Automated Detection of Vulnerabilities in Black-Box Routers and Other Network Devices
Offered By: Black Hat via YouTube
Course Description
Overview
Explore an innovative method for detecting vulnerabilities in closed-source network devices through a Black Hat conference talk. Learn about a formal black-box approach that uncovers protocol implementation deviations without accessing binary or source code. Discover how this automated, model-based testing method was applied to routers to check OSPF implementations, revealing logical vulnerabilities in Cisco and Quagga devices. Delve into topics such as symbolic execution, test case generation, and the path explosion problem. Gain insights into the OSPF analysis, including the fight-back mechanism, attacker model, and specific results from Cisco and Quagga testbeds.
Syllabus
Intro
INTRODUCTION-GABI NAKIBLY
OUTLINE
RESEARCH GOAL
OURMETHOD IN A GLANCE
CREATE A MODEL OF A PROTOCOL
SYMBOLIC EXECUTION 101
GENERATE TEST CASES
EXECUTE TESTS
FIND DEVIATIONS
PATH EXPLOSION PROBLEM
OUR MAIN OPTIMIZATION
OSPF ANALYSIS
THE FIGHT-BACK MECHANISM
THE ATTACKER
OSPF MODEL
CISCO TESTBED
CISCO RESULTS
QUAGGA
IN SUMMARY
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network