一种基于加权状态选择的LTE NAS协议模糊测试方法OA北大核心

NAS protocol is the main control plane protocol between mobile devices and LTE core network,and its security is of great significance to ensure the robustness and safety of the whole 4G network.Fuzz testing is a widely used vulnerability mining technique,and existing fuzz testing methods for NAS Protocol have problems such as low testing efficiency and difficulty test case formulation.In order to solve these problems,this paper e proposes a weight based test state selection algorithm,which is based on NAS protocol state machine and can dynamically adjust the weight of test states based on feedback;Additionally,this paper devises a test case generation strategy rooted in the information element and develops the fuzzing tool named NASFuzzer,which is tested on open source core networks open5GS and real terminal devices.The test result shows that the method in this paper can effectively find the vulnerabilities in the LTE NAS protocol implementation.