Learning-Based Fuzzing of IoT Message Brokers

被引：19

作者：

Aichernig, Bernhard K. ^{[1
]}

Muskardin, Edi ^{[1
,2
]}

Pferscher, Andrea ^{[1
]}

机构：

[1] Graz Univ Technol, Inst Software Technol, Graz, Austria

[2] Graz Univ Technol, Silicon Austria Labs, SAL DES Lab, Graz, Austria

来源：

2021 14TH IEEE CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION (ICST 2021) | 2021年

关键词：

active automata learning; model inference; stateful fuzzing; conformance testing; MATT; IoT; INFERENCE;

D O I：

10.1109/ICST49551.2021.00017

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

The number of devices in the Internet of Things (IoT) immensely grew in recent years. A frequent challenge in the assurance of the dependability of IoT systems is that components of the system appear as a black box. This paper presents a semi-automatic testing methodology for black-box systems that combines automata learning and fuzz testing. Our testing technique uses stateful fuzzing based on a model that is automatically inferred by automata learning. Applying this technique, we can simultaneously test multiple implementations for unexpected behavior and possible security vulnerabilities. We show the effectiveness of our learning-based fuzzing technique in a case study on the MQTT protocol. MQTT is a widely used publish/subscribe protocol in the IoT. Our case study reveals several inconsistencies between five different MQTT brokers. The found inconsistencies expose possible security vulnerabilities and violations of the MQTT specification.

引用

页码：47 / 58

页数：12

共 46 条

[1] Generating models of infinite-state communication protocols using regular inference with abstraction [J].

Aarts, Fides ;

Jonsson, Bengt ;

Uijen, Johan ;

Vaandrager, Frits .

FORMAL METHODS IN SYSTEM DESIGN, 2015, 46 (01) :1-41

[2] Formal models of bank cards for free [J].

Aarts, Fides ;

de Ruiter, Joeri ;

Poll, Erik .

IEEE SIXTH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW 2013), 2013, :461-468

[3] Inference and Abstraction of the Biometric Passport [J].

Aarts, Fides ;

Schmaltz, Julien ;

Vaandrager, Frits .

LEVERAGING APPLICATIONS OF FORMAL METHODS, VERIFICATION, AND VALIDATION, PT I, 2010, 6415 :673-686

[4]

Aichernig B. K., 2018, 2018 FORMAL METHODS, P1

[5] How Fast Is MQTT? Statistical Model Checking and Testing of IoT Protocols [J].

Aichernig, Bernhard K. ;

Schumi, Richard .

QUANTITATIVE EVALUATION OF SYSTEMS, QEST 2018, 2018, 11024 :36-52

[6] LEARNING REGULAR SETS FROM QUERIES AND COUNTEREXAMPLES [J].

ANGLUIN, D .

INFORMATION AND COMPUTATION, 1987, 75 (02) :87-106

[7]

[Anonymous], 2016, 209222016 ISOIEC

[8]

[Anonymous], 2019, OASIS MESSAGE QUEUIN

[9]

[Anonymous], CYBERNETIC

[10] Program-Aware Fuzzing for MQTT Applications [J].

Araujo Rodriguez, Luis Gustavo ;

Batista, Daniel Macedo .

PROCEEDINGS OF THE 29TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, ISSTA 2020, 2020, :582-586

← 1 2 3 4 5 →