Cybersecurity (Nov 2022)

NDFuzz: a non-intrusive coverage-guided fuzzing framework for virtualized network devices

  • Yu Zhang,
  • Nanyu Zhong,
  • Wei You,
  • Yanyan Zou,
  • Kunpeng Jian,
  • Jiahuan Xu,
  • Jian Sun,
  • Baoxu Liu,
  • Wei Huo

DOI
https://doi.org/10.1186/s42400-022-00120-1
Journal volume & issue
Vol. 5, no. 1
pp. 1 – 21

Abstract

Read online

Abstract Network function virtualization provides programmable in-network middlewares by leveraging virtualization technologies and commodity hardware and has gained popularity among all mainstream network device manufacturers. Yet it is challenging to apply coverage-guided fuzzing, one of the state-of-the-art vulnerability discovery approaches, to those virtualized network devices, due to inevitable integrity protection adopted by those devices. In this paper, we propose a coverage-guided fuzzing framework NDFuzz for virtualized network devices with a novel integrity protection bypassing method, which is able to distinguish processes of virtualized network devices from hypervisors with a carefully designed non-intrusive page global directory inference technique. We implement NDFuzz atop of two black-box fuzzers and evaluate NDFuzz with three representative network protocols, SNMP , DHCP and NTP , on nine popular virtualized network devices. NDFuzz obtains an average 36% coverage improvement in comparison with its black-box counterparts. NDFuzz discovers 2 0-Day vulnerabilities and 1 1-Day vulnerability with coverage guidance while the black-box fuzzer can find only one of them. All discovered vulnerabilities are confirmed by corresponding vendors.

Keywords