Samuel Jero, Leveraging State Information for Automated Attack Discovery in Transport Protocol Implementations
Network transport protocols, like TCP, underlie the vast majority of Internet communication, from email to web browsing to instant messaging to file transfer. Despite their importance, these protocols are difficult to implement correctly, leading to a long string of bugs and vulnerabilities dating back to 1985.In this talk we present a new method for finding attacks in unmodified transport protocol implementations using the specification of the protocol state machine to reduce the search space of possible attacks. Such reduction is obtained by applying malicious actions to all packets of the same type observed in the same state instead of applying them to individual packets. Our method requires knowledge of the packet formats and protocol state machine. We demonstrate our approach by developing SNAKE, a tool that automatically finds performance and resource exhaustion attacks on unmodified transport protocol implementations. SNAKE utilizes virtualization to run unmodified implementations in their intended environments and network emulation to create the network topology. SNAKE was able to find 9 attacks on 2 transport protocols, 5 of which we believe to be unknown in the literature. This work was awarded best paper in DSN 2015. About the speaker: Samuel Jero is a PhD student in the Department of Computer Science at Purdue University working with Prof. Cristina Nita-Rotaru. He is a member of the Dependable and Secure Distributed Systems Lab (DS^2) and the Center for Education and Research in Information Assurance and Security (CERIAS). His research interests include fault tolerance, security, and testing for network protocols and distributed systems. He is a recipient of the Purdue University Andrews Fellowship. He received a combined BS and MS in Computer Science from Ohio University in 2013.
Create your
podcast in
minutes
It is Free