Integrated TCP/IP protocol software testing for vulnerability detection

Many security holes stem from the defects in network protocol implementations. This paper presents an industry best practice of integrated TCP/IP network protocol testing that targets software robustness vulnerabilities. The deployed test system consists of a versatile test engine, a protocol data unit generator and a few auxiliary tools. The specially designed kernel test engine supporting IP/TCP/UDP as carrier protocols drives predefined fault-injected PDU (protocol data unit) to the network unit under test. Its novel callback mechanism and virtual network device connection capability cost-effectively enhance user controlled testing intelligence for verifying protocols with complicated state transitions. The PDU generator aims to provide a systematic solution for rapid test case creation, which is based on new strengthened BNF (Backus-Naur form) language for protocol specification mutation and fault injection. Established on this system, we propose an integrated industry test environment for network protocol code assessment. Initial experiments and case studies with multicast protocols unveiled several robustness violations, which have significant security impacts.