CN-115987605-B - State sensing fuzzy test system and method for 5G NGAP protocol

Abstract

The invention provides a state sensing fuzzy test system and method aiming at a 5G NGAP protocol, comprising a test data generation module, a protocol state maintenance module, a field mutation module, a tested component monitoring module, a log analysis recording module and a log analysis recording module, wherein the test data generation module is used for generating an original test data sample, designating a field position to be tested and a protocol state machine stage, the protocol state maintenance module is used for maintaining a component to be tested to a target state machine stage according to the designated protocol state machine stage, the field mutation module is used for carrying out mutation on the designated field position to be tested of the original test data sample to generate a fuzzy test sample, sending the generated fuzzy test sample to the tested component, judging whether the fuzzy test sample is mutated or not based on returned data of the tested component and sending a mutation result to the log analysis module, the tested component monitoring module is used for monitoring the working state of the tested component, collecting a current crash log when abnormality occurs, and sending the current crash log to the log analysis recording module, and the log analysis recording module is used for collecting crash logs generated by the abnormal component, determining the abnormal occurrence position and storing the sent fuzzy test sample and the field mutation condition.

Inventors

• ZHAO TIANCHENG
• CHEN LIBO
• Wang Diejun
• XUE ZHI

Assignees

• 上海交通大学

Dates

Publication Date

20260512

Application Date

20221219

Claims (6)

1. 1. A state aware ambiguity test system for a 5G NGAP protocol, comprising: The test data generation module is used for generating an original test data sample and designating the position of a field to be tested and a protocol state machine stage; the protocol state maintenance module is used for maintaining the component to be tested to a target state machine stage according to the designated protocol state machine stage; The field mutation module is used for mutating the appointed field position to be tested of the original test data sample to generate a fuzzy test sample, sending the generated fuzzy test sample to the tested component, judging whether to mutate or not based on the returned data of the tested component, and sending the mutation result to the log analysis recording module; The tested component monitoring module is used for monitoring the working state of the tested component, and when an abnormality occurs, collecting the current crash log and sending the current crash log to the log analysis recording module; the log analysis recording module is used for collecting a crash log generated by the abnormal component, determining an abnormal occurrence position and storing a transmitted fuzzy test sample and a field variation condition; The monitoring module of the tested component works in the 5G core network and has the control authority of the tested component; In the log analysis recording module, the mutation result and the abnormal situation are aggregated, whether the current abnormality is generated by the fuzzy test sample sent by the current field mutation module is determined, and if so, recording is performed.
2. 2. The state aware ambiguity test system for the 5G NGAP protocol of claim 1, wherein in the test data generation module, the raw test data samples are derived from a user input definition and/or a network data packet grabbed capture file; The user input defines that the complete interaction flow and the expected returned result need to be described by using a program language; the original test data sample includes multi-stage transmit data and expected returns.
3. 3. The state-aware ambiguity test system for the 5G NGAP protocol according to claim 1, wherein in the field mutation module, a fuzzy test sample is generated by mutating a specified field position to be tested of an original test data sample, the generated fuzzy test sample is sent to a tested component, the field mutation module receives return data of the tested component, compares the return data with an expected return, determines whether a response of the current test data is in a normal protocol state machine, and otherwise informs the log analysis recording module.
4. 4. A state-aware ambiguity test method for a 5G NGAP protocol is characterized by comprising the following steps: Step S1, a test data generation module generates an original test data sample, and designates the position of a field to be tested and a protocol state machine stage; step S2, a protocol state maintenance module maintains the component to be tested to a target state machine stage according to the designated protocol state machine stage; s3, a field mutation module mutates the appointed field position to be detected of the original test data sample to generate a fuzzy test sample, the generated fuzzy test sample is sent to a tested component, whether mutation is judged based on the returned data of the tested component, and a mutation result is sent to a log analysis recording module; S4, a tested component monitoring module monitors the working state of the tested component, and when abnormality occurs, a current crash log is collected and sent to a log analysis recording module; s5, collecting crash logs generated by the abnormal components by a log analysis recording module, determining the occurrence position of the abnormality, and storing the sent fuzzy test sample and field variation conditions; The monitoring module of the tested component works in the 5G core network and has the control authority of the tested component; In the log analysis recording module, the mutation result and the abnormal situation are aggregated, whether the current abnormality is generated by the fuzzy test sample sent by the current field mutation module is determined, and if so, recording is performed.
5. 5. The state-aware ambiguity test method for the 5G NGAP protocol of claim 4, wherein in the test data generation module, the original test data samples are derived from a user input definition and/or a packet capture file of a network data packet capture; The user input defines that the complete interaction flow and the expected returned result need to be described by using a program language; the original test data sample includes multi-stage transmit data and expected returns.
6. 6. The method for detecting the state awareness fuzzing according to claim 4, wherein in the field mutation module, a specified field position to be detected of an original test data sample is mutated to generate a fuzzed test sample, the generated fuzzed test sample is sent to a tested component, the field mutation module receives return data of the tested component, compares the return data with expected returns, judges whether a response of the current test data is in a normal protocol state machine, and otherwise informs a log analysis recording module.

Description

State sensing fuzzy test system and method for 5G NGAP protocol Technical Field The invention relates to the technical field of network security, in particular to a state-aware fuzzy test system and method for a 5G NGAP protocol. Background A new generation of technology appears in a mobile communication network about every 10 years, and a multiple increase in network capacity is achieved by introducing key technology, and new service types are promoted to emerge continuously. Since the 80 s of the 20 th century, mobile communication technology has undergone 5 stages of development, all of which have had a wide and profound impact on the digital development of the economic society. Mobile communication networks of different periods face different security problems and risks, and with the continuous updating and improvement of the ideas of the protocol and the standard establishment, the security of the protocol is also improving the iteration. The first generation (1G) mobile networks, as the original communication network, were very vulnerable to interception, replay and forgery attacks with few security concerns. The security problems related to pseudo base stations, spam messages and message forgery in the second generation (2G) mobile network are ubiquitous and widely utilized, and have far-reaching influence to date. In the third generation (3G) mobile network, an IP-based communication protocol is introduced for the first time, so that vulnerabilities and attack surfaces of internet security are transferred to the mobile network along with upgrading. The fourth generation (4G) mobile network brings remarkable connection speed and network quality improvement, exploits more use scenes and application areas of the mobile network, and further enlarges and complicates security threat. From 1G to 4G, signaling exchange is completed between network elements of the mobile core network based on a fixed link, and a control plane and a user plane of the network are continuously separated and decoupled. Compared to 4G, 5G uses a completely new network architecture that can provide at least 10 times the peak rate of 4G, as well as transmission delays on the order of milliseconds and connection capabilities on the order of trillions. The 5G core network reconstructs the traditional architecture and redefines the network entities in the manner of Network Functions (NF). Each NF provides application realization and mutual calling for independent functions, i.e. one NF entity can be further split into a plurality of self-contained, self-managed and reusable NF services. The NF is decoupled from each other, has the capability of independent upgrading and independent elasticity, and the capability of intercommunication between a standard interface and other NF services, and can be arranged and instantiated for deployment according to different requirements through an arrangement tool. The architecture improvement and transformation of the 5G core network is unprecedented in comparison to the traditional point-to-point network element architecture in the communications industry. TCP and SCTP protocols are commonly used in the 5G core network and between the user plane and the control plane, and the N2 communication interface used between the RAN and the AMF uses NGAP protocol, which is carried by SCTP. The test target of the invention is to perform stateful fuzzy test on internal Network Functions (NF) such as AMF and the like through NGAP protocol and N1 and N2 protocol families. The existing fuzzy test technology cannot maintain a state machine of a 5G network protocol, blindly generates test data packets, and therefore the problems of low test efficiency, extremely low coverage rate and incapability of testing core service logic are caused. Therefore, the invention provides a state-aware fuzzy test system for a 5G NGAP protocol, and aims to solve the defect of the existing fuzzy test technology for the 5G network protocol. Disclosure of Invention Aiming at the defects in the prior art, the invention aims to provide a state-aware ambiguity test system and method aiming at a 5G NGAP protocol. The invention provides a state sensing fuzzy test system for a 5G NGAP protocol, which comprises the following components: The test data generation module is used for generating an original test data sample and designating the position of a field to be tested and a protocol state machine stage; the protocol state maintenance module is used for maintaining the component to be tested to a target state machine stage according to the designated protocol state machine stage; The field mutation module is used for mutating the appointed field position to be tested of the original test data sample to generate a fuzzy test sample, sending the generated fuzzy test sample to the tested component, judging whether to mutate or not based on the returned data of the tested component, and sending the mutation result to the log analysis module; The