Automated Detection of Vulnerabilities in Black-Box Routers and Other Network Devices
Offered By: Black Hat via YouTube
Course Description
Overview
Explore an innovative method for detecting vulnerabilities in closed-source network devices through a Black Hat conference talk. Learn about a formal black-box approach that uncovers protocol implementation deviations without accessing binary or source code. Discover how this automated, model-based testing method was applied to routers to check OSPF implementations, revealing logical vulnerabilities in Cisco and Quagga devices. Delve into topics such as symbolic execution, test case generation, and the path explosion problem. Gain insights into the OSPF analysis, including the fight-back mechanism, attacker model, and specific results from Cisco and Quagga testbeds.
Syllabus
Intro
INTRODUCTION-GABI NAKIBLY
OUTLINE
RESEARCH GOAL
OURMETHOD IN A GLANCE
CREATE A MODEL OF A PROTOCOL
SYMBOLIC EXECUTION 101
GENERATE TEST CASES
EXECUTE TESTS
FIND DEVIATIONS
PATH EXPLOSION PROBLEM
OUR MAIN OPTIMIZATION
OSPF ANALYSIS
THE FIGHT-BACK MECHANISM
THE ATTACKER
OSPF MODEL
CISCO TESTBED
CISCO RESULTS
QUAGGA
IN SUMMARY
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube