TUM Logo

Fuzz me maybe: Automated Protocol Reverse Engineering for Model Based Fuzzing

Fuzz me maybe: Automated Protocol Reverse Engineering for Model Based Fuzzing

Supervisor(s): Katharina Bogad, Florian Kasten
Status: open
Topic: Others
Type of Thesis: Masterthesis
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching

Description

Fuzzing is a popular technique to automatically discover bugs in a given software by mutating
a given input such that the new input crashes the target. One main technique is
model based fuzzing, targeted to fuzz (network) communication protocol interfaces of a given
program.
However, creating these models is a tedious and manual process requiring deep knowledge
of a given protocol. Further, unknown protocols often only have proprietary implementations
facing little scrutiny by the general public. This makes black-box fuzzing highly
interesting, but very challenging as before fuzzing, the protocol must be fully reverse engineered.


Task Description


The objective of this thesis is to apply known, published automated protocol reverse engineering
approaches to the task of fuzzing model generation. The resulting models should
then be evaluated against a given set of criteria, including accuracy to a manually defined
model and bug-finding-capability. Further, it shall be investigated whether fuzzing model
generation is a suitable benchmark for automated protocol reverse engineering methods.


Requirements


• High motivation and ability to work independently
• Confident in working with Linux and git
• Confident in working with Python 3
• Interest in automation of security and fuzz testing


Contact


Please send your application with current CV and transcript of records to:


Katharina Bogad
Secure Operating Systems
Mail: katharina.bogad@aisec.fraunhofer.de
Phone: +49 89 322 9986-1020


Florian Kasten
Secure Operating Systems
Mail: florian.kasten@aisec.fraunhofer.de
Phone: +49 89 322 9986-1027


Fraunhofer Institute for Applied and Integrated Security (AISEC)
Lichtenbergstr. 11, 85748 Garching near Munich