• Corpus ID: 73728786

State machine inference of QUIC

  title={State machine inference of QUIC},
  author={Abdullah Rasool and Greg Alp{\'a}r and Joeri de Ruiter},
QUIC is a recent transport protocol that provides reliable, secure and quick service on top of UDP in the internet. As QUIC is implemented in the application space rather than in the operating system's kernel, it is more efficient to dynamically develop and roll out. Currently, there are two parallel specifications, one by Google and one by IETF, and there are a few implementations. In this paper, we show how state machine inference can be applied to automatically extract the state machine… 

Figures and Tables from this paper

Formal specification and testing of QUIC

This work develops a formal specification of the wire protocol, and uses this specification to generate automated randomized testers for implementations of QUIC, and describes the experience applying a methodology of compositional specification-based testing to QUIC.

Formal Analysis of QUIC Handshake Protocol Using Symbolic Model Checking

A formal model of the QUIC handshake protocol is developed and a comprehensive formal security analysis is performed by using two state-of-the-art model checking tools for cryptographic protocols, i.e., ProVeirf and Verifpal, showing that ProVerif is generally more powerful than VerifPal in terms of verifying authentication properties.

Analysis of DTLS Implementations Using Protocol State Fuzzing

This work extends TLS-Attacker, an open source framework for analyzing TLS implementations, with support for DTLS tailored to the stateless and unreliable nature of the underlying UDP layer, and builds a framework for applying protocol state fuzzing on DTLS servers and uses it to learn state machine models for thirteen DTLS implementations.

Model Learning and Model Checking of IPSec Implementations for Internet of Things

This study uses a method combining model learning and model checking to analyze the dynamic vulnerability of IPSec protocol implementations and reveals three new security issues: a wrong interaction causing server exception and two violations of the standard.

Model-Based Grey-Box Fuzzing of Network Protocols

A model-based grey-box fuzzing approach for protocol implementations, including the server-side and client-side, is proposed, which can achieve similar or higher code coverage and vulnerability discovery capability than those of AFLNET and StateAFL.

Active vs. Passive: A Comparison of Automata Learning Paradigms for Network Protocols

The results show that passive techniques can correctly learn with less data than required by active learning, however, a general random data generation for passive learning is more expensive compared to the costs of active learning.

Noncompliance as Deviant Behavior: An Automated Black-box Noncompliance Checker for 4G LTE Cellular Devices

DIKEUE was applied in checking noncompliance in 14 COTS UEs from 5 vendors and identified 15 new deviant behavior as well as 2 previous implementation issues, among them, 11 are exploitable whereas 3 can cause potential interoperability issues.



Protocol State Fuzzing of TLS Implementations

This approach can catch an interesting class of implementation flaws that is apparently common in security protocol implementations: in three of the TLS implementations analysed new security flaws were found (in GnuTLS, the Java Secure Socket Extension, and OpenSSL).

How Secure and Quick is QUIC? Provable Security and Performance Analyses

This work introduces a security model for analyzing performance-driven protocols like QUIC and proves that QUIC satisfies its definition under reasonable assumptions on the protocol's building blocks, but finds that it does not satisfy the traditional notion of forward secrecy provided by some modes of TLS, e.g., TLS-DHE.

How quick is QUIC?

A comprehensive study about the performance of QUIC, SPDY and HTTP particularly about how they affect page load time found that none of these protocols is clearly better than the other two and the actual network conditions determine which protocol performs the best.

An integrated approach to testing complex systems

The integrated test approach is presented, which offers a coarse grained test environment realized in terms of a component-based test design on top of a library of elementary but intuitively understandable test case fragments, and an algorithm for generating approximate models for complex systems a posteriori is provided.

HTTP over UDP: an experimental investigation of QUIC

This paper investigates "Quick UDP Internet Connections" (QUIC), which was proposed by Google in 2012 as a reliable protocol on top of UDP in order to reduce Web Page retrieval time and finds that QUIC reduces the overall page retrieval time with respect to HTTP.

Multi-Stage Key Exchange and the Case of Google's QUIC Protocol

This work revisits the previous security of model of Brzuska et al. (CCS'11) and expands it into a multi-stage key exchange model in the style of Bellare and Rogaway, and shows that QUIC is an adequately secure multi- stage key exchange protocol and meets the suggested security properties of the designers.

The QUIC Transport Protocol: Design and Internet-Scale Deployment

We present our experience with QUIC, an encrypted, multiplexed, and low-latency transport protocol designed from the ground up to improve transport performance for HTTPS traffic and to enable rapid

Combining Model Learning and Model Checking to Analyze TCP Implementations

This work uses model learning to infer models of different software components and then applies model checking to fully explore what may happen when these components interact.

Extending Automated Protocol State Learning for the 802.11 4-Way Handshake

A tool is developed that uses the state machine learning method to apply this to 7 widely used Wi-Fi routers, finding 3 new security critical vulnerabilities: two distinct downgrade attacks and one router that can be made to leak some encrypted data to an attacker before authentication.

Learning Regular Sets from Queries and Counterexamples