The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning

06/04/2021
by   Chris McMahon Stone, et al.
0

In this paper, we propose a new approach to infer state machine models from protocol implementations. Our method, STATEINSPECTOR, learns protocol states by using novel program analyses to combine observations of run-time memory and I/O. It requires no access to source code and only lightweight execution monitoring of the implementation under test. We demonstrate and evaluate STATEINSPECTOR's effectiveness on numerous TLS and WPA/2 implementations. In the process, we show STATEINSPECTOR enables deeper state discovery, increased learning efficiency, and more insightful post-mortem analyses than existing approaches. Further to improved learning, our method led us to discover several concerning deviations from the standards and a high impact vulnerability in a prominent Wi-Fi implementation.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
01/27/2020

Finding Security Vulnerabilities in Network Protocol Implementations

Implementations of network protocols are often prone to vulnerabilities ...
research
02/08/2022

SNPSFuzzer: A Fast Greybox Fuzzer for Stateful Network Protocols using Snapshots

Greybox fuzzing has been widely used in stateless programs and has achie...
research
03/11/2019

State machine inference of QUIC

QUIC is a recent transport protocol that provides reliable, secure and q...
research
08/31/2022

Simulating BFT Protocol Implementations at Scale

The novel blockchain generation of Byzantine fault-tolerant (BFT) state ...
research
06/17/2019

Learning Execution through Neural Code Fusion

As the performance of computer systems stagnates due to the end of Moore...
research
02/16/2018

Paxos Consensus, Deconstructed and Abstracted (Extended Version)

Lamport's Paxos algorithm is a classic consensus protocol for state mach...
research
04/28/2020

Specifying a Cryptographical Protocol in Lustre and SCADE

We present SCADE and Lustre models of the Message Authenticator Algorith...

Please sign up or login with your details

Forgot password? Click here to reset