中圖分類號：TP309
文獻標識碼：A
DOI:10.19358/j.issn.2097-1788.2023.07.010
引用格式：樊志強，王洪宇，劉日昇.命令行接口模糊測試漏洞挖掘研究及應用［J］.網(wǎng)絡安全與數(shù)據(jù)治理，2023，42（7）：61-66，78.

Research and application of CLI vulnerability mining by fuzz testing

Abstract： 5G data network devices are the infrastructure of modern communications, and the security and reliability directly ensure that the entire network is secure and reliable. As the basic operating interface of network devices, the command line interface is of vital significance for improving the security of the entire network. Based on the fuzz testing, a command line interface vulnerability mining method is proposed, and the key technologies and processes such as injection point analysis and definition, fuzziness test vulnerability mining data model processing, fuzziness test algorithm optimization and fuzziness test vulnerability mining process are studied deeply. The research results are directly applied to the fuzziness vulnerability mining system of the command line interface to implement key functions such as network device information collection, fuzziness data modeling, network device response information analysis, vulnerability mining execution, analysis after vulnerability mining, and vulnerability report generation. Finally, it discusses and looks to the future to improve the efficiency and effectiveness of the fuzziness vulnerability mining system of the command line interface.

Key words : fuzz testing; command line interface; network equipment; vulnerability mining; network security