Title | ||
---|---|---|
The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning. |
Abstract | ||
---|---|---|
In this paper, we propose a new approach to infer state machine models from protocol implementations. Our method, STATEINSPECTOR, learns protocol states by using novel program analyses to combine observations of run-time memory and I/O. It requires no access to source code and only lightweight execution monitoring of the implementation under test. We demonstrate and evaluate STATEINSPECTOR's effectiveness on numerous TLS and WPA/2 implementations. In the process, we show STATEINSPECTOR enables deeper state discovery, increased learning efficiency, and more insightful post-mortem analyses than existing approaches. Further to improved learning, our method led us to discover several concerning deviations from the standards and a high impact vulnerability in a prominent Wi-Fi implementation. |
Year | DOI | Venue |
---|---|---|
2022 | 10.1145/3548606.3559365 | Conference on Computer and Communications Security (CCS) |
DocType | Citations | PageRank |
Conference | 0 | 0.34 |
References | Authors | |
0 | 6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Chris McMahon Stone | 1 | 6 | 1.14 |
Sam L. Thomas | 2 | 2 | 1.38 |
Mathy Vanhoef | 3 | 113 | 11.85 |
James Henderson | 4 | 4 | 5.13 |
Nicolas Bailluet | 5 | 0 | 0.34 |
Tom Chothia | 6 | 4 | 1.44 |