Nowadays the most serious security problems are imperfection in the implementations of network protocols. This imperfection can bring a lot of vulnerabilities such as could allow malicious user to attack the systems remotely using the network protocols over the internet. That is why developers value software security phases involving review of code, risk analysis, testing with penetration, and Fuzzing. In case of Fuzz testing, the main aim is to find vulnerabilities in the software/application by sending inputs which are not expected to the target. Then they monitor the situation of the target. In this thesis, we propose Mod-Fuzz, a modified version of AutoFuzz [2], which is applied to test network protocol implementations. Mod-Fuzz is a network protocol fuzz testing framework, which is extendable, man-in-the-middle, smart, and mostly deterministic. Mod-Fuzz, like AutoFuzz, has the ability to learn a given protocol implementation by building a Finite State Automaton (FSA) from records of communication traces between a client and the server. Additionally, Mod-Fuzz has the ability to learn syntax of individual messages at a lower level using the techniques of bioinformatics [12]. At last, Mod-Fuzz can fuzz a given server protocol specification by changing the communication between the traces. We applied Mod-Fuzz to multiple implementations of File Transfer Protocol (FTP) server, with result of finding new and existing known vulnerabilities.
