Abstract: With the widespread application of wireless networks and the rapid development of Internet of Things, the security of WiFi protocol has become an important concern in the field of network security. Fuzz testing, as an effective method for detecting software vulnerabilities, has been widely used in the security testing of WiFi protocols. However, traditional fuzz testing methods have certain limitations in the generation and optimization of testing cases, resulting in low efficiency and unsatisfactory accuracy in vulnerability mining. This paper first analyzes the characteristics of the WiFi protocol and the strategy of fuzz testing, and then proposes a configuration tree model for the weight of the testing cases suitable for the WiFi protocol and a calculation matrix of weight based on critical values. By introducing a multiround mechanism of fuzz testing and realtime weight feedback, the dynamic adjustment of the weight of the testing cases are realized, and testing cases that are more likely to trigger exceptions are screened out. The experimental results show that the method proposed in this paper can significantly improve the effectiveness of fuzz testing cases of WiFi protocol and the accuracy of vulnerability mining.

Key words: WiFi protocol, fuzz testing, testing case, weight feedback, vulnerability mining

摘要： 随着无线网络的广泛应用和物联网的快速发展，WiFi协议的安全性成为网络安全领域的重要关注点.模糊测试作为一种有效的软件漏洞检测方法，已被广泛应用于WiFi协议的安全性测试.然而，传统的模糊测试方法在测试用例的生成和优化方面存在一定的局限性，导致测试效率低下，漏洞挖掘准确率不理想.首先分析了WiFi协议的特点和模糊测试的策略，并提出了一个适用于WiFi协议的测试用例权重配置树模型以及基于临界值的权重计算矩阵.然后，通过引入多轮模糊测试机制和实时权重反馈，实现了测试用例权重的动态调整，筛选出更易触发异常的测试用例.实验结果表明，该方法能够显著提高WiFi协议模糊测试用例的有效性以及漏洞挖掘的准确率.

关键词: WiFi协议, 模糊测试, 测试用例, 权重反馈, 漏洞挖掘