Design and validation of computer protocols
Design and validation of computer protocols
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
TCP/IP illustrated (vol. 1): the protocols
TCP/IP illustrated (vol. 1): the protocols
An automatic trace analysis tool generator for Estelle specifications
SIGCOMM '95 Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Automated packet trace analysis of TCP implementations
SIGCOMM '97 Proceedings of the ACM SIGCOMM '97 conference on Applications, technologies, architectures, and protocols for computer communication
Building adaptive systems using ensemble
Software—Practice & Experience - Special issue on multiprocessor operating systems
A readable TCP in the Prolac protocol language
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Packet types: abstract specification of network protocol messages
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
FMSP '00 Proceedings of the third workshop on Formal methods in software practice
What packets may come: automata for network monitoring
POPL '01 Proceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verisim: Formal Analysis of Network Simulations
IEEE Transactions on Software Engineering
Logic Verification of ANSI-C Code with SPIN
Proceedings of the 7th International SPIN Workshop on SPIN Model Checking and Software Verification
Ad-hoc On-Demand Distance Vector Routing
WMCSA '99 Proceedings of the Second IEEE Workshop on Mobile Computer Systems and Applications
Network event recognition
Chasing a Definition of "Alarm"
Journal of Network and Systems Management
The semantics of alarm definitions: enabling systematic reasoning about alarms
International Journal of Network Management
Hi-index | 0.00 |
Network protocols can be tested by capturing communication packets, assembling them into the high-level events, and comparing these to a finite state machine that describes the protocol standard. This process, which we call Network Event Recognition (NER), faces a number of challenges only partially addressed by existing systems. These include the ability to provide precise conformance with specifications, achieve adequate performance, admit analysis of the correctness of recognizers, provide useful diagnostics to enable the analysis of errors, and provide reasonable fidelity by distinguishing application errors from network errors. We introduce a special-purpose Network Event Recognition Language (NERL) and associated tools to address these issues. We validate the design using case studies on protocols at application and transport layers. These studies show that our system can efficiently find errors in recognizers and implementations of widely deployed protocols; they also demonstrate how improved diagnostics and transformations can substantially improve understanding of information generated by packet traces.