Prognosis: Closed-Box Analysis of Network Protocol Implementations

11/14/2021
by   Tiago Ferreira, et al.
0

We present Prognosis, a framework offering automated closed-box learning and analysis of models of network protocol implementations. Prognosis can learn models that vary in abstraction level from simple deterministic automata to models containing data operations, such as register updates, and can be used to unlock a variety of analysis techniques – model checking temporal properties, computing differences between models of two implementations of the same protocol, or improving testing via model-based test generation. Prognosis is modular and easily adaptable to different protocols (e.g., TCP and QUIC) and their implementations. We use Prognosis to learn models of (parts of) three QUIC implementations – Quiche (Cloudflare), Google QUIC, and Facebook mvfst – and use these models to analyze the differences between the various implementations. Our analysis provides insights into different design choices and uncovers potential bugs. Concretely, we have found critical bugs in multiple QUIC implementations, which have been acknowledged by the developers.

READ FULL TEXT
research
11/29/2018

Interoperability-Guided Testing of QUIC Implementations using Symbolic Execution

The main reason for the standardization of network protocols, like QUIC,...
research
04/29/2022

MET: Model Checking-Driven Explorative Testing of CRDT Designs and Implementations

Internet-scale distributed systems often replicate data at multiple geog...
research
08/10/2018

VeriFi: Model-Driven Runtime Verification Framework for Wireless Protocol Implementations

Validating wireless protocol implementations is challenging. Today's app...
research
09/23/2021

Toward a Unified Framework for Debugging Gray-box Models

We are concerned with debugging concept-based gray-box models (GBMs). Th...
research
10/09/2020

Semi-Automated Protocol Disambiguation and Code Generation

For decades, Internet protocols have been specified using natural langua...
research
04/06/2022

Stateful Greybox Fuzzing

Many protocol implementations are reactive systems, where the protocol p...
research
04/17/2019

On Resolving Non-determinism in Choreographies

Choreographies specify multiparty interactions via message passing. A re...

Please sign up or login with your details

Forgot password? Click here to reset