Finding protocol manipulation attacks

Proceedings of the ACM SIGCOMM 2011 Conference, SIGCOMM'11

Volumn , Issue , 2011, Pages 26-37

  Kothari, Nupur ^a   Mahajan, Ratul ^b   Millstein, Todd ^c   Govindan, Ramesh ^a   Musuvathi, Madanlal ^b  

^a Dept of Physics   (United States)

^b MICROSOFT RESEARCH   (United States)

^c UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Reliability; Security

Indexed keywords

802.11 MAC; COMPLEX PROTOCOLS; FALSE POSITIVE; OR-NETWORKS; PROTOCOL IMPLEMENTATION; SECURITY; SEMANTIC DIFFERENCE; SYMBOLIC EXECUTION;

DYNAMIC ANALYSIS; RELIABILITY; SEMANTICS; STATIC ANALYSIS;

TRANSMISSION CONTROL PROTOCOL;

EID: 80053145619     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2018436.2018440     Document Type: Conference Paper

References (31)

1. J. Bellardo and S. Savage. 802.11 denial-of-service attacks: real vulnerabilities and practical solutions. In USENIX Security, 2003.
2. D. Bethea, R. Cochran, and M. K. Reiter. Server-side Verification of Client Behavior in Online Games. In NDSS, 2010.
3. D. Brumley, P. Poosankam, D. X. Song, and J. Zheng. Automatic patch-based exploit generation is possible: Techniques and implications. In Security and Privacy, 2008.
4. J. Caballero, Z. Liang, P. Poosankam, and D. Song. Towards generating high coverage vulnerability-based signatures with protocol-level constraint-guided exploration. In RAID, 2009.
5. C. Cadar, D. Dunbar, and D. Engler. Klee: Unassisted and automatic generation of high-coverage tests for complex systems programs. In OSDI, 2008.
6. C. Cadar, P. Twohey, V. Ganesh, and D. Engler. Exe: A system for automatically generating inputs of death using symbolic execution. In CCS, 2006.
7. R. Chang, G. Jiang, F. Ivancic, S. Sankaranarayanan, and V. Shmatikov. Inputs of coma: Static detection of denial-of-service vulnerabilities. In IEEE Computer Security Foundations Symp., 2009.
8. B.-G. Chun, S. Ratnasamy, and E. Kohler. Netcomplex: A complexity metric for networked system designs. In NSDI, 2008.
9. M. Costa, M. C. L. Zhou, L. Zhang, and M. Peinado. Bouncer: securing software by blocking bad input. In SOSP, 2007.
10. L. M. de Moura and N. Bjørner. Z3: An efficient SMT solver. In TACAS, 2008.
11. D. Ely, N. Spring, D. Wetherall, S. Savage, and T. Anderson. Robust congestion signaling. In ICNP, 2001.
12. C. Flanagan, K. R. M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe, and R. Stata. Extended static checking for Java. In PLDI, 2002.
13. P. Godefroid, N. Klarlund, and K. Sen. DART: directed automated random testing. In PLDI, 2005.
14. C. E. Killian, J. W. Anderson, R. Jhala, and A. Vahdat. Life, death, and the critical transition: Finding liveness bugs in systems code. In NSDI, 2007.
15. J. C. King. Symbolic execution and program testing. Commun. ACM, 19(7), 1976.
16. R. Mahajan, S. M. Bellovin, S. Floyd, J. Ioannidis, V. Paxson, and S. Shenker. Controlling high bandwidth aggregates in the network. SIGCOMM CCR, 32(3), 2002.
17. R. Mahajan, M. Rodrig, D. Wetherall, and J. Zahorjan. Sustaining cooperation in multi-hop wireless networks. In NSDI, 2005.
18. M. Musuvathi and D. R. Engler. Model checking large network protocol implementations. In NSDI, 2004.
19. M. Musuvathi, D. Y. W. Park, A. Chou, D. R. Engler, and D. L. Dill. CMC: A programatic approach to model checking real code. In OSDI, 2002.
20. V. Navda, A. Bohra, and S. Ganguly. Using channel hopping to increase 802.11 resilience to jamming attacks. In IEEE Infocom Mini Symp., 2007.
21. G. C. Necula, S. McPeak, S. Rahul, and W. Weimer. CIL: Intermediate language and tools for analysis and transformation of C programs. In CCC, 2002.
22. J. Newsome and D. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS, 2005.
23. P. Pradhan, S. Kandula, W. Xu, A. Shaikh, and E. Nahum. Daytona: A user-level TCP stack. http://nms.lcs.mit.edu/~kandula/data/daytona.pdf.
24. S. Savage, N. Cardwell, D. Wetherall, and T. Anderson. TCP congestion control with a misbehaving receiver. SIGCOMM CCR, 29(5), 1999.
25. Stream control transmission protocol. IETF RFC 2960, 2000.
26. Stream control transmission protocol (SCTP). http://sctp.de/sctp.html.
27. Security attacks found against the stream control transmission protocol (SCTP) and current countermeasures. IETF RFC 5062, 2007.
28. K. Sen, D. Marinov, and G. Agha. CUTE: A concolic unit testing engine for C. SIGSOFT Softw. Eng. Notes, 30(5), 2005.
29. M. Stanojevic, R. Mahajan, T. Millstein, and M. Musuvathi. Can you fool me? towards automatically checking protocol gullibility. In HotNets, 2008.
30. N. Tillmann and J. de Halleux. Pex: White box test generation for .NET. In Tests and Proofs, LNCS. 2008.
31. M. Yabandeh, N. Knezevic, D. Kostic, and V. Kuncak. Crystalball: predicting and preventing inconsistencies in deployed distributed systems. In NSDI, 2009.