Artwork

Content provided by CERIAS. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CERIAS or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Samuel Jero, "Leveraging State Information for Automated Attack Discovery in Transport Protocol Implementations"

 
Share
 

Archived series ("Inactive feed" status)

When? This feed was archived on January 12, 2017 15:24 (7y ago). Last successful fetch was on September 14, 2016 19:32 (7+ y ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 102083702 series 39330
Content provided by CERIAS. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CERIAS or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Network transport protocols, like TCP, underlie the vast majority of Internet communication, from email to web browsing to instant messaging to file transfer. Despite their importance, these protocols are difficult to implement correctly, leading to a long string of bugs and vulnerabilities dating back to 1985. In this talk we present a new method for finding attacks in unmodified transport protocol implementations using the specification of the protocol state machine to reduce the search space of possible attacks. Such reduction is obtained by applying malicious actions to all packets of the same type observed in the same state instead of applying them to individual packets. Our method requires knowledge of the packet formats and protocol state machine. We demonstrate our approach by developing SNAKE, a tool that automatically finds performance and resource exhaustion attacks on unmodified transport protocol implementations. SNAKE utilizes virtualization to run unmodified implementations in their intended environments and network emulation to create the network topology. SNAKE was able to find 9 attacks on 2 transport protocols, 5 of which we believe to be unknown in the literature. This work was awarded best paper in DSN 2015.
  continue reading

322 episodes

Artwork
iconShare
 

Archived series ("Inactive feed" status)

When? This feed was archived on January 12, 2017 15:24 (7y ago). Last successful fetch was on September 14, 2016 19:32 (7+ y ago)

Why? Inactive feed status. Our servers were unable to retrieve a valid podcast feed for a sustained period.

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

Manage episode 102083702 series 39330
Content provided by CERIAS. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by CERIAS or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Network transport protocols, like TCP, underlie the vast majority of Internet communication, from email to web browsing to instant messaging to file transfer. Despite their importance, these protocols are difficult to implement correctly, leading to a long string of bugs and vulnerabilities dating back to 1985. In this talk we present a new method for finding attacks in unmodified transport protocol implementations using the specification of the protocol state machine to reduce the search space of possible attacks. Such reduction is obtained by applying malicious actions to all packets of the same type observed in the same state instead of applying them to individual packets. Our method requires knowledge of the packet formats and protocol state machine. We demonstrate our approach by developing SNAKE, a tool that automatically finds performance and resource exhaustion attacks on unmodified transport protocol implementations. SNAKE utilizes virtualization to run unmodified implementations in their intended environments and network emulation to create the network topology. SNAKE was able to find 9 attacks on 2 transport protocols, 5 of which we believe to be unknown in the literature. This work was awarded best paper in DSN 2015.
  continue reading

322 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide