Search

CN-122002294-A - Method and device for verifying stateful message variation security of core network protocol

CN122002294ACN 122002294 ACN122002294 ACN 122002294ACN-122002294-A

Abstract

The application provides a method and a device for verifying security of message mutation of a core network protocol stateful state, the method comprises the steps of obtaining a current protocol state tree, wherein each node in the protocol state tree corresponds to a core network protocol state, an edge connected between two nodes indicates that the protocol state corresponding to the node can trigger state transfer through the protocol message corresponding to the edge, searching nodes based on scoring values of the nodes in the protocol state tree, selecting a target node, selecting a target message in a message corpus of the target state corresponding to the target node, mutating the target message to obtain a mutated message, sending the mutated message to a core network for security test, and updating the protocol state tree based on state change conditions of the core network and execution results of the mutated message. The application can realize the selection of a state with more test value under a plurality of protocol states of the core network based on the test value comprehensive score, carry out efficient and targeted message variation and test, and improve the efficiency of the security verification of the core network.

Inventors

  • LI ZIFU
  • XU JINBO
  • LI FENGHUA
  • GUO YUNCHUAN
  • FANG LIANG
  • GENG KUI

Assignees

  • 中国科学院信息工程研究所

Dates

Publication Date
20260508
Application Date
20251219

Claims (10)

  1. 1. The method for verifying the security of the stateful message variation of the core network protocol is characterized by comprising the following steps of: Acquiring a current protocol state tree, wherein each node in the protocol state tree corresponds to a core network protocol state, edges between the nodes correspond to protocol messages, and the edges connected between the two nodes represent that the protocol state corresponding to the nodes can trigger state transition through the protocol messages corresponding to the edges; performing node search based on a scoring value of a node in the protocol state tree, and selecting a target node, wherein the scoring value is determined based on the depth of the node in the protocol state tree, the historical searched condition, the historical selected condition and the state change condition of the protocol state tree after being selected; selecting a target message from a message corpus of a target state corresponding to the target node; And mutating the target message to obtain a mutated message, transmitting the mutated message to a core network for security test, and updating the protocol state tree based on the state change condition of the core network and the mutated message execution result.
  2. 2. The core network protocol state oriented message variant security verification method of claim 1, wherein the scoring value of a node is determined based on the following formula: ; ; Wherein, the As a result of the value of the scoring, As the number of times a node is accessed, For the number of times a node is selected, For the number of selections of the parent node of the node, For the depth of a node in the protocol state tree, In order to bias the weights, the weights are, Is a bonus parameter that is a function of the prize, Is a non-negative super-parameter, and the non-negative super-parameter is a non-negative super-parameter, To reflect whether the protocol state tree generates new parameters for a node after the node is selected for testing for the target node, To reflect the parameters of whether the protocol state tree produced a new edge after a node was selected for testing for the target node, To reflect the parameters of whether a node has generated an error after being selected as the target node for testing, To reflect the proportion of the number of new field entries generated in the variant message after a node is selected as the target node to the total variant field entry number.
  3. 3. The method for verifying security of a state-oriented message variant of a core network protocol according to claim 2, wherein updating the protocol state tree based on the state change condition of the core network and the variant message execution result comprises: determining whether to generate a new node or a new edge in the protocol state tree based on the state change condition of the core network; updating the scoring value of the target node based on whether a new node or a new edge is generated in the protocol state tree and a variant message execution result.
  4. 4. The method for verifying the security of the variance of the message in the core network protocol according to claim 1, wherein before the variance message is sent to the core network for security testing, the method comprises: Determining at least one candidate message sequence path based on a current state of the core network, the protocol state tree, and the target node, the message sequence path including at least one edge in the protocol state tree; And determining a target message sequence path based on the length, the execution times and the success rate of the candidate message sequence path, wherein the target message sequence path is used for recovering the state of the core network to the target state.
  5. 5. The method for security verification of message variation in a core network protocol state according to claim 1, wherein selecting a target message from a message corpus of target states corresponding to the target node comprises: and determining the target message based on the variation times and the message length of each message in the message corpus.
  6. 6. The method for verifying security of message mutation in a core network protocol according to claim 1, wherein the performing mutation on the target message to obtain a mutated message, and transmitting the mutated message to a core network for security testing comprises: transmitting the mutation messages respectively corresponding to the user terminals to the core network in parallel through the user terminals; The mutation message corresponding to each user terminal is generated based on the following steps: Determining mutation decisions of all fields in the target message in sequence based on a preset mutation strategy comparison table, and generating the mutation message based on the mutation decisions; when the mutation decision of the field is a first mutation decision, acquiring a field value of the field from a local sequence level field pool corresponding to the user terminal, and when the mutation decision of the field is a second mutation decision, carrying out field mutation on the field; after the mutation messages respectively corresponding to the plurality of user terminals are obtained, the method comprises the following steps: Writing a variation field which is newly added or needs to be updated into the local sequence level field pool corresponding to the user terminal based on the variation message corresponding to the user terminal and adding a needed synchronization mark; and adding a field needing synchronous marking in the local sequence level field pool into a global sequence level field pool.
  7. 7. A core network protocol state oriented message variation security verification device, comprising: The protocol state tree acquisition module is used for acquiring a current protocol state tree, each node in the protocol state tree corresponds to a core network protocol state, edges between the nodes correspond to protocol messages, and the edges connected between the two nodes represent that the protocol state corresponding to the node can trigger state transition through the protocol message corresponding to the edge; the tree search module is used for searching nodes based on the scoring values of the nodes in the protocol state tree, selecting target nodes, and determining the scoring values based on the depth of the nodes in the protocol state tree, the historic searched condition, the historic selected condition and the state change condition of the protocol state tree after being selected; the message selection module is used for selecting a target message from a message corpus of a target state corresponding to the target node; And the mutation testing module is used for carrying out mutation on the target message to obtain a mutation message, sending the mutation message to a core network for carrying out security test, and updating the protocol state tree based on the state change condition of the core network and the execution result of the mutation message.
  8. 8. An electronic device comprising a memory, a processor and a computer program stored on the memory and running on the processor, wherein the processor implements the core network protocol stateful message variant security verification method of any one of claims 1-6 when executing the computer program.
  9. 9. A non-transitory computer readable storage medium having stored thereon a computer program, which when executed by a processor implements the core network protocol stateful message mutation security verification method of any one of claims 1 to 6.
  10. 10. A computer program product comprising a computer program which, when executed by a processor, implements a core network protocol state oriented message variant security verification method as claimed in any one of claims 1 to 6.

Description

Method and device for verifying stateful message variation security of core network protocol Technical Field The application relates to the technical field of data processing, in particular to a method and a device for verifying the security of a stateful message variation of a core network protocol. Background The core network is used as a hub for connecting terminal equipment and a data network, and is important in networks such as mobile communication, satellite communication and the like. The software and distributed architecture of the core network improves the flexibility of the network, enlarges the attack surface and introduces new security challenges. With the access of mass terminals, service and signaling traffic are highly converged in a core network, and pressure is formed on system stability and flexible scheduling. The core network control plane communicates on the shared service interaction platform through a single, service-based interface bus, which means that an attacker may launch a lateral mobile attack with a single network element or weak point as a break, ultimately crisis the whole core network. In addition, because the core network protocol state interaction process is highly complex and the time sequence dependence is strong, ambiguity or undefined parts exist in the protocol specification, so that security defects exist in different protocol implementations, and serious security consequences such as authentication bypass and service rejection can be caused. Such attacks can cause system flow execution blocking, even key network element failure and core network paralysis, severely affecting overall usability and user experience. Therefore, security verification is performed on the core network protocol, so that the correctness of the interface protocol is guaranteed, and the method becomes one of the key problems in the security research of the core network. The protocol fuzzy test sends a large number of legal or illegal protocol messages to the core network element through data packet generation and mutation so as to find out the protocol defects and security holes, and the protocol fuzzy test becomes a main technical route for the security verification of the core network. Most fuzzy test tools generate and mutate data packets based on rules or traffic without fully considering protocol states, and cannot realize efficient security verification aiming at more valuable protocol states, so that the security verification efficiency of a core network is low. Disclosure of Invention The application provides a method and a device for verifying security of message variation oriented to a core network protocol in a stateful manner, which are used for solving the defect of low security verification efficiency of a core network in the prior art and improving the security verification efficiency of the core network. The application provides a method for verifying the security of the stateful message variation of a core network protocol, which comprises the following steps: Acquiring a current protocol state tree, wherein each node in the protocol state tree corresponds to a core network protocol state, edges between the nodes correspond to protocol messages, and the edges connected between the two nodes represent that the protocol state corresponding to the nodes can trigger state transition through the protocol messages corresponding to the edges; performing node search based on a scoring value of a node in the protocol state tree, and selecting a target node, wherein the scoring value is determined based on the depth of the node in the protocol state tree, the historical searched condition, the historical selected condition and the state change condition of the protocol state tree after being selected; selecting a target message from a message corpus of a target state corresponding to the target node; And mutating the target message to obtain a mutated message, transmitting the mutated message to a core network for security test, and updating the protocol state tree based on the state change condition of the core network and the mutated message execution result. According to the core network protocol stateful message variation security verification method provided by the application, the scoring value of the state node is determined based on the following formula: ; ; Wherein, the As a result of the value of the scoring,As the number of times a node is accessed,For the number of times a node is selected,For the number of selections of the parent node of the node,For the depth of a node in the protocol state tree,In order to bias the weights, the weights are,Is a bonus parameter that is a function of the prize,Is a non-negative super-parameter, and the non-negative super-parameter is a non-negative super-parameter,To reflect whether the protocol state tree generates new parameters for a node after the node is selected for testing for the target node,To reflect the parameters of whether