Testing network-based intrusion detection signatures using mutant exploits
Proceedings of the 11th ACM conference on Computer and communications security
On Formalism in Specifications
IEEE Software
| Hi-index | 0.00 |
A large number of vulnerabilities occur because protocol implementations failed to anticipate illegal packets. rfcs typically define what constitute "right" packets relevant to the protocol and they specify what the response should be for such packets. They are often ambiguous and remain silent on what the protocol implementation should do for packets which deviate from the specification. Implementers must and, by and large, do faithfully implement an rfc. However, implementers usually take any silence in a specification as "design freedom". Even though the protocol implementers are network specialists, they often are not knowledgeable in network security and cryptography issues, past exploits and common attack techniques that can impact the security of a protocol module, and consequently, the whole system. This paper systematically discusses vulnerabilities that can be attributed to protocol designs, inadequacies of rfcs, and omissions of the protocol implementers. Using specific examples, we point out how ambiguities in protocol rfcs have lead to security vulnerabilities. We correlate various types of security vulnerabilities with the way the rfcs are written. We make a case for such exploit-robust and attack-aware rfcs, and recommend the features for a better rfc, called erfc (Enhanced rfc). We offer advice to rfc writers, implementers and rfc approval bodies. The most effective solution to reducing network security incidents is to fix the rfcs in such a way that the implementers are forced to write an exploit-robust implementation, irrespective of their security knowledge and expertise.