ACM Transactions on Computer Systems (TOCS)
Practical Byzantine fault tolerance
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Symbolic execution and program testing
Communications of the ACM
Counterexample-guided abstraction refinement for symbolic model checking
Journal of the ACM (JACM)
Compositional dynamic test generation
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Differential symbolic execution
Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Making Byzantine fault tolerant systems tolerate Byzantine faults
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
MODIST: transparent model checking of unmodified distributed systems
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Execution synthesis: a technique for automated software debugging
Proceedings of the 5th European conference on Computer systems
A decision procedure for bit-vectors and arrays
CAV'07 Proceedings of the 19th international conference on Computer aided verification
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Demand-driven compositional symbolic execution
TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Input generation via decomposition and re-stitching: finding bugs in Malware
Proceedings of the 17th ACM conference on Computer and communications security
S2E: a platform for in-vivo multi-path analysis of software systems
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
Parallel symbolic execution for automated real-world software testing
Proceedings of the sixth conference on Computer systems
Model checking a networked system without the network
Proceedings of the 8th USENIX conference on Networked systems design and implementation
The S2E Platform: Design, Implementation, and Applications
ACM Transactions on Computer Systems (TOCS) - Special Issue APLOS 2011
TACHYON: tandem execution for efficient live patch testing
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Queue - File Systems
Automatic protocol reverse-engineering: Message format extraction and field semantics inference
Computer Networks: The International Journal of Computer and Telecommunications Networking
DDOS: taming nondeterminism in distributed systems
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Hi-index | 0.00 |
Trojan messages are messages that seem correct to the receiver but cannot be generated by any correct sender. Such messages constitute major vulnerability points of a distributed system---they constitute ideal targets for a malicious actor and facilitate failure propagation across nodes. We describe Achilles, a tool that searches for Trojan messages in a distributed system. Achilles uses dynamic white-box analysis on the distributed system binaries in order to infer the predicate that defines messages parsed by receiver nodes and generated by sender nodes, respectively, and then computes Trojan messages as the difference between the two. We apply Achilles on implementations of real distributed systems: FSP, a file transfer application, and PBFT, a Byzantine-fault-tolerant state machine replication library. Achilles discovered a new bug in FSP and rediscovered a previously known vulnerability in PBFT. In our evaluation we demonstrate that our approach can perform orders of magnitude better than general approaches based on regular fuzzing and symbolic execution.