On the Usage of Grammar-based Fuzzing to Evaluate the Implementation of AMQP Brokers

Ivan Gabriel Ferreira Dias; Daniel Macêdo Batista

doi:10.5753/sbrc_estendido.2025.8719

Ivan Gabriel Ferreira Dias USP http://orcid.org/0009-0001-4271-6846
Daniel Macêdo Batista USP https://orcid.org/0000-0002-4865-5896

DOI: https://doi.org/10.5753/sbrc_estendido.2025.8719

Resumo

Automated testing strategies, like fuzzing, can be used to ensure the security and reliability of software systems, and those that implement communication protocols have specific needs. One class of protocols that deserves to be highlighted, both for its expansion in use and for its complexity, is the publishsubscribe (pub-sub) class. Among several pub-sub protocols, AMQP does not receive much attention from the literature regarding fuzzing testing. This paper fills this gap by proposing the usage of grammar-based fuzzing to test AMQP brokers. The proposal is integrated into a new free and open-source fuzzer called AMQPGRAM. Experiments with AMQPGRAM attest to its capacity to cover 100% of the AMQP messages related to the establishment of connections.

Palavras-chave: Grammar, Fuzzing, AMQP, Automated Testing, Network Protocols

Referências

Adiwal, S., Ahmed, S. S., Rajendran, B., Misbahuddin, M., and Sudarsan, S. D. (2024). Role of PKI in Securing AMQP Communication. In Proc. of the IEEE PKIA, pages 1–8.

Apache (2015). AMQP - Apache Qpid. [link]. Accessed at 03/25/2025.

Araujo Rodriguez, L. G. and Batista, D. M. (2021). Towards Improving Fuzzer Efficiency for the MQTT Protocol. In Proc. of the IEEE ISCC, pages 1–7.

Broadcom (2025). RabbitMQ: One broker to queue them all | RabbitMQ. [link]. Accessed at 03/25/2025.

Crocker, D. and Overell, P. (2008). Augmented bnf for syntax specifications: Abnf. [link]. Accessed at 03/25/2025.

Gemirter, C. B., Çağatay Şenturca, and Şebnem Baydere (2021). A comparative evaluation of amqp, mqtt and http protocols using real-time public smart city data. In Proc. of the UBMK, pages 542–547.

Iqbal, F., Gohar, M., Karamti, H., Karamti, W., Koh, S.-J., and Choi, J.-G. (2023). Use of QUIC for AMQP in IoT networks. Computer Networks, 225:109640.

Kwon, S., Son, S.-J., Choi, Y., and Lee, J.-H. (2021). Protocol Fuzzing to Find Security Vulnerabilities of RabbitMQ. Concurrency and Computation: Practice and Experience, 33(23):e6012.

Kyzivat, P. (2014). Case-sensitive string support in abnf. [link]. Accessed at 03/25/2025.

Liang, H., Pei, X., Jia, X., Shen, W., and Zhang, J. (2018). Fuzzing: State of the art. IEEE Transactions on Reliability, 67(3):1199–1218.

Luo, Z., Yu, J., Du, Q., Zhao, Y., Wu, F., Shi, H., Chang, W., and Jiang, Y. (2024). Parallel Fuzzing of IoT Messaging Protocols Through Collaborative Packet Generation. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 43(11):3431–3442.

OASIS (2008). AMQP Working Group 0-9-1 | AMQP. [link]. Accessed at 03/25/2025.

Rodriguez, L. G. A. (2023). Mechanisms to Improve Fuzz Testing for Message Brokers. PhD in Computer Science, Institute of Mathematics and Statistics, USP.

Shodan (2025). AMQP version 0-9 - Shodan Search. [link]. Accessed at 03/25/2025.

W3Techs (2025). Usage Statistics of Default protocol https for Websites, March 2025. [link]. Accessed at 03/25/2025.

Yoshino, D., Watanobe, Y., and Naruse, K. (2021). A highly reliable communication system for internet of robotic things and implementation in rt-middleware with amqp communication interfaces. IEEE Access, 9:167229–167241.