Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Automated Detection of Vulnerabilities in Black-Box Routers and Other Network Devices

Black Hat via YouTube

Overview

Explore an innovative method for detecting vulnerabilities in closed-source network devices through a Black Hat conference talk. Learn about a formal black-box approach that uncovers protocol implementation deviations without accessing binary or source code. Discover how this automated, model-based testing method was applied to routers to check OSPF implementations, revealing logical vulnerabilities in Cisco and Quagga devices. Delve into topics such as symbolic execution, test case generation, and the path explosion problem. Gain insights into the OSPF analysis, including the fight-back mechanism, attacker model, and specific results from Cisco and Quagga testbeds.

Syllabus

Intro
INTRODUCTION-GABI NAKIBLY
OUTLINE
RESEARCH GOAL
OURMETHOD IN A GLANCE
CREATE A MODEL OF A PROTOCOL
SYMBOLIC EXECUTION 101
GENERATE TEST CASES
EXECUTE TESTS
FIND DEVIATIONS
PATH EXPLOSION PROBLEM
OUR MAIN OPTIMIZATION
OSPF ANALYSIS
THE FIGHT-BACK MECHANISM
THE ATTACKER
OSPF MODEL
CISCO TESTBED
CISCO RESULTS
QUAGGA
IN SUMMARY

Taught by

Black Hat

Reviews

Start your review of Automated Detection of Vulnerabilities in Black-Box Routers and Other Network Devices

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.