Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents
María Leonor Pacheco and Max von Hippel
, Purdue and Northeastern
Date: Wednesday, April 06, 2022
Time: 3:00 PM to 4:00 PM Note: all times are in the Eastern Time Zone
Event Type: Seminar
Host: Srini Devadas, CSAIL
Contact: Kyle L Hogan, firstname.lastname@example.org
Speaker URL: None
email@example.com, firstname.lastname@example.org, email@example.com
TALK: Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents
Automated attack discovery techniques, such as attacker synthesis or model-based fuzzing, provide powerful ways to ensure network protocols operate correctly and securely. Such techniques, in general, require a formal representation of the protocol, often in the form of a finite state machine (FSM). Unfortunately, many protocols are only described in English prose, and implementing even a simple network protocol as an FSM is time-consuming and prone to subtle logical errors. Automatically extracting protocol FSMs from documentation can significantly contribute to increased use of these techniques and result in more robust and secure protocol implementations.
In this work we focus on attacker synthesis as a representative technique for protocol security, and on RFCs as a representative format for protocol prose description. Unlike other works that rely on rule-based approaches or use off-the-shelf NLP tools directly, we suggest a data-driven approach for extracting FSMs from RFC documents. Specifically, we use a hybrid approach consisting of three key steps: (1) large-scale word-representation learning for technical language, (2) focused zero-shot learning for mapping protocol text to a protocol-independent information language, and (3) rule-based mapping from protocol-independent information to a specific protocol FSM. We show the generalizability of our FSM extraction by using the RFCs for six different protocols: BGPv4, DCCP, LTP, PPTP, SCTP and TCP. We demonstrate how automated extraction of an FSM from an RFC can be applied to the synthesis of attacks, with TCP and DCCP as case-studies. Our approach shows that it is possible to automate attacker synthesis against protocols by using textual specifications such as RFCs.
Join Zoom Meeting
One tap mobile
+16465588656,,97527284254# US (New York)
+16699006833,,97527284254# US (San Jose)
Meeting ID: 975 2728 4254
US : +1 646 558 8656 or +1 669 900 6833
International Numbers: https://mit.zoom.us/u/auBvg4NEV
Join by SIP
Join by Skype for Business
Security & Cryptography, Systems & Networking
Created by Kyle L Hogan at Friday, April 01, 2022 at 3:00 PM.