Abstract
We propose a new approach to infer state machine models from protocol implementations. Our new tool, StateInspector, learns protocol states by using novel program analyses to combine observations of run-time memory and I/O. It requires no access to source code and only lightweight execution monitoring of the implementation under test. We demonstrate and evaluate StateInspector's effectiveness on numerous TLS and WPA/2 implementations. In the process, we show StateInspector enables deeper state discovery, increased learning efficiency, and more insight compared to existing approaches. Our method led us to discover several concerning deviations from the standards and vulnerabilities in IWD and WolfSSL, both of which were assigned CVEs.
Author supplied keywords
Cite
CITATION STYLE
McMahon Stone, C., Thomas, S. L., Vanhoef, M., Henderson, J., Bailluet, N., & Chothia, T. (2022). The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning. In Proceedings of the ACM Conference on Computer and Communications Security (pp. 2265–2278). Association for Computing Machinery. https://doi.org/10.1145/3548606.3559365
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
