Abstract
We propose a new approach to infer state machine models from protocol implementations. Our new tool, StateInspector, learns protocol states by using novel program analyses to combine observations of run-time memory and I/O. It requires no access to source code and only lightweight execution monitoring of the implementation under test. We demonstrate and evaluate StateInspector's effectiveness on numerous TLS and WPA/2 implementations. In the process, we show StateInspector enables deeper state discovery, increased learning efficiency, and more insight compared to existing approaches. Our method led us to discover several concerning deviations from the standards and vulnerabilities in IWD and WolfSSL, both of which were assigned CVEs.
Original language | English |
---|---|
Title of host publication | CCS '22 |
Subtitle of host publication | Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security |
Place of Publication | New York |
Publisher | Association for Computing Machinery |
Pages | 2265-2278 |
Number of pages | 14 |
ISBN (Print) | 9781450394505 |
DOIs | |
Publication status | Published - 7 Nov 2022 |
Event | 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022 - Los Angeles, United States Duration: 7 Nov 2022 → 11 Nov 2022 |
Publication series
Name | Proceedings of the ACM Conference on Computer and Communications Security |
---|---|
ISSN (Print) | 1543-7221 |
Conference
Conference | 28th ACM SIGSAC Conference on Computer and Communications Security, CCS 2022 |
---|---|
Country/Territory | United States |
City | Los Angeles |
Period | 7/11/22 → 11/11/22 |
Bibliographical note
Funding Information:This research is partially funded by the Engineering and Physical Sciences Research Council (EPSRC) under grants EP/R012598/1, EP/R008000/1, and EP/V000454/1, the Research Fund KU Leuven, and by the Flemish Research Programme Cybersecurity.
Publisher Copyright:
© 2022 ACM.
Keywords
- protocol security
- reverse engineering
- state machine learning
ASJC Scopus subject areas
- Software
- Computer Networks and Communications