English
Related papers

Related papers: Extracting Protocol Format as State Machine via Co…

200 papers

Inferring protocol formats is critical for many security applications. However, existing format-inference techniques often miss many formats, because almost all of them are in a fashion of dynamic analysis and rely on a limited number of…

Cryptography and Security · Computer Science 2023-05-22 Qingkai Shi , Junyang Shao , Yapeng Ye , Mingwei Zheng , Xiangyu Zhang

State machines are essential for enhancing protocol analysis to identify vulnerabilities. However, inferring state machines from network protocol implementations is challenging due to complex code syntax and semantics. Traditional dynamic…

Cryptography and Security · Computer Science 2025-03-28 Haiyang Wei , Ligeng Chen , Zhengjie Du , Yuhan Wu , Haohui Huang , Yue Liu , Guang Cheng , Fengyuan Xu , Linzhang Wang , Bing Mao

Reverse engineering of undocumented protocols is a common task in security analyses of networked services. The communication itself, captured in traffic traces, contains much of the necessary information to perform such a protocol reverse…

Cryptography and Security · Computer Science 2023-01-11 Stephan Kleber , Frank Kargl

In this paper, we propose a new approach to infer state machine models from protocol implementations. Our method, STATEINSPECTOR, learns protocol states by using novel program analyses to combine observations of run-time memory and I/O. It…

Cryptography and Security · Computer Science 2021-06-08 Chris McMahon Stone , Sam L. Thomas , Mathy Vanhoef , James Henderson , Nicolas Bailluet , Tom Chothia

Automated attack discovery techniques, such as attacker synthesis or model-based fuzzing, provide powerful ways to ensure network protocols operate correctly and securely. Such techniques, in general, require a formal representation of the…

Cryptography and Security · Computer Science 2022-02-24 Maria Leonor Pacheco , Max von Hippel , Ben Weintraub , Dan Goldwasser , Cristina Nita-Rotaru

In this paper, we study the problem of remote state estimation, in the presence of a passive eavesdropper. An authorized user estimates the state of an unstable linear plant, based on the packets received from a sensor, while the packets…

Systems and Control · Computer Science 2017-09-15 Anastasios Tsiamis , Konstantinos Gatsis , George J. Pappas

Regular expressions are a concise yet expressive language for expressing patterns. For instance, in networked software, they are used for input validation and intrusion detection. Yet some widely deployed regular expression matchers based…

Programming Languages · Computer Science 2013-01-08 James Kirrage , Asiri Rathnayake , Hayo Thielecke

This paper studies the problem of remote state estimation in the presence of a passive eavesdropper. A sensor measures a linear plant's state and transmits it to an authorized user over a packet-dropping channel, which is susceptible to…

Systems and Control · Computer Science 2018-09-21 Anastasios Tsiamis , Konstantinos Gatsis , George Pappas

Protocol Reverse Engineering (PRE) is used to analyze protocols by inferring their structure and behavior. However, current PRE methods mainly focus on field identification within a single protocol and neglect Protocol State Machine (PSM)…

Cryptography and Security · Computer Science 2024-12-04 Junhai Yang , Fenghua Li , Yixuan Zhang , Junhao Zhang , Liang Fang , Yunchuan Guo

Many cryptographic protocols are designed to achieve their goals using only messages passed over an open network. Numerous tools, based on well-understood foundations, exist for the design and analysis of protocols that rely purely on…

Cryptography and Security · Computer Science 2018-04-17 Joshua D. Guttman , Moses D. Liskov , John D. Ramsdell , Paul D. Rowe

Finite-State Machines (FSMs) are critical for modeling the operational logic of network protocols, enabling verification, analysis, and vulnerability discovery. However, existing FSM extraction techniques face limitations such as…

Computation and Language · Computer Science 2025-07-16 Fares Wael , Youssef Maklad , Ali Hamdi , Wael Elsersy

We present a general model allowing static analysis based on abstract interpretation for systems of communicating processes. Our technique, inspired by Regular Model Checking, represents set of program states as lattice automata and…

Software Engineering · Computer Science 2016-11-29 Vincent Botbol , Emmanuel Chailloux , Tristan Le Gall

Stateful Coverage-Based Greybox Fuzzing (SCGF) is considered the state-of-the-art method for network protocol greybox fuzzing. During the protocol fuzzing process, SCGF constructs the state machine of the target protocol by identifying…

Cryptography and Security · Computer Science 2024-08-14 Liu Yu , Shen Yanlong , Zhou Ying

Model checking is a widespread automatic formal analysis that has been successful in discovering flaws in security protocols. However existing possibilities for state space explosion still hinder analyses of complex protocols and protocol…

Cryptography and Security · Computer Science 2009-09-02 Stylianos Basagiannis , Panagiotis Katsaros , Andrew Pombortsis

Many protocol implementations are reactive systems, where the protocol process is in continuous interaction with other processes and the environment. If a bug can be exposed only in a certain state, a fuzzer needs to provide a specific…

Cryptography and Security · Computer Science 2023-06-06 Jinsheng Ba , Marcel Böhme , Zahra Mirzamomen , Abhik Roychoudhury

Dialogue state tracking (DST) is at the heart of task-oriented dialogue systems. However, the scarcity of labeled data is an obstacle to building accurate and robust state tracking systems that work across a variety of domains. Existing…

Computation and Language · Computer Science 2020-04-14 Shuyang Gao , Sanchit Agarwal , Tagyoung Chung , Di Jin , Dilek Hakkani-Tur

This paper proposes a new obfuscation technique of a communication protocol that is aimed at making the reverse engineering of the protocol more complex. The obfuscation is based on the transformation of protocol message format…

Cryptography and Security · Computer Science 2018-07-26 Julien Duchene , Eric Alata , Vincent Nicomette , Mohamed Kaâniche , Colas Le Guernic

Grammar-based fuzzing is a technique used to find software vulnerabilities by injecting well-formed inputs generated following rules that encode application semantics. Most grammar-based fuzzers for network protocols rely on human experts…

Cryptography and Security · Computer Science 2021-01-26 Samuel Jero , Maria Leonor Pacheco , Dan Goldwasser , Cristina Nita-Rotaru

Security APIs, key servers and protocols that need to keep the status of transactions, require to maintain a global, non-monotonic state, e.g., in the form of a database or register. However, most existing automated verification tools do…

Cryptography and Security · Computer Science 2018-05-29 Steve Kremer , Robert Künnemann

Cryptographic protocols rely on message-passing to coordinate activity among principals. Each principal maintains local state in individual local sessions only as needed to complete that session. However, in some protocols a principal also…

Cryptography and Security · Computer Science 2014-06-17 John D. Ramsdell , Daniel J. Dougherty , Joshua D. Guttman , Paul D. Rowe
‹ Prev 1 2 3 10 Next ›