Model Learning for Securing Network Protocol Implementations

The goal of this project is develop techniques and tools for security analysis of network protocol implementations.

To that end, we will develop and leverage model learning, a technique that captures an implementation’s behavior in a learned model, which subjected to analysis can expose flaws in an implementation. Being black-box and automated has lead model learning to become an invaluable technique for security analysis.

The aim is to extend model learning and the application of its models.

We will:develop scalable model learning algorithms that generate richer models, which can capture a broader class of implementation bugs;develop automated techniques for security analysis that leverage these models to synthesize attacks and for purposes such as censorship evasion, protocol implementation identification (fingerprinting) and machine learning model verification;implement these algorithms and techniques into open-source tools, which we will apply to analyze implementations of widely used network protocols, such as DTLS, TCP and SSH, and in other security-sensitive domains.I will be the main PI of this 4-year project.

If approved, the project will fund a PhD student who I will advise.

To ensure success, we will   collaborate with researchers at Uppsala University, while also leveraging our connections with researchers at Dortmund University of Technology,  Ruhr University Bochum and Radboud University while also establishing fresh connections with Northeaster University.