Using Program Comprehension Techniques for Syntax Testing of Network Protocols

Dr. Thomas Dean (Queen's University)


ABSTRACT

Application protocols have become sophisticated enough that they have become languages in their own right. At the best of times, these protocols are difficult to implement correctly. Traditional conformance testing of these implementations does not reveal many security vulnerabilities. In this talk we describe ongoing research where software transformation and program comprehension techniques are used to to assist in the security testing of network applications. We capture a live, valid, protocol data unit, generate modified mutants and inject the mutants back into the network to see if the network application survives. Language Comprehension techniques are used to analyze the network protocol syntax and identify features of the network protocol that are most likely to be implemented incorrectly. Source transformation techniques adapted from the program comprehension community are used to use the analysis to generate the mutant packets.

BIOGRAPHY

Thomas Dean is an Assistant Professor in the Department of Electrical and Computer Engineering at Queen's University and an Adjunct Associate Professor at the Royal Military College of Kingston. His background includes research in Air Traffic Control systems, language formalization and 5 1/2 years as a Sr. Research Scientist at Legasys Corporation where he worked on advanced software transformation and evolution techniques in an industrial setting. His current research interests are software transformation, the security of network applications and web site evolution.