Automated Detection of Vulnerabilities in Black-Box Routers and Other Network Devices
Offered By: Black Hat via YouTube
Course Description
Overview
Explore an innovative method for detecting vulnerabilities in closed-source network devices through a Black Hat conference talk. Learn about a formal black-box approach that uncovers protocol implementation deviations without accessing binary or source code. Discover how this automated, model-based testing method was applied to routers to check OSPF implementations, revealing logical vulnerabilities in Cisco and Quagga devices. Delve into topics such as symbolic execution, test case generation, and the path explosion problem. Gain insights into the OSPF analysis, including the fight-back mechanism, attacker model, and specific results from Cisco and Quagga testbeds.
Syllabus
Intro
INTRODUCTION-GABI NAKIBLY
OUTLINE
RESEARCH GOAL
OURMETHOD IN A GLANCE
CREATE A MODEL OF A PROTOCOL
SYMBOLIC EXECUTION 101
GENERATE TEST CASES
EXECUTE TESTS
FIND DEVIATIONS
PATH EXPLOSION PROBLEM
OUR MAIN OPTIMIZATION
OSPF ANALYSIS
THE FIGHT-BACK MECHANISM
THE ATTACKER
OSPF MODEL
CISCO TESTBED
CISCO RESULTS
QUAGGA
IN SUMMARY
Taught by
Black Hat
Related Courses
Formal Software VerificationUniversity System of Maryland via edX Software Analysis & Testing
Georgia Institute of Technology via Udacity Computer Systems Security
Massachusetts Institute of Technology via MIT OpenCourseWare Reverse Engineering 3201: Symbolic Analysis
OpenSecurityTraining2 via Independent angr: Binary Analysis Framework - Demonstration and Analysis
New York University (NYU) via YouTube