信息安全研究2025,Vol.11Issue(1):12-20,9.DOI:10.12379/j.issn.2096-1057.2025.01.03
一种基于加权状态选择的LTE NAS协议模糊测试方法
A LTE NAS Protocol Fuzzing Method Based on Weighted State Selection
摘要
Abstract
NAS protocol is the main control plane protocol between mobile devices and LTE core network,and its security is of great significance to ensure the robustness and safety of the whole 4G network.Fuzz testing is a widely used vulnerability mining technique,and existing fuzz testing methods for NAS Protocol have problems such as low testing efficiency and difficulty test case formulation.In order to solve these problems,this paper e proposes a weight based test state selection algorithm,which is based on NAS protocol state machine and can dynamically adjust the weight of test states based on feedback;Additionally,this paper devises a test case generation strategy rooted in the information element and develops the fuzzing tool named NASFuzzer,which is tested on open source core networks open5GS and real terminal devices.The test result shows that the method in this paper can effectively find the vulnerabilities in the LTE NAS protocol implementation.关键词
LTE/NAS/模糊测试/状态选择/漏洞挖掘Key words
LTE/NAS/fuzz testing/state selection/vulnerability mining分类
计算机与自动化引用本文复制引用
廖显锋,吴礼发..一种基于加权状态选择的LTE NAS协议模糊测试方法[J].信息安全研究,2025,11(1):12-20,9.基金项目
国家重点研发计划项目(2019YFB2101704) (2019YFB2101704)
