A Survey of Network Protocol Fuzzing: Model, Techniques and Directions

TL;DR

This survey comprehensively reviews network protocol fuzzing, highlighting its unique challenges, summarizing recent advancements, proposing a unified model, and outlining future research directions to improve fuzzing effectiveness.

Contribution

It provides the first systematic analysis of network protocol fuzzing techniques, introduces a unified fuzzing process model, and identifies promising future research directions.

Findings

Summarized state-of-the-art network protocol fuzzing strategies.

Proposed a unified protocol fuzzing process model.

Outlined promising future research directions.

Abstract

As one of the most successful and effective software testing techniques in recent years, fuzz testing has uncovered numerous bugs and vulnerabilities in modern software, including network protocol software. In contrast to other fuzzing targets, network protocol software exhibits its distinct characteristics and challenges, introducing a plethora of research questions that need to be addressed in the design and implementation of network protocol fuzzers. While some research work has evaluated and systematized the knowledge of general fuzzing techniques at a high level, there is a lack of similar analysis and summarization for fuzzing research specific to network protocols. This paper offers a comprehensive exposition of network protocol software's fuzzing-related features and conducts a systematic review of some representative advancements in network protocol fuzzing since its inception. We summarize state-of-the-art strategies and solutions in various aspects, propose a unified protocol fuzzing process model, and introduce the techniques involved in each stage of the model. At the same time, this paper also summarizes the promising research directions in the landscape of protocol fuzzing to foster exploration within the community for more efficient and intelligent modern network protocol fuzzing techniques.