Smarter Evolution: Enhancing Evolutionary Black Box Fuzzing with Adaptive Models

Author:

Borcherding Anne12ORCID,Morawetz Martin3,Pfrang Steffen1ORCID

Affiliation:

1. Fraunhofer Institute of Optronics, System Technologies and Image Exploitation IOSB, 76131 Karlsruhe, Germany

2. KASTEL Security Research Labs, 76131 Karlsruhe, Germany

3. Karlsruhe Institute of Technology, 76131 Karlsruhe, Germany

Abstract

Smart production ecosystems are a valuable target for attackers. In particular, due to the high level of connectivity introduced by Industry 4.0, attackers can potentially attack individual components of production systems from the outside. One approach to strengthening the security of industrial control systems is to perform black box security tests such as network fuzzing. These are applicable, even if no information on the internals of the control system is available. However, most security testing strategies assume a gray box setting, in which some information on the internals are available. We propose a new approach to bridge the gap between these gray box strategies and the real-world black box setting in the domain of industrial control systems. This approach involves training an adaptive machine learning model that approximates the information that is missing in a black box setting. We propose three different approaches for the model, combine them with an evolutionary testing approach, and perform an evaluation using a System under Test with known vulnerabilities. Our evaluation shows that the model is indeed able to learn valuable information about a previously unknown system, and that more vulnerabilities can be uncovered with our approach. The model-based approach using a Decision Tree was able to find a significantly higher number of vulnerabilities than the two baseline fuzzers.

Funder

topic Engineering Secure Systems of the Helmholtz Association

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Reference24 articles.

1. The Global State of Security in Industrial Control Systems: An Empirical Analysis of Vulnerabilities Around the World;Anton;IEEE Internet Things J.,2021

2. (2020). Security for Industrial Automation and Control Systems. Standard (Standard No. IEC 62443).

3. Fioraldi, A., Maier, D., Eißfeldt, H., and Heuse, M. (2020, January 11). AFL++ combining incremental steps of fuzzing research. Proceedings of the 14th USENIX Conference on Offensive Technologies, Boston, MA, USA.

4. Serebryany, K., and Vitaly Buka, M.M. (2023, August 03). LibFuzzer—A Library for Coverage-Guided Fuzz Testing. Available online: https://llvm.org/docs/LibFuzzer.html.

5. The art, science, and engineering of fuzzing: A survey;Han;IEEE Trans. Softw. Eng.,2019

Cited by 1 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3