-
RecordFlux: Formal Message Specification and Generation of Verifiable Binary Parsers
Various vulnerabilities have been found in message parsers of protocol i...
read it
-
Interoperability-Guided Testing of QUIC Implementations using Symbolic Execution
The main reason for the standardization of network protocols, like QUIC,...
read it
-
State machine inference of QUIC
QUIC is a recent transport protocol that provides reliable, secure and q...
read it
-
Observing the Evolution of QUIC Implementations
The QUIC protocol combines features that were initially found inside the...
read it
-
Softwire Hub and Spoke Deployment Framework with Layer Two Tunneling Protocol Version 2 (L2TPv2)
This document describes the framework of the Softwire "Hub and Spoke" so...
read it
-
Leveraging Textual Specifications for Grammar-based Fuzzing of Network Protocols
Grammar-based fuzzing is a technique used to find software vulnerabiliti...
read it
-
Robot Language Learning, Generation, and Comprehension
We present a unified framework which supports grounding natural-language...
read it
Semi-Automated Protocol Disambiguation and Code Generation
For decades, Internet protocols have been specified using natural language. Given the ambiguity inherent in such text, it is not surprising that over the years protocol implementations exhibited bugs and non-interoperabilities. In this paper, we explore to what extent natural language processing (NLP), an area that has made impressive strides in recent years, can be used to generate protocol implementations. We advocate a semi-automated protocol generation approach, Sage, that can be used to uncover ambiguous or under-specified sentences in specifications; these can then be fixed by a human iteratively until Sage is able to generate protocol code automatically. Using an implementation of Sage, we discover 5 instances of ambiguity and 6 instances of under-specification in the ICMP RFC, after fixing which Sage is able to generate code automatically that interoperates perfectly with Linux implementations. We demonstrate the ability to generalize Sage to parts of IGMP and NTP. We also find that Sage supports half of the conceptual components found in major standards protocols; this suggests that, with some additional machinery, Sage may be able to generalize to TCP and BGP.
READ FULL TEXT
Comments
There are no comments yet.