中图分类号：TP309
文献标识码：A
DOI:10.19358/j.issn.2097-1788.2023.07.010
引用格式：樊志强，王洪宇，刘日昇.命令行接口模糊测试漏洞挖掘研究及应用［J］.网络安全与数据治理，2023，42（7）：61-66，78.

Research and application of CLI vulnerability mining by fuzz testing

Abstract： 5G data network devices are the infrastructure of modern communications, and the security and reliability directly ensure that the entire network is secure and reliable. As the basic operating interface of network devices, the command line interface is of vital significance for improving the security of the entire network. Based on the fuzz testing, a command line interface vulnerability mining method is proposed, and the key technologies and processes such as injection point analysis and definition, fuzziness test vulnerability mining data model processing, fuzziness test algorithm optimization and fuzziness test vulnerability mining process are studied deeply. The research results are directly applied to the fuzziness vulnerability mining system of the command line interface to implement key functions such as network device information collection, fuzziness data modeling, network device response information analysis, vulnerability mining execution, analysis after vulnerability mining, and vulnerability report generation. Finally, it discusses and looks to the future to improve the efficiency and effectiveness of the fuzziness vulnerability mining system of the command line interface.

Key words : fuzz testing; command line interface; network equipment; vulnerability mining; network security