TY - JOUR T1 - Protocol vulnerability detection based on network traffic analysis and binary reverse engineering A1 - Wen, Shameng A1 - Meng, Qingkun A1 - Feng, Chao A1 - Tang, Chaojing Y1 - 2017/10/19 N2 - Network protocol vulnerability detection plays an important role in many domains, including protocol security analysis, application security, and network intrusion detection. In this study, by analyzing the general fuzzing method of network protocols, we propose a novel approach that combines network traffic analysis with the binary reverse engineering method. For network traffic analysis, the block-based protocol description language is introduced to construct test scripts, while the binary reverse engineering method employs the genetic algorithm with a fitness function designed to focus on code coverage. This combination leads to a substantial improvement in fuzz testing for network protocols. We build a prototype system and use it to test several real-world network protocol implementations. The experimental results show that the proposed approach detects vulnerabilities more efficiently and effectively than general fuzzing methods such as SPIKE. JF - PLOS ONE JA - PLOS ONE VL - 12 IS - 10 UR - https://doi.org/10.1371/journal.pone.0186188 SP - e0186188 EP - PB - Public Library of Science M3 - doi:10.1371/journal.pone.0186188 ER -