Abstract
We develop a learning-based testing framework for register automaton models that can express the windowing behavior of TCP, thereby presenting the first significant application of register automata learning to realistic software for a class of automata with Boolean-arithmetic constraints over data values. We have applied our framework to TCP implementations belonging to different operating systems and have found a violation of the TCP specification in Linux and Windows. The violation has been confirmed by Linux developers.
P. Fiterău-Broştean—Supported by NWO project 612.001.216, Active Learning of Security Protocols (ALSEP).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
See: https://goo.gl/23VNfv.
- 2.
See: https://goo.gl/9A8ZYM.
- 3.
References
Stewart, R., Ramaiah, A., Dalal, M.: Improving TCP’s Robustness to Blind In-Window Attacks. RFC 5961, August 2010
Aarts, F., Fiterau-Brostean, P., Kuppens, H., Vaandrager, F.: Learning register automata with fresh value generation. In: Leucker, M., Rueda, C., Valencia, F.D. (eds.) ICTAC 2015. LNCS, vol. 9399, pp. 165–183. Springer, Cham (2015). doi:10.1007/978-3-319-25150-9_11
Angluin, D.: Learning regular sets from queries and counterexamples. Inf. Comput. 75(2), 87–106 (1987)
Berg, T., Grinchtein, O., Jonsson, B., Leucker, M., Raffelt, H., Steffen, B.: On the correspondence between conformance testing and regular inference. In: Cerioli, M. (ed.) FASE 2005. LNCS, vol. 3442, pp. 175–189. Springer, Heidelberg (2005). doi:10.1007/978-3-540-31984-9_14
Cassel, S., Howar, F., Jonsson, B.: RALib: a LearnLib extension for inferring EFSMs. In: DIFTS 2015 (2015)
Cassel, S., Howar, F., Jonsson, B., Steffen, B.: Active learning for extended finite state machines. Formal Aspects Comput. 28(2), 233–263 (2016)
Fiterău-Broştean, P., Janssen, R., Vaandrager, F.: Learning fragments of the TCP network protocol. In: Lang, F., Flammini, F. (eds.) FMICS 2014. LNCS, vol. 8718, pp. 78–93. Springer, Cham (2014). doi:10.1007/978-3-319-10702-8_6
Fiterău-Broştean, P., Janssen, R., Vaandrager, F.: Combining model learning and model checking to analyze TCP implementations. In: Chaudhuri, S., Farzan, A. (eds.) CAV 2016. LNCS, vol. 9780, pp. 454–471. Springer, Cham (2016). doi:10.1007/978-3-319-41540-6_25
Fiterău-Broştean, P., Lenaerts, T., de Ruiter, J., Poll, E., Vaandrager, F.W., Verleg, P.: Model learning and model checking of SSH implementations. In: SPIN Symposium (2017, to appear)
Hagerer, A., Hungar, H., Niese, O., Steffen, B.: Model generation by moderated regular extrapolation. In: Kutsche, R.-D., Weber, H. (eds.) FASE 2002. LNCS, vol. 2306, pp. 80–95. Springer, Heidelberg (2002). doi:10.1007/3-540-45923-5_6
Koopman, P., Achten, P., Plasmeijer, R.: Model-based shrinking for state-based testing. In: McCarthy, J. (ed.) TFP 2013. LNCS, vol. 8322, pp. 107–124. Springer, Heidelberg (2014). doi:10.1007/978-3-642-45340-3_7
Meinke, K., Sindhu, M.A.: Lbtest: a learning-based testing tool for reactive systems. In: ICST 2013, pp. 447–454. IEEE Computer Society (2013)
Peled, D., Vardi, M.Y., Yannakakis, M.: Black box checking. J. Autom. Lang. Comb. 7(2), 225–246 (2001)
Postel, J.: Transmission Control Protocol. RFC 793, September 1981
de Ruiter, J., Poll, E.: Protocol state fuzzing of TLS implementations. In: USENIX Security, pp. 193–206. USENIX Association, Washington, D.C. (2015)
Tretmans, J.: Model-based testing and some steps towards test-based modelling. In: Bernardo, M., Issarny, V. (eds.) SFM 2011. LNCS, vol. 6659, pp. 297–326. Springer, Heidelberg (2011). doi:10.1007/978-3-642-21455-4_9
Valiant, L.G.: A theory of the learnable. Commun. ACM 27(11), 1134–1142 (1984)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Fiterău-Broştean, P., Howar, F. (2017). Learning-Based Testing the Sliding Window Behavior of TCP Implementations. In: Petrucci, L., Seceleanu, C., Cavalcanti, A. (eds) Critical Systems: Formal Methods and Automated Verification. AVoCS FMICS 2017 2017. Lecture Notes in Computer Science(), vol 10471. Springer, Cham. https://doi.org/10.1007/978-3-319-67113-0_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-67113-0_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67112-3
Online ISBN: 978-3-319-67113-0
eBook Packages: Computer ScienceComputer Science (R0)