increases when the underlying protocol is undocumented or nontrivial. In this case, testers must first understand the protocols, and then develop software that can be used to interact; past the common handshake or initial connection behavior to uncover vulnerabilities. In this paper, we present an architecture that marries protocol reverse engineering and network fuzzing through a graphical interface. We have developed a proof of concept (PoC) that is capable of intercepting packets between source and destination nodes; allowing analysts to use the interface to interactively or pseudo-interactively (using hooks) observe, modify, drop, and/or forward the traffic during security tests. We designed our experimentation methodology with two perspectives in mind: blue-teaming (cooperative grey/white box) and red-teaming (non-cooperative, black box). We report performance of our PoC with the Transport Control Protocol. Full Text
|