The Experts below are selected from a list of 6513 Experts worldwide ranked by ideXlab platform
Cristina Nitarotaru - One of the best experts on this subject based on the ideXlab platform.
-
Automated Attack discovery in tcp congestion control using a model guided approach
Proceedings of the Applied Networking Research Workshop on, 2018Co-Authors: Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove, Cristina NitarotaruAbstract:In this work, we propose an Automated method to find Attacks against TCP congestion control implementations that combines the generality of implementation-agnostic fuzzing with the precision of runtime analysis. It uses a model-guided approach to generate abstract Attack strategies by leveraging a state machine model of congestion control to find vulnerable state machine paths that an Attacker could exploit to increase or decrease the throughput of a connection. These abstract strategies are then mapped to concrete Attack strategies, which consist of sequences of actions such as injection or modification of acknowledgements. We design and implement a virtualized platform, TCPwn, that consists of a proxy-based Attack injector to inject these concrete Attack strategies. We evaluated 5 TCP implementations from 4 Linux distributions and Windows 8.1. Overall, we found 11 classes of Attacks, of which 8 are new.
-
beads Automated Attack discovery in openflow based sdn systems
Recent Advances in Intrusion Detection, 2017Co-Authors: Samuel Jero, Cristina Nitarotaru, Hamed Okhravi, Richard Skowyra, Sonia FahmyAbstract:We create BEADS, a framework to automatically generate test scenarios and find Attacks in SDN systems. The scenarios capture Attacks caused by malicious switches that do not obey the OpenFlow protocol and malicious hosts that do not obey the ARP protocol. We generated and tested almost 19,000 scenarios that consist of sending malformed messages or not properly delivering them, and found 831 unique bugs across four well-known SDN controllers: Ryu, POX, Floodlight, and ONOS. We classify these bugs into 28 categories based on their impact; 10 of these categories are new, not previously reported. We demonstrate how an Attacker can leverage several of these bugs by manually creating 4 representative Attacks that impact high-level network goals such as availability and network topology.
-
leveraging state information for Automated Attack discovery in transport protocol implementations
Dependable Systems and Networks, 2015Co-Authors: Samuel Jero, Hyojeong Lee, Cristina NitarotaruAbstract:We present a new method for finding Attacks in unmodified transport protocol implementations using the specification of the protocol state machine to reduce the search space of possible Attacks. Such reduction is obtained by appling malicious actions to all packets of the same type observed in the same state instead of applying them to individual packets. Our method requires knowledge of the packet formats and protocol state machine. We demonstrate our approach by developing SNAKE, a tool that automatically finds performance and resource exhaustion Attacks on unmodified transport protocol implementations. SNAKE utilizes virtualization to run unmodified implementations in their intended environments and network emulation to create the network topology. SNAKE was able to find 9 Attacks on 2 transport protocols, 5 of which we believe to be unknown in the literature.
-
turret a platform for Automated Attack finding in unmodified distributed system implementations
International Conference on Distributed Computing Systems, 2014Co-Authors: Hyojeong Lee, Endadul Hoque, Jeff Seibert, Charles Killian, Cristina NitarotaruAbstract:Security and performance are critical goals for distributed systems. The increased design complexity, incomplete expertise of developers, and limited functionality of existing testing tools often result in bugs and vulnerabilities that prevent implementations from achieving their design goals in practice. Many of these bugs, vulnerabilities, and misconfigurations manifest after the code has already been deployed making the debugging process difficult and costly. In this paper, we present Turret, a platform for automatically finding performance Attacks in unmodified implementations of distributed systems. Turret does not require the user to provide any information about vulnerabilities and runs the implementation in the same operating system setup as the deployment, with an emulated network. Turret uses a new Attack finding algorithm and several optimizations that allow it to find Attacks in a matter of minutes. We ran Turret on 5 different distributed system implementations specifically designed to tolerate insider Attacks, and found 30 performance Attacks, 24 of which were not previously reported to the best of our knowledge.
Cristina Nita-rotaru - One of the best experts on this subject based on the ideXlab platform.
-
ANRW - Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach
Proceedings of the Applied Networking Research Workshop, 2018Co-Authors: Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove, Cristina Nita-rotaruAbstract:In this work, we propose an Automated method to find Attacks against TCP congestion control implementations that combines the generality of implementation-agnostic fuzzing with the precision of runtime analysis. It uses a model-guided approach to generate abstract Attack strategies by leveraging a state machine model of congestion control to find vulnerable state machine paths that an Attacker could exploit to increase or decrease the throughput of a connection. These abstract strategies are then mapped to concrete Attack strategies, which consist of sequences of actions such as injection or modification of acknowledgements. We design and implement a virtualized platform, TCPwn, that consists of a proxy-based Attack injector to inject these concrete Attack strategies. We evaluated 5 TCP implementations from 4 Linux distributions and Windows 8.1. Overall, we found 11 classes of Attacks, of which 8 are new.
-
RAID - BEADS: Automated Attack Discovery in OpenFlow-Based SDN Systems
Research in Attacks Intrusions and Defenses, 2017Co-Authors: Samuel Jero, Hamed Okhravi, Richard Skowyra, Cristina Nita-rotaru, Sonia FahmyAbstract:We create BEADS, a framework to automatically generate test scenarios and find Attacks in SDN systems. The scenarios capture Attacks caused by malicious switches that do not obey the OpenFlow protocol and malicious hosts that do not obey the ARP protocol. We generated and tested almost 19,000 scenarios that consist of sending malformed messages or not properly delivering them, and found 831 unique bugs across four well-known SDN controllers: Ryu, POX, Floodlight, and ONOS. We classify these bugs into 28 categories based on their impact; 10 of these categories are new, not previously reported. We demonstrate how an Attacker can leverage several of these bugs by manually creating 4 representative Attacks that impact high-level network goals such as availability and network topology.
-
DSN - Leveraging State Information for Automated Attack Discovery in Transport Protocol Implementations
2015 45th Annual IEEE IFIP International Conference on Dependable Systems and Networks, 2015Co-Authors: Samuel Jero, Hyojeong Lee, Cristina Nita-rotaruAbstract:We present a new method for finding Attacks in unmodified transport protocol implementations using the specification of the protocol state machine to reduce the search space of possible Attacks. Such reduction is obtained by appling malicious actions to all packets of the same type observed in the same state instead of applying them to individual packets. Our method requires knowledge of the packet formats and protocol state machine. We demonstrate our approach by developing SNAKE, a tool that automatically finds performance and resource exhaustion Attacks on unmodified transport protocol implementations. SNAKE utilizes virtualization to run unmodified implementations in their intended environments and network emulation to create the network topology. SNAKE was able to find 9 Attacks on 2 transport protocols, 5 of which we believe to be unknown in the literature.
-
ICDCS - Turret: A Platform for Automated Attack Finding in Unmodified Distributed System Implementations
2014 IEEE 34th International Conference on Distributed Computing Systems, 2014Co-Authors: Hyojeong Lee, Endadul Hoque, Jeff Seibert, Charles Killian, Cristina Nita-rotaruAbstract:Security and performance are critical goals for distributed systems. The increased design complexity, incomplete expertise of developers, and limited functionality of existing testing tools often result in bugs and vulnerabilities that prevent implementations from achieving their design goals in practice. Many of these bugs, vulnerabilities, and misconfigurations manifest after the code has already been deployed making the debugging process difficult and costly. In this paper, we present Turret, a platform for automatically finding performance Attacks in unmodified implementations of distributed systems. Turret does not require the user to provide any information about vulnerabilities and runs the implementation in the same operating system setup as the deployment, with an emulated network. Turret uses a new Attack finding algorithm and several optimizations that allow it to find Attacks in a matter of minutes. We ran Turret on 5 different distributed system implementations specifically designed to tolerate insider Attacks, and found 30 performance Attacks, 24 of which were not previously reported to the best of our knowledge.
Christopher Theisen - One of the best experts on this subject based on the ideXlab platform.
-
reusing stack traces Automated Attack surface approximation
International Conference on Software Engineering, 2016Co-Authors: Christopher TheisenAbstract:Security requirements around software systems have become more stringent as society becomes more interconnected via the Internet. New ways of prioritizing security efforts are needed so security professionals can use their time effectively to find security vulnerabilities or prevent them from occurring in the first place. The goal of this work is to help software development teams prioritize security efforts by approximating the Attack surface of a software system via stack trace analysis. Automated Attack surface approximation is a technique that uses crash dump stack traces to predict what code may contain exploitable vulnerabilities. If a code entity (a binary, file or function) appears on stack traces, then Attack Surface Approximation (ASA) considers that code entity is on the Attack surface of the software system. We also explore whether number of appearances of code on stack traces correlates with where security vulnerabilities are found. To date, feasibility studies of ASA have been performed on Windows 8 and 8.1, and Mozilla Firefox. The results from these studies indicate that ASA may be useful for practitioners trying to secure their software systems. We are now working towards establishing the ground truth of what the Attack surface of software systems is, along with looking at how ASA could change over time, among other metrics.
-
ICSE (Companion Volume) - Reusing stack traces: Automated Attack surface approximation
Proceedings of the 38th International Conference on Software Engineering Companion, 2016Co-Authors: Christopher TheisenAbstract:Security requirements around software systems have become more stringent as society becomes more interconnected via the Internet. New ways of prioritizing security efforts are needed so security professionals can use their time effectively to find security vulnerabilities or prevent them from occurring in the first place. The goal of this work is to help software development teams prioritize security efforts by approximating the Attack surface of a software system via stack trace analysis. Automated Attack surface approximation is a technique that uses crash dump stack traces to predict what code may contain exploitable vulnerabilities. If a code entity (a binary, file or function) appears on stack traces, then Attack Surface Approximation (ASA) considers that code entity is on the Attack surface of the software system. We also explore whether number of appearances of code on stack traces correlates with where security vulnerabilities are found. To date, feasibility studies of ASA have been performed on Windows 8 and 8.1, and Mozilla Firefox. The results from these studies indicate that ASA may be useful for practitioners trying to secure their software systems. We are now working towards establishing the ground truth of what the Attack surface of software systems is, along with looking at how ASA could change over time, among other metrics.
-
Automated Attack surface approximation
Foundations of Software Engineering, 2015Co-Authors: Christopher TheisenAbstract:While software systems are being developed and released to consumers more rapidly than ever, security remains an important issue for developers. Shorter development cycles means less time for these critical security testing and review efforts. The Attack surface of a system is the sum of all paths for untrusted data into and out of a system. Code that lies on the Attack surface therefore contains code with actual exploitable vulnerabilities. However, identifying code that lies on the Attack surface requires the same contested security resources from the secure testing efforts themselves. My research proposes an Automated technique to approximate Attack surfaces through the analysis of stack traces. We hypothesize that stack traces user crashes represent activity that puts the system under stress, and is therefore indicative of potential security vulnerabilities. The goal of this research is to aid software engineers in prioritizing security efforts by approximating the Attack surface of a system via stack trace analysis. In a trial on Mozilla Firefox, the Attack surface approximation selected 8.4% of files and contained 72.1% of known vulnerabilities. A similar trial was performed on the Windows 8 product.
-
ESEC/SIGSOFT FSE - Automated Attack surface approximation
Proceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering, 2015Co-Authors: Christopher TheisenAbstract:While software systems are being developed and released to consumers more rapidly than ever, security remains an important issue for developers. Shorter development cycles means less time for these critical security testing and review efforts. The Attack surface of a system is the sum of all paths for untrusted data into and out of a system. Code that lies on the Attack surface therefore contains code with actual exploitable vulnerabilities. However, identifying code that lies on the Attack surface requires the same contested security resources from the secure testing efforts themselves. My research proposes an Automated technique to approximate Attack surfaces through the analysis of stack traces. We hypothesize that stack traces user crashes represent activity that puts the system under stress, and is therefore indicative of potential security vulnerabilities. The goal of this research is to aid software engineers in prioritizing security efforts by approximating the Attack surface of a system via stack trace analysis. In a trial on Mozilla Firefox, the Attack surface approximation selected 8.4% of files and contained 72.1% of known vulnerabilities. A similar trial was performed on the Windows 8 product.
Hyojeong Lee - One of the best experts on this subject based on the ideXlab platform.
-
leveraging state information for Automated Attack discovery in transport protocol implementations
Dependable Systems and Networks, 2015Co-Authors: Samuel Jero, Hyojeong Lee, Cristina NitarotaruAbstract:We present a new method for finding Attacks in unmodified transport protocol implementations using the specification of the protocol state machine to reduce the search space of possible Attacks. Such reduction is obtained by appling malicious actions to all packets of the same type observed in the same state instead of applying them to individual packets. Our method requires knowledge of the packet formats and protocol state machine. We demonstrate our approach by developing SNAKE, a tool that automatically finds performance and resource exhaustion Attacks on unmodified transport protocol implementations. SNAKE utilizes virtualization to run unmodified implementations in their intended environments and network emulation to create the network topology. SNAKE was able to find 9 Attacks on 2 transport protocols, 5 of which we believe to be unknown in the literature.
-
DSN - Leveraging State Information for Automated Attack Discovery in Transport Protocol Implementations
2015 45th Annual IEEE IFIP International Conference on Dependable Systems and Networks, 2015Co-Authors: Samuel Jero, Hyojeong Lee, Cristina Nita-rotaruAbstract:We present a new method for finding Attacks in unmodified transport protocol implementations using the specification of the protocol state machine to reduce the search space of possible Attacks. Such reduction is obtained by appling malicious actions to all packets of the same type observed in the same state instead of applying them to individual packets. Our method requires knowledge of the packet formats and protocol state machine. We demonstrate our approach by developing SNAKE, a tool that automatically finds performance and resource exhaustion Attacks on unmodified transport protocol implementations. SNAKE utilizes virtualization to run unmodified implementations in their intended environments and network emulation to create the network topology. SNAKE was able to find 9 Attacks on 2 transport protocols, 5 of which we believe to be unknown in the literature.
-
turret a platform for Automated Attack finding in unmodified distributed system implementations
International Conference on Distributed Computing Systems, 2014Co-Authors: Hyojeong Lee, Endadul Hoque, Jeff Seibert, Charles Killian, Cristina NitarotaruAbstract:Security and performance are critical goals for distributed systems. The increased design complexity, incomplete expertise of developers, and limited functionality of existing testing tools often result in bugs and vulnerabilities that prevent implementations from achieving their design goals in practice. Many of these bugs, vulnerabilities, and misconfigurations manifest after the code has already been deployed making the debugging process difficult and costly. In this paper, we present Turret, a platform for automatically finding performance Attacks in unmodified implementations of distributed systems. Turret does not require the user to provide any information about vulnerabilities and runs the implementation in the same operating system setup as the deployment, with an emulated network. Turret uses a new Attack finding algorithm and several optimizations that allow it to find Attacks in a matter of minutes. We ran Turret on 5 different distributed system implementations specifically designed to tolerate insider Attacks, and found 30 performance Attacks, 24 of which were not previously reported to the best of our knowledge.
-
ICDCS - Turret: A Platform for Automated Attack Finding in Unmodified Distributed System Implementations
2014 IEEE 34th International Conference on Distributed Computing Systems, 2014Co-Authors: Hyojeong Lee, Endadul Hoque, Jeff Seibert, Charles Killian, Cristina Nita-rotaruAbstract:Security and performance are critical goals for distributed systems. The increased design complexity, incomplete expertise of developers, and limited functionality of existing testing tools often result in bugs and vulnerabilities that prevent implementations from achieving their design goals in practice. Many of these bugs, vulnerabilities, and misconfigurations manifest after the code has already been deployed making the debugging process difficult and costly. In this paper, we present Turret, a platform for automatically finding performance Attacks in unmodified implementations of distributed systems. Turret does not require the user to provide any information about vulnerabilities and runs the implementation in the same operating system setup as the deployment, with an emulated network. Turret uses a new Attack finding algorithm and several optimizations that allow it to find Attacks in a matter of minutes. We ran Turret on 5 different distributed system implementations specifically designed to tolerate insider Attacks, and found 30 performance Attacks, 24 of which were not previously reported to the best of our knowledge.
Endadul Hoque - One of the best experts on this subject based on the ideXlab platform.
-
Automated Attack discovery in tcp congestion control using a model guided approach
Proceedings of the Applied Networking Research Workshop on, 2018Co-Authors: Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove, Cristina NitarotaruAbstract:In this work, we propose an Automated method to find Attacks against TCP congestion control implementations that combines the generality of implementation-agnostic fuzzing with the precision of runtime analysis. It uses a model-guided approach to generate abstract Attack strategies by leveraging a state machine model of congestion control to find vulnerable state machine paths that an Attacker could exploit to increase or decrease the throughput of a connection. These abstract strategies are then mapped to concrete Attack strategies, which consist of sequences of actions such as injection or modification of acknowledgements. We design and implement a virtualized platform, TCPwn, that consists of a proxy-based Attack injector to inject these concrete Attack strategies. We evaluated 5 TCP implementations from 4 Linux distributions and Windows 8.1. Overall, we found 11 classes of Attacks, of which 8 are new.
-
ANRW - Automated Attack Discovery in TCP Congestion Control Using a Model-guided Approach
Proceedings of the Applied Networking Research Workshop, 2018Co-Authors: Samuel Jero, Endadul Hoque, David Choffnes, Alan Mislove, Cristina Nita-rotaruAbstract:In this work, we propose an Automated method to find Attacks against TCP congestion control implementations that combines the generality of implementation-agnostic fuzzing with the precision of runtime analysis. It uses a model-guided approach to generate abstract Attack strategies by leveraging a state machine model of congestion control to find vulnerable state machine paths that an Attacker could exploit to increase or decrease the throughput of a connection. These abstract strategies are then mapped to concrete Attack strategies, which consist of sequences of actions such as injection or modification of acknowledgements. We design and implement a virtualized platform, TCPwn, that consists of a proxy-based Attack injector to inject these concrete Attack strategies. We evaluated 5 TCP implementations from 4 Linux distributions and Windows 8.1. Overall, we found 11 classes of Attacks, of which 8 are new.
-
turret a platform for Automated Attack finding in unmodified distributed system implementations
International Conference on Distributed Computing Systems, 2014Co-Authors: Hyojeong Lee, Endadul Hoque, Jeff Seibert, Charles Killian, Cristina NitarotaruAbstract:Security and performance are critical goals for distributed systems. The increased design complexity, incomplete expertise of developers, and limited functionality of existing testing tools often result in bugs and vulnerabilities that prevent implementations from achieving their design goals in practice. Many of these bugs, vulnerabilities, and misconfigurations manifest after the code has already been deployed making the debugging process difficult and costly. In this paper, we present Turret, a platform for automatically finding performance Attacks in unmodified implementations of distributed systems. Turret does not require the user to provide any information about vulnerabilities and runs the implementation in the same operating system setup as the deployment, with an emulated network. Turret uses a new Attack finding algorithm and several optimizations that allow it to find Attacks in a matter of minutes. We ran Turret on 5 different distributed system implementations specifically designed to tolerate insider Attacks, and found 30 performance Attacks, 24 of which were not previously reported to the best of our knowledge.
-
ICDCS - Turret: A Platform for Automated Attack Finding in Unmodified Distributed System Implementations
2014 IEEE 34th International Conference on Distributed Computing Systems, 2014Co-Authors: Hyojeong Lee, Endadul Hoque, Jeff Seibert, Charles Killian, Cristina Nita-rotaruAbstract:Security and performance are critical goals for distributed systems. The increased design complexity, incomplete expertise of developers, and limited functionality of existing testing tools often result in bugs and vulnerabilities that prevent implementations from achieving their design goals in practice. Many of these bugs, vulnerabilities, and misconfigurations manifest after the code has already been deployed making the debugging process difficult and costly. In this paper, we present Turret, a platform for automatically finding performance Attacks in unmodified implementations of distributed systems. Turret does not require the user to provide any information about vulnerabilities and runs the implementation in the same operating system setup as the deployment, with an emulated network. Turret uses a new Attack finding algorithm and several optimizations that allow it to find Attacks in a matter of minutes. We ran Turret on 5 different distributed system implementations specifically designed to tolerate insider Attacks, and found 30 performance Attacks, 24 of which were not previously reported to the best of our knowledge.
