{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,8]],"date-time":"2025-11-08T13:17:37Z","timestamp":1762607857628,"version":"build-2065373602"},"reference-count":33,"publisher":"MDPI AG","issue":"7","license":[{"start":{"date-parts":[[2020,4,5]],"date-time":"2020-04-05T00:00:00Z","timestamp":1586044800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61872015"],"award-info":[{"award-number":["61872015"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Vulnerability mining technology is used for protecting the security of industrial control systems and their network protocols. Traditionally, vulnerability mining methods have the shortcomings of poor vulnerability mining ability and low reception rate. In this study, a test case generation model for vulnerability mining of the Modbus TCP based on an anti-sample algorithm is proposed. Firstly, a recurrent neural network is trained to learn the semantics of the protocol data unit. The softmax function is used to express the probability distribution of data values. Next, the random variable threshold and the maximum probability are compared in the algorithm to determine whether to replace the current data value with the minimum probability data value. Finally, the Modbus application protocol (MBAP) header is completed according to the protocol specification. Experiments using the anti-sample fuzzer show that it not only improves the reception rate of test cases and the ability to exploit vulnerabilities, but also detects vulnerabilities of industrial control protocols more quickly.<\/jats:p>","DOI":"10.3390\/s20072040","type":"journal-article","created":{"date-parts":[[2020,4,7]],"date-time":"2020-04-07T03:58:39Z","timestamp":1586231919000},"page":"2040","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":21,"title":["Vulnerability Mining Method for the Modbus TCP Using an Anti-Sample Fuzzer"],"prefix":"10.3390","volume":"20","author":[{"given":"Yingxu","family":"Lai","sequence":"first","affiliation":[{"name":"College of Computer Science, Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Huijuan","family":"Gao","sequence":"additional","affiliation":[{"name":"College of Computer Science, Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jing","family":"Liu","sequence":"additional","affiliation":[{"name":"College of Computer Science, Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"1968","published-online":{"date-parts":[[2020,4,5]]},"reference":[{"key":"ref_1","unstructured":"Chen, Y.N. (2017). Service-Oriented Computing and System Integration: Software, IoT, Big Data, and AI as Services, Kendall Hunt Publishing. [6th ed.]."},{"key":"ref_2","first-page":"143","article-title":"Research on Intrusion Detection of Industrial Control System","volume":"38","author":"Lai","year":"2017","journal-title":"J. Commun."},{"key":"ref_3","unstructured":"Papadopoulos, D.A., Tanzman, A., Baker, R.A., Belliardi, R.G., and Dube, D.J.W. (2000). System for Remotely Accessing an Industrial Control System over a Commercial Communications Network. (6061603), U.S. Patent."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1016\/j.cose.2018.06.002","article-title":"Anomaly Detection for Industrial Control System Using Process Mining","volume":"78","author":"David","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_5","first-page":"1","article-title":"Automatic Control Model of Water Filling System with Allen Bradley MicroLogix 1400 PLC","volume":"309","author":"Harahap","year":"2018","journal-title":"Mater. Sci. Eng."},{"key":"ref_6","unstructured":"Sun, Y.A. (2019, April 25). Industrial Control System Faces Four Major Security Threats. Available online: http:\/\/www.sohu.com\/a\/306572498_464012."},{"key":"ref_7","first-page":"728","article-title":"Security Situation and Threats Analysis of Industrial Internet in China and Abroad","volume":"5","author":"Fu","year":"2019","journal-title":"J. Inf. Secur. Res."},{"key":"ref_8","unstructured":"Swales, A. (1999, March 29). Open Modbus\/TCP Specification. Available online: http:\/\/www.tuomio.fi\/ananas\/Open_ModbusTCP_Standard.pdf."},{"key":"ref_9","unstructured":"Deon, R., Steve, M., and Edwin, W. (2004). Modbus Overview. Washington, Practical Industrial Data Networks. Practical Industrial Data Communications: Best Practice Techniques, Butterworth-Heinemann."},{"key":"ref_10","unstructured":"Liu, Q., and Li, Y.M. (2006, January 21\u201323). Modbus TCP Based Network Control System for Water Process in the Firepower Plant. Proceedings of the 6th World Congress on Intelligent Control and Automation, Dalian, China."},{"key":"ref_11","unstructured":"Simon, D.A., Suneetha, K., Daniel, F., and Hans, D.S. (2018, January 28). Evaluation of Machine Learning-Based Anomaly Detection Algorithms on An Industrial Modbus\/TCP Data Set. Proceedings of the 13th International Conference on Availability, Reliability and Security, Hamburg, Germany."},{"key":"ref_12","first-page":"90","article-title":"Overview of Vulnerability Mining Analysis Technology","volume":"12","author":"Chi","year":"2009","journal-title":"Comput. Inf. Technol."},{"key":"ref_13","unstructured":"Yoo, H., and Shon, T. (2016, January 6). Grammar-Based Adaptive Fuzzing: Evaluation on SCADA Modbus Protocol. Proceedings of the IEEE International Conference on Smart Grid Communications, Sydney, Australia."},{"key":"ref_14","unstructured":"Patrice, G., Hila, P., and Rishabh, S. (2017, January 25). Learn&Fuzz: Machine Learning for Input Fuzzing. Proceedings of the 32nd IEEE\/ACM International Conference on Automated Software Engineering, Urbana, IL, USA."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1145\/96267.96279","article-title":"An Empirical Study of the Reliability of UNIX Utilities","volume":"33","author":"Barton","year":"1990","journal-title":"Commun. ACM"},{"key":"ref_16","unstructured":"Michael, S., Adam, G., and Pedram, A. (2007). Fuzzing: Brute Force Vulnerability Discovery, Addison-Wesley Professional."},{"key":"ref_17","unstructured":"Pedram, A., and Aaron, P. (2007, August 24). Sulley: Fuzzing Framework. Available online: http:\/\/www.fuzzing.org\/wp-content\/SulleyManual.pdf."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Hu, Z.C., Shi, J.Q., Huang, Y.H., and Xiong, J.W. (2018, January 8). GANFuzz: A GAN-Based Industrial Network Protocol Fuzzing Framework. Proceedings of the 15th ACM International Conference on Computing Frontiers, Ischia, Italy.","DOI":"10.1145\/3203217.3203241"},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"49327","DOI":"10.1109\/ACCESS.2019.2911121","article-title":"An Intelligent Fuzzing Data Generation Method Based on Deep Adversarial Learning","volume":"7","author":"Li","year":"2019","journal-title":"IEEE Access"},{"key":"ref_20","unstructured":"Neungsoo, P., and Hyung, K.A. (2019, January 18\u201320). Multi-layer RNN-Based Short-Term Photovoltaic Power Forecasting Using IOT Dataset. Processing of the 2019 AEIT International Annual Conference (AEIT), Florence, Italy."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Mikolov, T., Karafiat, M., Burget, L., and Cernocky, J. (2010, January 26). Recurrent Neural Network-Based Language Model. Proceedings of the INTERSPEECH 2010 Conference of the International Speech Communication Association, Chiba, Japan.","DOI":"10.21437\/Interspeech.2010-343"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"107","DOI":"10.1016\/j.patrec.2019.08.024","article-title":"Using Fine-Tuned Conditional Probabilities for Data Transformation of Nominal Attributes","volume":"128","author":"Li","year":"2019","journal-title":"Pattern Recogn. Lett."},{"key":"ref_23","unstructured":"Abdul, A.M., and Venkatesh, U. (2018, January 19\u201322). Effectiveness of Hierarchical Softmax in Large Scale Classification Tasks. Proceedings of the 2018 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Bangalore, India."},{"key":"ref_24","unstructured":"Kyongmin, Y., Igor, M., Nam, N., and Eun, K.L. (2019, January 17). DE-RNN: Forecasting the Probability Density Function of Nonlinear Time Series. Proceedings of the 2018 IEEE 18th International Conference on Communication Technology (ICCT), Singapore."},{"key":"ref_25","unstructured":"Chen, Z.H. (2018). Multitask Text Classification Based on Deep Learning, GuangDong, South China University of Technology."},{"key":"ref_26","unstructured":"Hinton, G., Vinyls, O., and Dean, J. (2014, March 09). Distilling the Knowledge in A Neural Network. Available online: https:\/\/arxiv.org\/pdf\/1503.02531.pdf."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.ijar.2018.08.003","article-title":"Exploiting Multiple Word Embeddings and One-Hot Character Vectors for Aspect-Based Sentiment Analysis","volume":"103","author":"Duchong","year":"2018","journal-title":"Int. J. Approx. Reason."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Wu, Y., Zheng, Q., Wang, R.N., Zhang, C.T., and Sun, J.Y. (2014, January 4\u20136). Improving the Accuracy of Destructive Earthquake Prediction by Transforming the Small Probability Event to Conditional Probability Event. Proceedings of the 2014 Seventh International Joint Conference on Computational Sciences and Optimization, Beijing, China.","DOI":"10.1109\/CSO.2014.124"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Huang, H.C., Feng, R.D., Zhu, J., and Li, P.L. (2019). Prediction of PH Value by Multi-Classification in the Weizhou Island Area. Sensors, 19.","DOI":"10.3390\/s19183875"},{"key":"ref_30","first-page":"174","article-title":"Industrial Control System Simulation and Data Logging for Intrusion Detection System Research","volume":"17","author":"Thomas","year":"2015","journal-title":"Int. J. Netw. Secur. (IJNS)"},{"key":"ref_31","unstructured":"Antoine, L., and Jose, M. (2016, January 10\u201312). Providing SCADA Network Data Sets for Intrusion Detection Research. Proceedings of the 9th USENIX Conference on Cyber Security Experimentation and Test, Austin, TX, USA."},{"key":"ref_32","first-page":"82","article-title":"APF-Kitty: A New Appropriate Protocol Fuzzy Testing Tool Based on Word Embedding","volume":"17","author":"Fu","year":"2017","journal-title":"Sci. Technol. Eng."},{"key":"ref_33","unstructured":"Omar, M.K.A., Alex, A., and Ali, D. (2019). Evaluation and Application of Two Fuzzing Approaches for Security Testing of IOT Applications. Handbook of Big Data and IoT Security, Springer."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/7\/2040\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T09:15:40Z","timestamp":1760174140000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/20\/7\/2040"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,4,5]]},"references-count":33,"journal-issue":{"issue":"7","published-online":{"date-parts":[[2020,4]]}},"alternative-id":["s20072040"],"URL":"https:\/\/doi.org\/10.3390\/s20072040","relation":{},"ISSN":["1424-8220"],"issn-type":[{"type":"electronic","value":"1424-8220"}],"subject":[],"published":{"date-parts":[[2020,4,5]]}}}