Vulnerability mining technology is used for protecting the security of industrial control systems and their network protocols. Traditionally, vulnerability mining methods have the shortcomings of poor vulnerability mining ability and low reception rate. In this study, a test case generation model for vulnerability mining of the Modbus TCP based on an anti-sample algorithm is proposed. Firstly, a recurrent neural network is trained to learn the semantics of the protocol data unit. The softmax function is used to express the probability distribution of data values. Next, the random variable threshold and the maximum probability are compared in the algorithm to determine whether to replace the current data value with the minimum probability data value. Finally, the Modbus application protocol (MBAP) header is completed according to the protocol specification. Experiments using the anti-sample fuzzer show that it not only improves the reception rate of test cases and the ability to exploit vulnerabilities, but also detects vulnerabilities of industrial control protocols more quickly.

中文翻译：

---

使用反采样模糊器的Modbus TCP漏洞挖掘方法。

漏洞挖掘技术用于保护工业控制系统及其网络协议的安全。传统上，漏洞挖掘方法存在漏洞挖掘能力差，接收率低的缺点。本文提出了一种基于反样本算法的Modbus TCP漏洞挖掘的测试用例生成模型。首先，训练循环神经网络以学习协议数据单元的语义。softmax函数用于表示数据值的概率分布。接下来，在算法中比较随机变量阈值和最大概率，以确定是否用最小概率数据值替换当前数据值。最后，Modbus应用协议（MBAP）标头根据协议规范完成。使用反样本模糊器进行的实验表明，它不仅可以提高测试用例的接收率和利用漏洞的能力，而且可以更快地检测到工业控制协议的漏洞。