Forget phishing for bank account passwords. The deepest threats to online security are the weaknesses in the fundamental protocols that run the Internet.


"Codenomicon has found a critical focus area which expands beyond web testing, where the XML industry has an opportunity to proactively assess the security holes contained in everyday services used by the general public. I would hope the industry warmly welcomes both the research results and an innovative testing solution to help diagnose the problems."

Prof. Howard A. Schmidt
former White House Cyber Security advisor & Codenomicon board member

DEFENSICS™ Traffic Capture Fuzzer   pdf

Introduction | Features | Benefits | Screenshots
Augment with Model Based Fuzzing | Test Solution

Augment with Model Based Fuzzing

But nevertheless, Traffic Capture Fuzzer should never be the only tool used for zero-day vulnerability discovery. It should be the last resort only when a model based tool is not available. The benefits for model based approaches are still significant compared to any mutation based approach:


» TEST EXECUTION TIME: Intelligent Model-Based tests target the known weaknesses of the tested protocol, thus reducing test run time considerably without compromising the comprehensiveness of the tests. Short test execution times also allow the integration of tests into regression tests, and automated nightly and weekly test suites.

» COVERAGE: PCAP does not represent the whole protocol implementation. The selection it makes is limited, because it only captures samples of network traffic. You might miss important rare messages, and thus fail to test the entire software implementation. A Model-Based approach covers the standard specifications and contains an optimized set of tests to cover the specifications, thus providing a wider test coverage of the actual implementation. Traffic captures also ignore rarely used features, which tend to cause havoc in systems, because they are not subjected to heavy day-to-day usage.

» INTERACTION WITH SUT: PCAP based testing does not enable easy stateful testing. The network traffic captures cannot provide the information needed to understand the messages, thus the state of the SUT cannot be deciphered. Understanding the state of the SUT is a prerequisite for testing higher level protocols systematically.

» ZERO-DAY VULNERABILITIES: Traffic Capture Fuzzing is based on visible network traffic and known threat scenarios, and therefore it does not fully address the problem of unknown vulnerabilities. Model-Based testing consistently reaches better Zero-Day discovery rates than other testing methods.

Conclusion

Traffic Capture Fuzzers, like any testing solution based on pure mutation, is a valuable tool for testing simple protocols. However, the testing of more complex protocol implementation comprehensively requires an intelligent Model-Based approach.

Codenomicon Network Analyzer

Codenomicon DEFENSICS™ 3.0 - Free evaluation

Sign up for our newsletter

Follow us on:

Twitter Facebook