BriefGPT.xyz
Feb, 2022
从协议规范文档中提取有限状态机进行自动攻击合成
Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents
HTML
PDF
Maria Leonor Pacheco, Max von Hippel, Ben Weintraub, Dan Goldwasser, Cristina Nita-Rotaru
TL;DR
本文提出了一种数据驱动、规则映射以及聚焦零样本学习的混合方法,从 RFC 文档中自动提取有限状态机,推广到了六种不同协议的 FSM 提取,并演示了对 RFC 中 TCP 和 DCCP 协议的攻击自动化合成。
Abstract
automated attack discovery
techniques, such as
attacker synthesis
or model-based fuzzing, provide powerful ways to ensure network protocols operate correctly and securely. Such techniques, in general, require a f
→