Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
PST
2004
2004
Syntax-based Vulnerability Testing of Frame-based Network Protocols
Syntax-based vulnerability testing is a static black-box testing method for protocol implementations. It involves testing the Implementation Under Test (IUT) with a large number of mutated Protocol Data Units (PDUs), built by intentionally disobeying the protocol's syntax. Security vulnerabilities can be discovered by detecting anomalous behaviour or crashes in the IUT (e.g. segmentation faults, buffer, heap or stack overflows, etc.) when it attempts to parse and use a mutated PDU. Previous research has led to the development of a protocol testing framework and methodology for syntax-based testing of protocols, whose syntax is based on ASN.1 (Abstract Syntax Notation), and whose transfer syntax is based on BER or DER (Basic or Distinguished Encoding Rules). These protocols have syntactic structure information embedded in the PDU. However, many protocols are not specified using such standards and do not include embedded syntactic structure information. Instead the byte sequence of...
Real-time TrafficMutated Protocol Data | Protocol Implementations | PST 2004 | PST 2008 | Syntactic Structure Information |
Related Content
| Added | 31 Oct 2010 |
| Updated | 31 Oct 2010 |
| Type | Conference |
| Year | 2004 |
| Where | PST |
| Authors | Oded Tal, Scott Knight, Tom Dean |
Comments (0)
Researcher Info
|
