nach oben

Erschienen in:

2020 | OriginalPaper | Buchkapitel

RecordFlux: Formal Message Specification and Generation of Verifiable Binary Parsers

verfasst von : Tobias Reiher, Alexander Senier, Jeronimo Castrillon, Thorsten Strufe

Erschienen in: Formal Aspects of Component Software

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Various vulnerabilities have been found in message parsers of protocol implementations in the past. Even highly sensitive software components like TLS libraries are affected regularly. Resulting issues range from denial-of-service attacks to the extraction of sensitive information. The complexity of protocols and imprecise specifications in natural language are the core reasons for subtle bugs in implementations, which are hard to find. The lack of precise specifications impedes formal verification.

In this paper, we propose a model and a corresponding domain-specific language to formally specify message formats of existing real-world binary protocols. A unique feature of the model is the capability to define invariants, which specify relations and dependencies between message fields. Furthermore, the model allows defining the relation of messages between different protocol layers and thus ensures correct interpretation of payload data. We present a technique to derive verifiable parsers based on the model, generate efficient code for their implementation, and automatically prove the absence of runtime errors. Examples of parser specifications for Ethernet and TLS demonstrate the applicability of our approach.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Compositional Liveness-Preserving Conformance Testing of Timed I/O Automata

Nächstes Kapitel State Identification for Labeled Transition Systems with Inputs and Outputs

Nur mit Berechtigung zugänglich

Isabelle is an automated proof assistant, HOL can be used as a functional programming language that allows proving certain properties. We refer the interested reader to [24] for an introduction into the matter.

The init function returns a list without its last element.

RecordFlux is available as open source [5].

We refer the interested reader [18] for an introduction into the language including all of its beneficial properties.

Construct: Declarative data structures for python that allow symmetric parsing and building (2019). https://github.com/construct/construct

Hammer (2019). https://github.com/UpstandingHackers/hammer

Kaitai Struct: declarative language to generate binary data parsers (2019). https://github.com/kaitai-io/kaitai_struct

Protocol Buffers (2019). https://developers.google.com/protocol-buffers/

RecordFlux (2019). https://github.com/Componolit/RecordFlux

wrk2: A constant throughput, correct latency recording variant of wrk (2019). https://github.com/treiher/wrk2

SPARK (2019). https://www.adacore.com/about-spark

Back, G.: DataScript - a specification and scripting language for binary data. In: Batory, D., Consel, C., Taha, W. (eds.) GPCE 2002. LNCS, vol. 2487, pp. 66–77. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45821-2_4CrossRefMATH

Backhouse, K.: Facebook fizz integer overflow vulnerability (CVE-2019-3560) (2019). https://blog.semmle.com/facebook-fizz-CVE-2019-3560/

10.

Bangert, J., Zeldovich, N.: Nail: a practical tool for parsing and generating data formats. In: 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI 14), pp. 615–628. USENIX Association, Broomfield (2014). https://www.usenix.org/conference/osdi14/technical-sessions/presentation/bangert

11.

Borisov, N., Brumley, D., Wang, H.J., Dunagan, J., Joshi, P., Guo, C.: Generic application-level protocol analyzer and its language. In: NDSS (2007)

12.

Bratus, S., Patterson, M.L., Hirsch, D.: From shotgun parsers to more secure stacks. Shmoocon, Nov (2013)

13.

Couprie, G.: Nom, a byte oriented, streaming, zero copy, parser combinators library in rust. In: 2015 IEEE Security and Privacy Workshops, pp. 142–148. IEEE (2015)

14.

Daly, M., et al.: PADS: an end-to-end system for processing ad hoc data. In: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data - SIGMOD 2006, p. 727. ACM Press, Chicago (2006). https://doi.org/10.1145/1142473.1142568. http://portal.acm.org/citation.cfm?doid=1142473.1142568

15.

ITU-T: Recommendation X.680 - Abstract Syntax Notation One (ASN.1): Specification of basic notation (2015)

16.

Lions, J.L., et al.: Flight 501 failure. Report by the Inquiry Board (1996)

17.

McCann, P.J., Chandra, S.: Packet types: abstract specification of network protocol messages. In: Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, SIGCOMM 2000, pp. 321–333. ACM, New York (2000). https://doi.org/10.1145/347059.347563. http://doi.acm.org/10.1145/347059.347563

18.

McCormick, J.W., Chapin, P.C.: Building High Integrity Applications with SPARK. Cambridge University Press, Cambridge (2015)CrossRef

19.

MITRE: CVE-2014-0160. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

20.

MITRE: CVE-2017-0144. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144

21.

MITRE: CVE-2017-14315. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14315

22.

Nekritz, K., Iyengar, S., Guzman, A.: Deploying TLS 1.3 at scale with Fizz, a performant open source TLS library (2018). https://code.fb.com/security/fizz/

23.

Nethercote, N., Seward, J.: Valgrind: a framework for heavyweight dynamic binary instrumentation. In: ACM SIGPLAN Notices, vol. 42, pp. 89–100. ACM (2007)

24.

Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: A Proof Assistant for Higher-Order Logic, vol. 2283. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45949-9CrossRefMATH

25.

O’Sullivan, B.: Attoparsec (2019). https://github.com/bos/attoparsec

26.

Pang, R., Paxson, V., Sommer, R., Peterson, L.: Binpac: a Yacc for writing application protocol parsers. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, IMC 2006, pp. 289–300. ACM, New York (2006). https://doi.org/10.1145/1177080.1177119. http://doi.acm.org/10.1145/1177080.1177119

27.

Rodriguez, A., McGrath, R.E.: Daffodil: A New DFDL Parser (2010)

28.

Srinivasan, R.: XDR: external data representation standard. Technical report (1995)

Titel: RecordFlux: Formal Message Specification and Generation of Verifiable Binary Parsers
verfasst von: Tobias Reiher
Alexander Senier
Jeronimo Castrillon
Thorsten Strufe
Verlag: Springer International Publishing
Buch: Formal Aspects of Component Software
Print ISBN: 978-3-030-40913-5

Electronic ISBN: 978-3-030-40914-2

Copyright-Jahr: 2020
DOI: https://doi.org/10.1007/978-3-030-40914-2_9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"