Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models-Reference-Cited by-同舟云学术

Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models

Published:2023-09-13 Issue:18 Volume:23 Page:7864
ISSN:1424-8220
Container-title:Sensors
language:en
Short-container-title:Sensors

Author:

Borcherding Anne¹²^ORCID,Morawetz Martin³,Pfrang Steffen¹^ORCID

Affiliation:

1. Fraunhofer Institute of Optronics, System Technologies and Image Exploitation IOSB, 76131 Karlsruhe, Germany

2. KASTEL Security Research Labs, 76131 Karlsruhe, Germany

3. Karlsruhe Institute of Technology, 76131 Karlsruhe, Germany

Abstract

Smart production ecosystems are a valuable target for attackers. In particular, due to the high level of connectivity introduced by Industry 4.0, attackers can potentially attack individual components of production systems from the outside. One approach to strengthening the security of industrial control systems is to perform black box security tests such as network fuzzing. These are applicable, even if no information on the internals of the control system is available. However, most security testing strategies assume a gray box setting, in which some information on the internals are available. We propose a new approach to bridge the gap between these gray box strategies and the real-world black box setting in the domain of industrial control systems. This approach involves training an adaptive machine learning model that approximates the information that is missing in a black box setting. We propose three different approaches for the model, combine them with an evolutionary testing approach, and perform an evaluation using a System under Test with known vulnerabilities. Our evaluation shows that the model is indeed able to learn valuable information about a previously unknown system, and that more vulnerabilities can be uncovered with our approach. The model-based approach using a Decision Tree was able to find a significantly higher number of vulnerabilities than the two baseline fuzzers.

Funder

topic Engineering Secure Systems of the Helmholtz Association

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Link

https://www.mdpi.com/1424-8220/23/18/7864/pdf

Reference24 articles.

1. The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities Around the World;Anton;IEEE Internet Things J.,2021

2. (2020). Security for Industrial Automation and Control Systems. Standard (Standard No. IEC 62443).

3. Fioraldi, A., Maier, D., Eißfeldt, H., and Heuse, M. (2020, January 11). AFL++ combining incremental steps of fuzzing research. Proceedings of the 14th USENIX Conference on Offensive Technologies, Boston, MA, USA.

4. Serebryany, K., and Vitaly Buka, M.M. (2023, August 03). LibFuzzer—A Library for Coverage-Guided Fuzz Testing. Available online: https://llvm.org/docs/LibFuzzer.html.

5. The art, science, and engineering of fuzzing: A survey;Han;IEEE Trans. Softw. Eng.,2019