Higher order attribute grammars
PLDI '89 Proceedings of the ACM SIGPLAN 1989 Conference on Programming language design and implementation
lex & yacc (2nd ed.)
Attribute grammar paradigms—a high-level methodology in language implementation
ACM Computing Surveys (CSUR)
Network performance effects of HTTP/1.1, CSS1, and PNG
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
A grammar-based methodology for protocol specification and implementation
SIGCOMM '85 Proceedings of the ninth symposium on Data communications
The Genesis of Attribute Grammars
Proceedings of the International Conference WAGA on Attribute Grammars and their Applications
Testing network-based intrusion detection signatures using mutant exploits
Proceedings of the 11th ACM conference on Computer and communications security
Automatic Generation and Analysis of NIDS Attacks
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Towards Automatic Generation of Vulnerability-Based Signatures
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
binpac: a yacc for writing application protocol parsers
Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Automated testing of industrial control devices: the delphi database
Proceedings of the 6th International Workshop on Automation of Software Test
Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues
Information Sciences: an International Journal
Hi-index | 0.00 |
Protocol parsing is an essential step in several networkingrelated tasks. For instance, parsing network traffic is an essential step for Intrusion Prevention Systems (IPSs). The task of developing parsers for protocols is challenging because network protocols often have features that cannot be expressed in a context-free grammar. We address the problem of parsing protocols by using attribute grammars (AGs), which allow us to factor features that are not context-free and treat them as attributes. We investigate this approach in the context of protocol normalization, which is an essential task in IPSs. Normalizers generated using systematic techniques, such as ours, are more robust and resilient to attacks. Our experience is that such normalizers incur an acceptable level of overhead (approximately 15% in the worst case) and are straightforward to implement.