Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)

Дата: 08.01.2020. Автор: CISOCLUB. Категории: Подкасты и видео по информационной безопасности

In this work, we present a method that leverages a formal black-box method to unearth deviations of protocol implementations in closed-source network devices with no need to access the binary or source code of the device. Our method finds such deviations in a fully automatic manner while leveraging a model-based testing approach. We applied the method to several routers to check their routing protocols’ implementations (specifically OSPF) using the tool we found logical vulnerabilities in routers by Cisco and Quagga.

By Gabi Nakibly

Full Abstract:


Об авторе CISOCLUB

Редакция CISO CLUB. Официальный аккаунт. CISO CLUB - информационный портал и профессиональное сообщество специалистов по информационной безопасности.
Читать все записи автора CISOCLUB

Добавить комментарий

Ваш адрес email не будет опубликован.