Improving Protocol Vulnerability Discovery via Semantic Interpretation of Textual Specifications



Automatically analyzing the information available in documentations in the form of textual specification will open new avenues not only for improving vulnerability finding for network protocols, but for software design in general. This project combines expertise from natural language processing and network security to create and build a framework for vulnerability discovery in network protocols, by leveraging semantic interpretation of textual specification, automated attack generation and injection, and property model checking for software implementations. The framework consists of two phases, a knowledge building phase and a vulnerability finding phase. In the knowledge building phase, semantic interpretation NLP techniques is applied to structured text (RFCs and documentation) and unstructured text (blogs, forums, and bug reports) to learn structured information about protocols such as: message formats, protocol state machine, constraints, etc. In the second phase the information learned in the knowledge phase is applied to two mechanisms for vulnerability finding, the first uses the structured protocol information to create and inject attacks, and the second uses the same information to derive protocol requirements and use them to model check finite state machines extracted from protocol implementations.





    Current Members

    • Samuel Jero


This project is funded by NSF grant CNS-1654137, PI Cristina Nita-Rotaru. This is a collaboration with Dan Goldwasser, Purdue University.