Results 1 - 10
of
16
Rule-Based Static Analysis of Network Protocol Implementations
- In Proceedings of the 15th USENIX Security Symposium
, 2006
"... Today’s software systems communicate over the Internet using standard protocols that have been heavily scrutinized, providing some assurance of resistance to malicious attacks and general robustness. However, the software that implements those protocols may still contain mistakes, and an incorrect i ..."
Abstract
-
Cited by 19 (2 self)
- Add to MetaCart
(Show Context)
Today’s software systems communicate over the Internet using standard protocols that have been heavily scrutinized, providing some assurance of resistance to malicious attacks and general robustness. However, the software that implements those protocols may still contain mistakes, and an incorrect implementation could lead to vulnerabilities even in the most well-understood protocol. The goal of this work is to close this gap by introducing a new technique for checking that a C implementation of a protocol matches its description in an RFC or similar standards document. We present a static (compile-time) source code analysis tool called Pistachio that checks C code against a rule-based specification of its behavior. Rules describe what should happen during each round of communication, and can be used to enforce constraints on ordering of operations and on data values. Our analysis is not guaranteed sound due to some heuristic approximations it makes, but has a low false negative rate in practice when compared to known bug reports. We have applied Pistachio to implementations of SSH and RCP, and our system was able to find many bugs, including security vulnerabilities, that we confirmed by hand and checked against each project’s bug databases. 1
Verification of web services with timed automata
- Electr. Notes Theor. Comput. Sci
"... In this paper we show how we can use formal methods for describing and analyzing the behavior of Web Services, and more specifically those including time restrictions. Then, our starting point are Web Services descriptions written in WSCI- WSCDL (XML-based description languages). These descriptions ..."
Abstract
-
Cited by 13 (3 self)
- Add to MetaCart
(Show Context)
In this paper we show how we can use formal methods for describing and analyzing the behavior of Web Services, and more specifically those including time restrictions. Then, our starting point are Web Services descriptions written in WSCI- WSCDL (XML-based description languages). These descriptions are then translated into timed automata, and then, we use a well known tool that supports this formalism (UPPAAL) to simulate and analyze the system behavior. As illustration we take a particular case study, a travel reservation system.
Automatic translation of ws-cdl choreographies to timed automata
- In EPEW/WS-FM, volume 3670 of Lecture Notes in Computer Science
, 2005
"... Abstract. In this paper we show how we can translate Web Services described by WS-CDL into a timed automata orchestration, and more specifically we are interested in Web services with time restrictions. Our starting point are Web Services descriptions written in WSBPEL- WSCDL (XML-based description ..."
Abstract
-
Cited by 10 (3 self)
- Add to MetaCart
(Show Context)
Abstract. In this paper we show how we can translate Web Services described by WS-CDL into a timed automata orchestration, and more specifically we are interested in Web services with time restrictions. Our starting point are Web Services descriptions written in WSBPEL- WSCDL (XML-based description languages). These descriptions are then automatically translated into timed automata, and then, we use a well known tool that supports this formalism (UPPAAL) to simulate and analyse the system behaviour. As illustration we take a particular case study, an airline ticket reservation system. 1
Analysing TLS in the Strand Spaces Model
, 2011
"... In this paper, we analyse the Transport Layer Security (TLS) pro-tocol (in particular, bilateral TLS in public-key mode) within the strand spaces setting. In [BL03] Broadfoot and Lowe suggested an abstraction of TLS. The abstraction models the security services that appear to be provided by the prot ..."
Abstract
-
Cited by 8 (3 self)
- Add to MetaCart
In this paper, we analyse the Transport Layer Security (TLS) pro-tocol (in particular, bilateral TLS in public-key mode) within the strand spaces setting. In [BL03] Broadfoot and Lowe suggested an abstraction of TLS. The abstraction models the security services that appear to be provided by the protocol to the high-level security layers. The outcome of our analysis provides a formalisation of the security services provided by TLS and proves that, under reasonable assump-tions, the abstract model suggested by Broadfoot and Lowe is correct. To that end, we reduce the complexity of the protocol using fault-preserving simplifying transformations. We extend the strand spaces model in order to include the cryptographic operations used in TLS and facilitate its analysis. Finally, we use the extended strand spaces model to fully analyse the public-key mode of bilateral TLS with its two main components: the Handshake and Record Layer protocols. 1
Protocol state fuzzing of TLS implementations
"... We describe a largely automated and systematic analysis of TLS implementations by what we call ‘protocol state fuzzing’: we use state machine learning to infer state ma-chines from protocol implementations, using only black-box testing, and then inspect the inferred state machines to look for spurio ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
We describe a largely automated and systematic analysis of TLS implementations by what we call ‘protocol state fuzzing’: we use state machine learning to infer state ma-chines from protocol implementations, using only black-box testing, and then inspect the inferred state machines to look for spurious behaviour which might be an indica-tion of flaws in the program logic. For detecting the pres-ence of spurious behaviour the approach is almost fully automatic: we automatically obtain state machines and any spurious behaviour is then trivial to see. Detecting whether the spurious behaviour introduces exploitable security weaknesses does require manual investigation. Still, we take the point of view that any spurious func-tionality in a security protocol implementation is danger-ous and should be removed. We analysed both server- and client-side implemen-tations with a test harness that supports several key ex-change algorithms and the option of client certificate au-thentication. We show that this approach can catch an interesting class of implementation flaws that is appar-ently common in security protocol implementations: in three of the TLS implementations analysed new security flaws were found (in GnuTLS, the Java Secure Socket Extension, and OpenSSL). This shows that protocol state fuzzing is a useful technique to systematically analyse security protocol implementations. As our analysis of different TLS implementations resulted in different and unique state machines for each one, the technique can also be used for fingerprinting TLS implementations. 1
Performance Improvements on the Network Security Protocols Abstract
"... In a subscription-based remote service, a user is charged a flat fee for a period of time independent of the actual number of times the service is requested. The main concern of the service manager is to make sure that only customers that have paid the fee for the current period are granted access t ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
In a subscription-based remote service, a user is charged a flat fee for a period of time independent of the actual number of times the service is requested. The main concern of the service manager is to make sure that only customers that have paid the fee for the current period are granted access to the service. To do this, the service manager might give each user a username and a password to be used for accessing the service. An SSL/TLS (Security Sockets Layer / Transport Layer Security) session is started each time a user requests the service. As a part of the handshake protocol of SSL/TLS, the user hands a certificate to the server and proves to be the legitimate owner of the certificate. Then, the server application matches the certificate against a list of qualified certificates and decides whether to grant access. The most time-consuming phase of the SSL/TLS security protocol is the handshaking process between the client and the server, since many messages should be sent until successful negotiation is done and a secure session is created. In this paper we introduce a security management system in order to: 1) improve the handshaking process by making use of SSL/TLS client-side session caching, and 2) allowing trusted users to share sessions with others. According to our experimental setup, the proposed enhancement of SSL/TLS has improved its performance relative to the corresponding traditional handshaking of SSL/TLS protocol.
Automatic generation of Correct Web Services Choreographies and Orchestrations with Model Checking Techniques
"... Abstract—In previous works we have presented the gen-eration of WS-CDL and WS-BPEL documents. In this pa-per we show the unification of both generations. The aim is to generate correct WS-BPEL skeleton documents from WS-CDL documents by using the Timed Automata as in-termediary model in order to che ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract—In previous works we have presented the gen-eration of WS-CDL and WS-BPEL documents. In this pa-per we show the unification of both generations. The aim is to generate correct WS-BPEL skeleton documents from WS-CDL documents by using the Timed Automata as in-termediary model in order to check the correctness of the generated Web Services with Model Checking Techniques. The model chequer used is UPPAAL, a well known tool in theoretical and industrial cases that perform the verification an validation of Timed Automata. Note that our interest is focused on Web services where the time constraints play a critical role. I.
Analysis and Verification of Time Requirements applied to the Web Services Composition?
"... Abstract. This work presents a new approach to the analysis and veri-fication of the time requirements of Web Services compositions via goal-driven models and model checking techniques. The goal-driven model used is an extension of the goal model KAOS and the model checker engine is the UPPAAL tool. ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract. This work presents a new approach to the analysis and veri-fication of the time requirements of Web Services compositions via goal-driven models and model checking techniques. The goal-driven model used is an extension of the goal model KAOS and the model checker engine is the UPPAAL tool. The goal model specifies the properties that the system must satisfy and how they should be verified by using the model checker engine. In order to illustrate this approach, we apply these techniques to a basic Internet purchase process. 1
USENIX Association 24th USENIX Security Symposium 193 Protocol state fuzzing of TLS implementations
"... is sponsored by USENIX ..."
(Show Context)
