Cristina Nita-Rotaru
Professor of Computer Science
Khoury College of Computer Sciences
Northeastern University
Seminar: Leveraging Textual Specifications for Automated Attack Discovery in Network Protocols
Abstract: Automated attack discovery techniques, such as attacker synthesis or model-based fuzzing, provide powerful ways to ensure network protocols operate correctly and securely. Such techniques, in general, require a formal representation of the protocol, often in the form of a finite-state machine (FSM). Unfortunately, many protocols are only described in English prose. We show how to extract protocol specification in the form of FSM from requests for comments (RFCs). Unlike other works that rely on rule-based approaches or use off-the-shelf NLP tools directly, we suggest a data-driven approach for extracting FSMs from RFC documents.
Specifically, we use a hybrid approach consisting of three key steps: (1) large-scale word-representation learning for technical language; (2) focused zero-shot learning for mapping protocol text to a protocol-independent information language; and (3) rule-based mapping from protocol-independent information to a specific protocol FSM. We show the generalizability of our FSM extraction by using the RFCs for six different protocols: BGPv4, DCCP, LTP, PPTP, SCTP and TCP. We demonstrate how automated extraction of an FSM from an RFC can be applied to the synthesis of attacks, with TCP and DCCP as case-studies.
This work will appear in IEEE Security and Privacy 2022, titled "Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents” and co-authored with Leonor Pacheco, Max von Hippel, Ben Weintraub and Dan Goldwasser. Code available at: https://github.com/RFCNLP
About the Speaker: Cristina Nita-Rotaru is a professor of computer science in the Khoury College of Computer Sciences at Northeastern University (since 2015) where she leads the network and distributed systems security laboratory (NDS2). Prior to joining Northeastern she was a faculty in the department of Computer Science at Purdue University (2003 - 2015). She served as associate dean of faculty at Northeastern University (2017 - 2020) and as an assistant director for CERIAS at Purdue University (2011 - 2013). Her research lies at the intersection of security, distributed systems and computer networks. The overarching goal of her work is designing and building secure and resilient distributed systems and network protocols, with assurance that the deployed implementations meet their security, resilience and performance goals. Her work earned several best paper awards in IEEE SafeThings 2019, NDSS 2018, ISSRE 2017, DSN 2015 as well as two IETF/IRTF Applied Networking Research Prize awards in 2018 and 2016. She is a recipient of the NSF Career Award in 2006.
Nita-Rotaru has served on the program committee of numerous conferences in networking, distributed systems and security such as IEEE S&P, USENIX Security, ACM CCS, NDSS, ACM Wisec, USENIX OSDI, USENIX ATC, ACM SOCC, ACM SIGCOMM, ACM CoNEXT, IEEE INFOCOM, IEEE ICNP, WWW, IEEE ICDCS, IEEE/IFIP DSN, Eurosys, and Euro S&P. She was an Associate Editor for IEEE Transactions on Computers, ACM Transactions on Information Systems Security, Computer Networks, IEEE Transactions on Mobile Computing and IEEE Transactions on Dependable and Secure Systems. She was a chair for ACM Wisec 2010, IEEE CNS 2013, ACM GameSec 2013, IEEE DSN 2016, and IEEE ICNP 2018. She is a general co-chair for IEEE DSN 2022.
Host: Homa Alemzadeh, assistant professor of electrical and computer engineering with a courtesy appointment in computer science.