synchronous/korg-paper
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

attack synthesis

Browse Source
This commit is contained in:
JakeGinesin
2024-11-29 13:03:10 -05:00
parent bf283fa9f4
commit 9be2be4bfd
8 changed files with 738 additions and 722 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
main.aux
View File

@@ -6,44 +6,42 @@
\newlabel{sec:introduction}{{I}{1}{}{}{}}
\@writefile{toc}{\contentsline {section}{\numberline {II}\textsc {PANDA}\xspace Architecture}{1}{}\protected@file@percent }
\newlabel{sec:design}{{II}{1}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-A}}High-level design}{1}{}\protected@file@percent }
\newlabel{sub:High-level design}{{\mbox {II-A}}{1}{}{}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces A high-level overview of the \textsc {PANDA}\xspace workflow}}{1}{}\protected@file@percent }
\newlabel{fig:korg_workflow}{{1}{1}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-B}}Supported Attacker Models}{1}{}\protected@file@percent }
\newlabel{sub:Supported Attacker Models}{{\mbox {II-B}}{1}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-A}}Mathematical Preliminaries}{1}{}\protected@file@percent }
\newlabel{sub:Mathematical Preliminaries}{{\mbox {II-A}}{1}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-B}}High-level design}{1}{}\protected@file@percent }
\newlabel{sub:High-level design}{{\mbox {II-B}}{1}{}{}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {1}{\ignorespaces A high-level overview of the \textsc {PANDA}\xspace workflow}}{2}{}\protected@file@percent }
\newlabel{fig:korg_workflow}{{1}{2}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-C}}Supported Attacker Models}{2}{}\protected@file@percent }
\newlabel{sub:Supported Attacker Models}{{\mbox {II-C}}{2}{}{}{}}
\newlabel{lst:korg_drop}{{1}{2}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {1}Example dropping attacker model gadget with drop limit of 3, targetting channel "cn"}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-C}}\textsc {PANDA}\xspace Implementation}{2}{}\protected@file@percent }
\newlabel{sub:impl}{{\mbox {II-C}}{2}{}{}{}}
\newlabel{lst:spin-model}{{6}{2}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {6}Example \textsc {Promela}\xspace model of peers communicating over a channel. \texttt {!} indicates sending a message onto a channel, \texttt {?} indicates receiving a message from a channel.}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-D}}Usage}{2}{}\protected@file@percent }
\newlabel{sub:Usage}{{\mbox {II-D}}{2}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-D}}\textsc {PANDA}\xspace Implementation}{2}{}\protected@file@percent }
\newlabel{sub:impl}{{\mbox {II-D}}{2}{}{}{}}
\newlabel{lst:korg_replay}{{2}{3}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {2}Example replay attacker model gadget with the selected replay limit as 3, targetting channel "cn"}{3}{}\protected@file@percent }
\newlabel{lst:spin-model}{{6}{3}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {6}Example \textsc {Promela}\xspace model of peers communicating over a channel. \texttt {!} indicates sending a message onto a channel, \texttt {?} indicates receiving a message from a channel.}{3}{}\protected@file@percent }
\newlabel{lst:korg_reordering}{{3}{3}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {3}Example reordering attacker model gadget with the selected replay limit as 3, targetting channel "cn"}{3}{}\protected@file@percent }
\newlabel{lst:abp}{{7}{3}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {7}Example (simplified) \textsc {Promela}\xspace model of the alternating bit protocol.}{3}{}\protected@file@percent }
\citation{Cluzel_Georgiou_Moy_Zeller_2021,Smith_1997,Pacheco2022}
\citation{Pacheco2022}
\citation{Pacheco2022}
\citation{Woos_Wilcox_Anton_Tatlock_Ernst_Anderson_2016,Wilcox_Woos_Panchekha_Tatlock_Wang_Ernst_Anderson,Ongaro}
\citation{Ongaro}
\newlabel{lst:io-file}{{4}{4}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {4}Example I/O file targetting channel "cn"}{4}{}\protected@file@percent }
\newlabel{lst:io-file-synth}{{5}{4}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {5}Example gadget synthesized from an I/O file targetting the channel "cn"}{4}{}\protected@file@percent }
\newlabel{lst:korg-shell}{{\mbox {II-D}}{4}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {II-E}}Usage}{4}{}\protected@file@percent }
\newlabel{sub:Usage}{{\mbox {II-E}}{4}{}{}{}}
\newlabel{lst:abp}{{7}{4}{}{}{}}
\@writefile{lol}{\contentsline {lstlisting}{\numberline {7}Example (simplified) \textsc {Promela}\xspace model of the alternating bit protocol.}{4}{}\protected@file@percent }
\newlabel{lst:korg-shell}{{\mbox {II-E}}{4}{}{}{}}
\@writefile{toc}{\contentsline {section}{\numberline {III}Case Studies}{4}{}\protected@file@percent }
\newlabel{sec:case_studies}{{III}{4}{}{}{}}
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-A}}TCP}{4}{}\protected@file@percent }
\newlabel{sub:TCP}{{\mbox {III-A}}{4}{}{}{}}
\newlabel{res:tcp-table}{{\mbox {III-A}}{4}{}{}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Automatically discovered attacks against our TCP model for $\phi _1$ through $\phi _4$. "x" indicates an attack was discovered, and no "x" indicates \textsc {PANDA}\xspace proved the absence of an attack via an exhaustive search. These experiments were ran on a laptop with an eighth generation i7 and 16gb of memory. Full attack traces are available in the artifact.}}{4}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-B}}Raft}{4}{}\protected@file@percent }
\newlabel{sub:Raft}{{\mbox {III-B}}{4}{}{}{}}
\citation{Woos_Wilcox_Anton_Tatlock_Ernst_Anderson_2016,Wilcox_Woos_Panchekha_Tatlock_Wang_Ernst_Anderson,Ongaro}
\citation{Ongaro}
\citation{Ongaro}
\citation{Woos_Wilcox_Anton_Tatlock_Ernst_Anderson_2016}
\citation{Woos_Wilcox_Anton_Tatlock_Ernst_Anderson_2016}
@@ -51,6 +49,15 @@
\bibdata{main}
\bibcite{Lamport_1994}{1}
\bibcite{Holzmann_1997}{2}
\newlabel{res:tcp-table}{{\mbox {III-A}}{5}{}{}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {2}{\ignorespaces Automatically discovered attacks against our TCP model for $\phi _1$ through $\phi _4$. "x" indicates an attack was discovered, and no "x" indicates \textsc {PANDA}\xspace proved the absence of an attack via an exhaustive search. These experiments were ran on a laptop with an eighth generation i7 and 16gb of memory. Full attack traces are available in the artifact.}}{5}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {\mbox {III-B}}Raft}{5}{}\protected@file@percent }
\newlabel{sub:Raft}{{\mbox {III-B}}{5}{}{}{}}
\newlabel{res:raft-table}{{\mbox {III-B}}{5}{}{}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Breakdown of the attacker scenarios assessed with \textsc {PANDA}\xspace against our Raft \textsc {Promela}\xspace model. In all experiments, Raft was set to five peers and the drop/replay limits of the gadgets \textsc {PANDA}\xspace synthesized were set to two. We conducted our experiments on a research computing cluster, allocating 250GB of memory to each verification run. The full models and attacker traces are included in the artifact.}}{5}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {IV}Conclusion}{5}{}\protected@file@percent }
\newlabel{sec:conclusion}{{IV}{5}{}{}{}}
\@writefile{toc}{\contentsline {section}{References}{5}{}\protected@file@percent }
\bibcite{Clarke_Wang}{3}
\bibcite{Basin_Cremers_Dreier_Sasse_2022}{4}
\bibcite{Blanchet_Smyth_Cheval_Sylvestre}{5}
@@ -64,9 +71,4 @@
\bibcite{Woos_Wilcox_Anton_Tatlock_Ernst_Anderson_2016}{13}
\bibcite{Wilcox_Woos_Panchekha_Tatlock_Wang_Ernst_Anderson}{14}
\bibcite{Ongaro}{15}
\newlabel{res:raft-table}{{\mbox {III-B}}{5}{}{}{}}
\@writefile{lof}{\contentsline {figure}{\numberline {3}{\ignorespaces Breakdown of the attacker scenarios assessed with \textsc {PANDA}\xspace against our Raft \textsc {Promela}\xspace model. In all experiments, Raft was set to five peers and the drop/replay limits of the gadgets \textsc {PANDA}\xspace synthesized were set to two. We conducted our experiments on a research computing cluster, allocating 250GB of memory to each verification run. The full models and attacker traces are included in the artifact.}}{5}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {IV}Conclusion}{5}{}\protected@file@percent }
\newlabel{sec:conclusion}{{IV}{5}{}{}{}}
\@writefile{toc}{\contentsline {section}{References}{5}{}\protected@file@percent }
\gdef \@abspage@last{6}