摘要
网络协议软件漏洞频发,严重威胁网络空间安全。以AFLNet为代表的灰盒协议模糊测试工具通过引入覆盖率反馈与状态建模机制提升了漏洞挖掘能力,但受限于“语义屏障”,此类工具难以理解协议的语法结构与上下文逻辑,测试效率较低。近年来,大语言模型在语义建模、上下文推理与代码生成等任务中展现出强大的泛化与理解能力,为打破这一屏障提供了关键技术路径。文章提出了一种由大语言模型引导的协议模糊测试框架(LLMProFuzz,LPF),在以下3个层面克服传统方法的局限性:一是利用少样本提示工程自动提取协议语法模板;二是基于历史漏洞特征设计种子富集机制,生成覆盖边界场景和异常逻辑的高价值初始用例;三是引入结构感知的变异位置选择策略,提高有效测试用例的生成比例。在HTTP、FTP、RTSP等典型协议栈中的实验结果表明,LPF在代码覆盖率、状态覆盖率和测试效率等方面均显著优于AFLNet与StateAFL等基准工具。
Security vulnerabilities in network protocol software occur frequently and pose serious threats to cyberspace security.Gray-box protocol fuzzing tools,such as AFLNet,have improved vulnerability detection by introducing coverage feedback and state modeling mechanisms.However,constrained by a persistent"semantic barrier",these tools struggle to comprehend protocol syntax structures and contextual logic,resulting in limited testing efficiency.In recent years,large language models have demonstrated exceptional generalization and comprehension capabilities in tasks such as semantic modeling,contextual reasoning,and code generation,providing a promising pathway to overcome this barrier.This paper proposed LPF(LLMProFuzz),a protocol fuzzing framework guided by large language models,which addressed the limitations of traditional methods from three perspectives:firstly,automatically extracting protocol syntax templates through few-shot prompt engineering;secondly,designing a seed enrichment mechanism based on historical vulnerability characteristics to generate high-value initial cases that cover boundary and exceptional scenarios;thirdly,introducing a structure-aware mutation location selection strategy to increase the proportion of effective test cases.Experimental results on representative protocol stacks,including HTTP,FTP,and RTSP,demonstrate that LPF significantly outperforms baseline tools such as AFLNet and StateAFL in terms of code coverage,state coverage,and testing efficiency.
作者
杨立群
李镇
韦超仁
闫治敏
仇勇鑫
YANG Liqun;LI Zhen;WEI Chaoren;YAN Zhimin;QIU Yongxin(School of Cyber Science and Technology,Beihang University,Beijing 100191,China;School of Civil Aviation Safety Engineering,Civil Aviation Flight University of China,Guanghan 618307,China;Engineering Research Center of Key Technologies for All-Electric General Aviation Aircraft of Sichuan Province,Guanghan 618307,China)
出处
《信息网络安全》
北大核心
2025年第12期1847-1862,共16页
Netinfo Security
基金
国家自然科学基金[62302025,62572027,U2333205]
四川省全电通航飞行器关键技术工程研究中心开放课题[CAFUC202401KF003]。
关键词
大语言模型
网络协议
模糊测试
结构感知变异
提示工程
large language models
network protocol
fuzzing
structure-aware mutation
prompt engineering
