Research Article
Analysis of Vulnerability of IPsec Protocol Implementation Based on Differential Fuzzing
@INPROCEEDINGS{10.1007/978-3-030-96791-8_21, author={Kai Tian and Fushan Wei and Chunxiang Gu and Yanan Shi}, title={Analysis of Vulnerability of IPsec Protocol Implementation Based on Differential Fuzzing}, proceedings={Security and Privacy in New Computing Environments. 4th EAI International Conference, SPNCE 2021, Virtual Event, December 10-11, 2021, Proceedings}, proceedings_a={SPNCE}, year={2022}, month={3}, keywords={IPsec Protocol fuzzing Differential fuzzing Software security}, doi={10.1007/978-3-030-96791-8_21} }- Kai Tian
Fushan Wei
Chunxiang Gu
Yanan Shi
Year: 2022
Analysis of Vulnerability of IPsec Protocol Implementation Based on Differential Fuzzing
SPNCE
Springer
DOI: 10.1007/978-3-030-96791-8_21
Abstract
Network protocol is an important means to ensure network security, but it has suffered a steady stream of attacks in recent years due to its implementation complexity and difficulty. In this paper, we present our work on using differential fuzzing to detect the behavioral divergences in multiple implementations of IPsec. The key insight behind our fuzzer is to generate various message streams compose of mutate packets and send them to the IPsec implementations to compare their different behaviors. We proposed a protocol testing framework based on differential fuzzing testing, which can be applied to test the differences and potential security issues of multiple implementations. Our case reveals the implementation differences between four protocol implementations. These differential behaviors exposed protocol implementation violations of RFC specifications and possible security vulnerabilities.
