Fuzz testing data generation for network protocol using classification tree

Aiming at the test data generation, which is one of the key issues in the network protocol fuzzing, this paper presents a new method on the basis of classification tree and heuristic operator. The method firstly builds up a protocol classification tree divided into 4 layers: target network protocol, protocol fields, attributes belonging to all fields, and attribute values. In order to reduce the scale of fuzz testing data, heuristic operators are defined to remove useless items from value sets of attributes. And then the test data for each protocol field was obtained by doing Cartesian product between value sets of attributes. The fuzz testing data for target network protocol is finally generated by replacing the corresponding field in the protocol with its fuzzing data one by one. Experimental results indicate that our method could successfully detect vulnerabilities, while dramatically reduce the number of test data and highly improve the quality of test data.