Adversarial Testing and Compliance Checking of Protocol Implementations
April 22, 2016 at 3:30pm
One of the most difficult problems in protocol design and implementation is to ensure that implementations of network protocols and distributed services are compliant with their specifications and not vulnerable to attacks. In the first part of the talk, we present our work on automated adversarial testing for message-passing distributed systems and network protocols through a family of platforms that rely on a network emulator to create reproducible network conditions and virtualization to run unmodified binaries of the target system. We first describe an algorithm that requires only the description of the protocol messages and protocol performance metrics, then show how lower overhead and higher coverage can be achieved if protocol state machine is also known and used by the attack search algorithm. In the second part of the talk, we will present our on-going work on checking that protocols are compliant with their specification. Our approach leverages symbolic execution to automatically extract the implemented protocol state machine and properties and then verify with the help of a model checker that the automatically extracted FSM meets protocol properties manually derived from specification documents. We applied this technique for 5 protocols and found 10 instances of non-compliances, some of which have security implications.
Cristina Nita-Rotaru is a Professor of Computer Science in the College of Computer and Information Sciences at Northeastern University and an Adjunct Professor in the Department of Computer Science at Purdue University. Prior to joining Northeastern University, she spent 12 years as a faculty at Purdue University. Her research lies at the intersection of information security, distributed systems, and computer networks. The overarching goal of her work is designing and building practical distributed systems and network protocols that are robust to failures and attacks while coping with the resource constraints existent in computing systems and networks.
Cristina Nita-Rotaru is a recipient of the NSF Career Award in 2006. She has served on the Technical Program Committee of numerous conferences in security, networking, and distributed systems. She served as an Assistant Director for CERIAS (2011 - 2013). She was an Associate Editor for Elsevier Computer Communications (2008 - 2011), Elsevier Computer Networks (2012 - 2014), IEEE Transactions on Computers (2011 - 2014), and ACM Transactions on Information Systems Security (2009 - 2013). She is currently an Associate Editor for IEEE Transactions on Mobile Computing and IEEE Transactions on Dependable and Secure Systems.