An Intelligent Network Fuzzer for Protocol Testing in Healthcare Systems

Testing the robustness and security of network protocol implementations
is essential across all domains. We present Network-
Fuzzer, a generic, feedback-driven network fuzzer designed to test and
analyze protocol implementations by operating directly on real traffic.
Unlike traditional code coverage-based fuzzers, NetworkFuzzer works
at the network level and employs a closed-loop fuzzing mechanism that
dynamically adapts based on server responses. The system incorporates
three key components: (i) response-aware fuzzing operators that perform
protocol-specific packet mutations, (ii) a Conditional Tabular GAN (CTGAN)
model that learns from both normal and abnormal traffic to generate
diverse and protocol-compliant test cases, and (iii) Large Language
Models (LLMs) that automate the generation of testing rules from protocol
specifications. While NetworkFuzzer is protocol-agnostic and
applicable to a wide range of network protocols, in this paper we focus
on its application to the Digital Imaging and Communications in
Medicine (DICOM) protocol, which is commonly used for medical image
exchange, to demonstrate its utility in healthcare cybersecurity. Our
evaluation shows that NetworkFuzzer effectively executes real-world
attacks and generates realistic synthetic traffic, thus enhancing the robustness
of testing and training for security systems.