计算机工程

• 专栏 • 上一篇    下一篇

IMS网络Diameter协议流程漏洞挖掘

(国家数字交换系统工程技术研究中心,郑州 450002)   

  1. (国家数字交换系统工程技术研究中心,郑州 450002)
  • 收稿日期:2012-11-28 出版日期:2013-09-15 发布日期:2013-09-13
  • 作者简介:郭严赞(1987-),男,硕士研究生,主研方向:网络安全,移动通信;季新生,教授;刘彩霞,副教授;刘树新,博士研究生
  • 基金项目:

    国家“863”计划基金资助项目(2011AA010605)

Leak Mining of Diameter Protocol Flow for IMS Network

(National Digital Switching System Engineering and Technological R&D Center, Zhengzhou 450002, China)   

  1. (National Digital Switching System Engineering and Technological R&D Center, Zhengzhou 450002, China)
  • Received:2012-11-28 Online:2013-09-15 Published:2013-09-13

摘要:

为挖掘IP多媒体子系统网络异常场景下Diameter协议流程中潜在的脆弱点,提出一种基于遗传算法的Diameter协议流程漏洞挖掘方法。通过变异网络配置、用户注册状态和服务器工作状态等,制造特定的应用场景,采用遗传算法对正常消息进行变异,生成针对该场景的多维模糊测试消息,通过监测网络对测试消息的响应判断是否存在相关脆弱性。仿真实验结果表明,该生成方法能保证测试消息的随机性,并有效挖掘Diameter协议流程相关的漏洞。

关键词: IP多媒体子系统网络, 异常场景, Diameter协议, 会话流程, 遗传算法, 漏洞挖掘

Abstract:

In order to mine the potential vulnerabilities in Diameter protocol dialog flow of IP Multimedia Subsystem(IMS) abnormal scenarios, this paper proposes a leak mining method of Diameter protocol flow based on the Genetic Algorithm(GA). The method makes a given scenario by mutating network configuration, user state, and servers’ state. And generates multi-dimension fuzziness test data for the scenario using GA. This paper makes decisions that whether there are related vulnerabilities by watching the network’s response to the test messages. Simulation experimental result shows that the test messages’ generating method both ensures the messages’ randomness and improves the effectiveness, it can mine the vulnerabilities of Diameter protocol flow effectively.

Key words: IP Multimedia Subsystem(IMS) network, abnormal scenarios, Diameter protocol, session flow, genetic algorithm, leak mining

中图分类号: