Automatic Feature Isolation in Network Protocol Software Implementations

Ze Zhang; Qingzhao Zhang; Brandon Nguyen; Sanjay Sri Vallabh Singapuram; Z. Morley Mao; Scott Mahlke

doi:10.1145/3411502.3418425

Automatic Feature Isolation in Network Protocol Software Implementations

Ze Zhang
, Qingzhao Zhang
, Brandon Nguyen
, Sanjay Sri Vallabh Singapuram
, Z. Morley Mao
, Scott Mahlke

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Common vulnerabilities and exposures (CVEs) usually exploit design or implementation flaws of specific features in widely used network protocols. Feature isolation as a general protocol customization practice is shown to be highly promising to reduce attack surfaces in these protocols. In this work-in-progress paper, we present two program analysis based methods targeting different feature granularity to automatically identify and isolate unnecessary features in a software protocol implementation. In addition, we develop a semantic reconstruction mechanism to enforce user-specified feature access control policies. Preliminary case studies confirm that our proposed techniques can be effectively applied on real-world protocol vulnerabilities.

Original language	English (US)
Title of host publication	FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation
Publisher	Association for Computing Machinery, Inc
Pages	29-34
Number of pages	6
ISBN (Electronic)	9781450380898
DOIs	https://doi.org/10.1145/3411502.3418425
State	Published - Nov 13 2020
Externally published	Yes
Event	5th ACM Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2020 - Virtual, Online, United States Duration: Nov 13 2020 → …

Publication series

Name	FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation

Conference

Conference	5th ACM Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2020
Country/Territory	United States
City	Virtual, Online
Period	11/13/20 → …

Keywords

network protocol customization
security
static program analysis

ASJC Scopus subject areas

Computer Networks and Communications
Safety, Risk, Reliability and Quality
Electrical and Electronic Engineering

Access to Document

10.1145/3411502.3418425

Cite this

Zhang, Z., Zhang, Q., Nguyen, B., Singapuram, S. S. V., Morley Mao, Z., & Mahlke, S. (2020). Automatic Feature Isolation in Network Protocol Software Implementations. In FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation (pp. 29-34). (FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation). Association for Computing Machinery, Inc. https://doi.org/10.1145/3411502.3418425

Automatic Feature Isolation in Network Protocol Software Implementations. / Zhang, Ze; Zhang, Qingzhao; Nguyen, Brandon et al.
FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation. Association for Computing Machinery, Inc, 2020. p. 29-34 (FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Zhang, Z, Zhang, Q, Nguyen, B, Singapuram, SSV, Morley Mao, Z & Mahlke, S 2020, Automatic Feature Isolation in Network Protocol Software Implementations. in FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation. FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation, Association for Computing Machinery, Inc, pp. 29-34, 5th ACM Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2020, Virtual, Online, United States, 11/13/20. https://doi.org/10.1145/3411502.3418425

Zhang Z, Zhang Q, Nguyen B, Singapuram SSV, Morley Mao Z, Mahlke S. Automatic Feature Isolation in Network Protocol Software Implementations. In FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation. Association for Computing Machinery, Inc. 2020. p. 29-34. (FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation). doi: 10.1145/3411502.3418425

Zhang, Ze ; Zhang, Qingzhao ; Nguyen, Brandon et al. / Automatic Feature Isolation in Network Protocol Software Implementations. FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation. Association for Computing Machinery, Inc, 2020. pp. 29-34 (FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation).

@inproceedings{b05930a6545448b89b80f0e274bb4eb0,

title = "Automatic Feature Isolation in Network Protocol Software Implementations",

abstract = "Common vulnerabilities and exposures (CVEs) usually exploit design or implementation flaws of specific features in widely used network protocols. Feature isolation as a general protocol customization practice is shown to be highly promising to reduce attack surfaces in these protocols. In this work-in-progress paper, we present two program analysis based methods targeting different feature granularity to automatically identify and isolate unnecessary features in a software protocol implementation. In addition, we develop a semantic reconstruction mechanism to enforce user-specified feature access control policies. Preliminary case studies confirm that our proposed techniques can be effectively applied on real-world protocol vulnerabilities.",

keywords = "network protocol customization, security, static program analysis",

author = "Ze Zhang and Qingzhao Zhang and Brandon Nguyen and Singapuram, \{Sanjay Sri Vallabh\} and \{Morley Mao\}, Z. and Scott Mahlke",

note = "Publisher Copyright: {\textcopyright} 2020 ACM.; 5th ACM Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2020 ; Conference date: 13-11-2020",

year = "2020",

month = nov,

day = "13",

doi = "10.1145/3411502.3418425",

language = "English (US)",

series = "FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation",

publisher = "Association for Computing Machinery, Inc",

pages = "29--34",

booktitle = "FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation",

}

TY - GEN

T1 - Automatic Feature Isolation in Network Protocol Software Implementations

AU - Zhang, Ze

AU - Zhang, Qingzhao

AU - Nguyen, Brandon

AU - Singapuram, Sanjay Sri Vallabh

AU - Morley Mao, Z.

AU - Mahlke, Scott

PY - 2020/11/13

Y1 - 2020/11/13

N2 - Common vulnerabilities and exposures (CVEs) usually exploit design or implementation flaws of specific features in widely used network protocols. Feature isolation as a general protocol customization practice is shown to be highly promising to reduce attack surfaces in these protocols. In this work-in-progress paper, we present two program analysis based methods targeting different feature granularity to automatically identify and isolate unnecessary features in a software protocol implementation. In addition, we develop a semantic reconstruction mechanism to enforce user-specified feature access control policies. Preliminary case studies confirm that our proposed techniques can be effectively applied on real-world protocol vulnerabilities.

AB - Common vulnerabilities and exposures (CVEs) usually exploit design or implementation flaws of specific features in widely used network protocols. Feature isolation as a general protocol customization practice is shown to be highly promising to reduce attack surfaces in these protocols. In this work-in-progress paper, we present two program analysis based methods targeting different feature granularity to automatically identify and isolate unnecessary features in a software protocol implementation. In addition, we develop a semantic reconstruction mechanism to enforce user-specified feature access control policies. Preliminary case studies confirm that our proposed techniques can be effectively applied on real-world protocol vulnerabilities.

KW - network protocol customization

KW - security

KW - static program analysis

UR - https://www.scopus.com/pages/publications/85097707349

UR - https://www.scopus.com/pages/publications/85097707349#tab=citedBy

U2 - 10.1145/3411502.3418425

DO - 10.1145/3411502.3418425

M3 - Conference contribution

AN - SCOPUS:85097707349

T3 - FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation

SP - 29

EP - 34

BT - FEAST 2020 - Proceedings of the 2020 ACM Workshop on Forming an Ecosystem Around Software Transformation

PB - Association for Computing Machinery, Inc

T2 - 5th ACM Workshop on Forming an Ecosystem Around Software Transformation, FEAST 2020

Y2 - 13 November 2020

ER -

Automatic Feature Isolation in Network Protocol Software Implementations

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this