Improving Protocol State Fuzzing of SSH
نویسنده
چکیده
With the scale and use of the Internet nowadays, it is crucial that we can effectively test the correctness and security of systems that handle our personal data. In this thesis, we improve upon a previous work by Verleg. Verleg used protocol state fuzzing to test several implementations of the SSH protocol. By adapting a more formal methodology, we achieve higher confidence in our results. We improve upon Verleg’s methodology in three ways: First, we expand the scope of our learned model, by learning a single model for the three layers of SSH. Then, we achieve a degree of confidence in our model by using a more advanced testing algorithm. Finally, we increase confidence in the analysis of model by performing formal model checking instead of manual inspection of results.
منابع مشابه
SNOOZE: Toward a Stateful NetwOrk prOtocol fuzZEr
Fuzzing is a well-known black-box approach to the security testing of applications. Fuzzing has many advantages in terms of simplicity and effectiveness over more complex, expensive testing approaches. Unfortunately, current fuzzing tools suffer from a number of limitations, and, in particular, they provide little support for the fuzzing of stateful protocols. In this paper, we present SNOOZE, ...
متن کاملA Data Mining Framework for Securing 3G Core Network from GTP Fuzzing Attacks
Since the emergence of 3G cellular IP networks, internet usage via 3G data services has become ubiquitous. Therefore such network is an important target for imposters who can disrupt the internet services by attacking the network core, thereby causing significant revenue losses to mobile operators. GPRS Tunneling Protocol GTP is the primary protocol used between the 3G core network nodes. In th...
متن کاملSecurity testing of session initiation protocol implementations
The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...
متن کاملProtocol State Fuzzing of TLS Implementations
We describe a largely automated and systematic analysis of TLS implementations by what we call ‘protocol state fuzzing’: we use state machine learning to infer state machines from protocol implementations, using only blackbox testing, and then inspect the inferred state machines to look for spurious behaviour which might be an indication of flaws in the program logic. For detecting the presence...
متن کاملPulsar: Stateful Black-Box Fuzzing of Proprietary Network Protocols
The security of network services and their protocols critically depends on minimizing their attack surface. A single flaw in an implementation can suffice to compromise a service and expose sensitive data to an attacker. The discovery of vulnerabilities in protocol implementations, however, is a challenging task: While for standard protocols this process can be conducted with regular techniques...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2017