Automated Attacker Synthesis for Distributed Protocols
作者: Stavros Tripakis , Cristina Nita-Rotaru , Max von Hippel , Cole Vick
DOI:
关键词:
摘要: Distributed protocols should be robust to both benign malfunction (e.g. packet loss or delay) and attacks message replay) from internal external adversaries. In this paper we take a formal approach the automated synthesis of attackers, i.e. adversarial processes that can cause protocol malfunction. Specifically, given threat model capturing distributed network topology, as well placement, goals, interface (inputs outputs) potential automatically synthesize an attacker. We formalize four attacker problems - across attackers always succeed versus those sometimes fail, attack forever do not propose algorithmic solutions two them. report on prototype implementation called KORG its application TCP case-study. Our experiments show generate well-known for within seconds minutes.
arxiv.org参考文章(41)
Pongsin Poosankam, Dawn Song, Edward XueJun Wu, Chia Yuan Cho, Domagoj Babić, Kevin Zhijie Chen, MACE: model-inference-assisted concolic exploration for protocol and vulnerability discovery usenix security symposium. pp. 10- 10 ,(2011)
Lars Lockefeer, David M. Williams, Wan Fokkink, Formal specification and verification of TCP extended with the Window Scale Option Science of Computer Programming. ,vol. 118, pp. 3- 23 ,(2016) , 10.1016/J.SCICO.2015.08.005
Moshe Y. Vardi, Probabilistic Linear-Time Model Checking: An Overview of the Automata-Theoretic Approach algebraic methodology and software technology. pp. 265- 276 ,(1999) , 10.1007/3-540-48778-6_16
Joost-Pieter Katoen, Christel Baier, Principles of Model Checking ,(2008)
Gerard J. Holzmann, The SPIN Model Checker ,(2003)
Samuel Jero, Hyojeong Lee, Cristina Nita-Rotaru, Leveraging State Information for Automated Attack Discovery in Transport Protocol Implementations 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks. pp. 1- 12 ,(2015) , 10.1109/DSN.2015.22
Edsger Wybe Dijkstra, Notes on structured programming In Structured programming (1972), pp. 1-82. ,vol. 8, pp. 1- 82 ,(1970)
Marten van Dijk, Ari Juels, Alina Oprea, Ronald L. Rivest, FlipIt: The Game of Stealthy Takeover Journal of Cryptology. ,vol. 26, pp. 655- 713 ,(2013) , 10.1007/S00145-012-9134-5
Moshe Y Vardi, Pierre Wolper, An Automata-Theoretic Approach to Automatic Program Verification IEEE Computer Society. ,(1986)
Amir Pnueli, The temporal logic of programs 18th Annual Symposium on Foundations of Computer Science (sfcs 1977). pp. 46- 57 ,(1977) , 10.1109/SFCS.1977.32