AutoFuzz: Automated Network Protocol Fuzzing Framework

AutoFozz dictionary

Content

   1.	Finite State Automaton (FSA)
   2.	Generic Message Sequence (GMS)
   3.	Abstraction Function
   4.	Fuzzing function 
   5.	Command and Control Socket	  
	  
   1.	Finite State Automaton (FSA)
   
	  Finite State Automaton (FSA) - is a model of behavior composed of a finite number of states, 
	  transitions between those states, and actions (from Wikipedia). AutoFozz uses FSA to construct the flow 
	  of input/output messages during the communication process between the nodes to understand a protocol
	  behavior. The FSA is used to guide the fuzzing operations. 

   2.   Generic Message Sequence (GMS)
   
	  Generic Message Sequence (GMS) stores syntax information of individual messages. GMS is a generic 
	  representation of each message that separates static and variable data fields. GMS is used 
	  to eliminate writing of fuzzing functions for specific protocols. A GMS is an array list of message 
	  blocks, where a block corresponds to either static or variable data field. Variable data fields can be 
	  one of the following types: Long, Double, Alpha-Numeric String, String. A String data type 
	  corresponds to a variable value with other characters in addition to alpha-numeric characters. 
	  Note, that there is no unique ASCII representation for the variable message block in the fuzzing 
	  engine. Therefore Long, Double, Alpha-Numeric String, String are represented as 'L', 'D', 'S' and 'A' 
	  in the fuzzing engine GMSs. A GMS is assigned to each transition, uniquely identified by its state 
	  ID and input message in the FSA.
	  
   3.   Abstraction Function
     
	  An abstraction function is a simple function used to map similar messages to a unique abstract 
	  representation. The abstraction function must be supplied by the tester. For example, SMTP client 
	  requests can be abstracted to its first four characters. That is, messages 'mail from: test@test.com' 
	  and 'mail from: account@test.com' are abstracted to 'mail'. The FSA builder uses the abstraction 
	  function to uniquely identify transitions between states. The fuzzing engine uses the abstraction 
	  function to cluster similar message to perform global alignment algorithms to generate GMSs.
	  
   4.   Fuzzing function
   
	  Fuzzing function - is a special function that performs certain modifications to an input message.
	  Modifications can be limited to the GMS, the actual input message or both.
	  
   5.   Command and Control Socket
   
	  Command and Control Socket - is a dedicated port opened by the AutoFozz to allow remote control of the 
	  fuzzing engine. AutoFozz version 0.1 only understands "RESET" ASCII command, which resets the fuzzing 
	  state of the FSA to its initial state. After every communication session performed between the n
	  odes during fuzzing, the fuzzing state should be reset to its initial one.