Article

Packet decoding using context sensitive parsing

Authors:

Sylvain Marquis,

Scott KnightAuthors Info & Claims

CASCON '06: Proceedings of the 2006 conference of the Center for Advanced Studies on Collaborative research

Pages 20 - es

https://doi.org/10.1145/1188966.1188993

Published: 16 October 2006 Publication History

Abstract

Protocol tester is a project at RMC and Queen's that applies program transformation techniques to protocol data to evaluate the security of network applications. As part of this process, binary protocols are translated into a textual representation. This paper describes a translation process using a context sensitive parser that eliminates the need to write custom code to decode each individual protocol. It is a template driven top down parser augmented by a constraint engine. The constraint engine is used to implement the context sensitive restrictions.

References

[1]

A. Aho, S. Johnson, "LR Parsing", Computing Surveys of the ACM, Vol 6, No. 2, June 1974, pp 99--124.]]

Digital Library

[2]

Apple Computer, Inc. Apple Filing Protocol Programming Guide Version 3.2]]

[3]

M. Baker, N. Nottingham, "The application /soap +xml media type, RFC 3902, Sept. 2004, http://www.faqs.org/rfcs/frc3902.html.]]

Digital Library

[4]

Beizer, B. Software Testing Techniques, New York, Van Nostrand Reinhold, 1983.]]

Digital Library

[5]

Beizer, B. "Software Testing Techniques, Second Edition", New York, Van Nostrand Reinhold, 1990.]]

Digital Library

[6]

F. Bolton, Pure Corba, 1st ed., Sams Publishing, July, 2001, ISBN 0672318121.]]

[7]

Case, J., Fedor, M., Schoffstall, M., Davin, J. "A Simple Network Management Protocol", IETF 1990. http://www.faqs.org/rfcs/rfc 1157.html]]

Digital Library

[8]

Case, J., Mundy, R., Partain, D., Stewart, B., "Introduction and Applicability Statements for Internet Standard Management Framework", RFC 3410, December 2002.]]

Digital Library

[9]

J. R. Cordy, "TXL - A Language for Programming Language Tools and Applications", Proc. LDTA 2004, ACM 4th International Workshop on Language Descriptions, Tools and Applications, Edinburg, Scotland, January 2005, pp. 3--31.]]

[10]

Dubuisson, O. "ASN.1 Communications Between Heterogeneous Systems". Morgan Kaufmann San Francisco, USA 2001.]]

Digital Library

[11]

R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, T. Berners-Lee, "Hyptertext Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999. http://www.faqs.org/rfcs/rfc2616.html]]

Digital Library

[12]

M. Ganapathi, Retargetable code generation and optimization using attribute grammars, Doctoral Thesis, University of Wisconson-Madison, January 1980.]]

Digital Library

[13]

M. Griffiths, "LL(1) Grammars and Analyses", Lecture Notes in Computer Science - Compiler Construction, No 21, Springer Verlag, New York, 1974, pp 57--84.]]

Digital Library

[14]

M. Henning, S. Vinoski, Advanced CORBA(R) Programming with C++, 1st ed., Addison-Wesley Professional, February, 1999, ISBN 0201379279]]

Digital Library

[15]

International Standard 8824 - INTERNATIONAL TELECOMMUNICATION UNION X.208, "Information technology - Open Systems Interconnection -- Specification of Abstract Syntax Notation One (ASN. 1)", 1988.]]

[16]

International Standard 8825-1 - INTERNATIONAL TELECOMMUNICATION UNION X.690, "Information Technology - ASN.1 Encoding Rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)", http://www.itu.int/ITUT/stu - dygroups/com17/languages/X690_0702.pdf, 2002.]]

[17]

R. Kaksonen, A Functional Method for Assessing Protocol Implementation Security, Licentiate Thesis. Espoo. Technical Research Centre of Finland, VTT Publications 447. ISBN 951-38-5873-1]]

[18]

R. Kaksonen, M. Laakso, A. Takanen, "Software Security Assessment through Specification Mutations and Fault Injection". Proc. of Communications and Multimedia Security Issues of the New Century / IFIP TC6/TC11 Fifth Joint Working Conference on Communications and Multimedia Security (CMS'01), Darmstadt, Germany, May 2001, ISDN 0-7923-7365-0.]]

Digital Library

[19]

U. Lamping, R. Sharpe, E. Warnik, Ethereal User's Guide, 18189 for Ethereal 0.10. 14, 2005, http://www.ethereal.com/, accessed August 10, 2006.]]

[20]

U. Lamping, Ethereal Developer's Guide, 18189 for Ethereal 0.10.14, 2005, http://www.ethereal.com/, accessed August 10,2006.]]

[21]

Leach, P., Naik, D., Draft-leach-cifs-vlspec-02: A Common Internet File System (CIFS/1.0) Protocol, Expired Internet Draft. IETF, March 13, 1997, http://www.ubiqx.org/cifs/rfc-draft/draft-leach-cifs-v1-spec-02.html]]

[22]

Lougheed, K. Rekhter, Y. "A Border Gateway Protocol 4" (BGP-4), IETF 1995, ftp://ftp.rfc-editor.org/in-notes/rfc 1771.txt]]

Digital Library

[23]

Marquis, S, Dean T., Knight, G. S. N, SCL: A Language for Security Testing of Network Applications, Proc. CASCON 2005, Toronto, Oct. 2005.]]

Digital Library

[24]

B. J. McKenzie, LR Parsing of CFG's wixh Restrictions, Tech Report 8903, Department of Computer Science, University of Canterbury, Christchurch, New Zealand.]]

[25]

Moy, J., "OSPF version 2", IETF June 1998, ftp://ftp.rfc-editor.org/innotes/rfc2328.txt]]

[26]

SNORT web site at http://www.snort.org, accessed August 10, 2006.]]

[27]

Sun, "The Java 2 API specification, version 1.5", Sun Microsystems, Sata Clara, USA 2004.]]

[28]

O. Tal, T. R. Dean, G. S. Knight, Y. Turcotte, "Syntax-based Vulnerability Testing of Frame-based Network Protocols", Proceedings of the Second Annual Conference on Privacy, Security, and Trust, Fredericton, Canada 2004, pp. 155--161]]

[29]

A. D. Thurston and J. R. Cordy. "A Backtracking LR Algorithm for Parsing Ambiguous Context-Dependent Languages" In 2006 Conference of the Centre for Advanced Studies on Collaborative Research (CASCON 2006). 14 pp., Toronto, October 2006 (to appear).]]

Digital Library

[30]

M. Tomita, editor. Generalized LR parsing. Kluwer, Norwell, MA, 1991]]

Digital Library

[31]

H. H. Vogt, S. D. Swierstra M. F. Kuiper "Higher order attribute grammars", Proceedings of the ACM SIGPLAN 1989 Conference on Programming language design and implementation, Portland, Oregon, 1989, pp: 131--145]]

Digital Library

Cited By

Hasan MElShakankiry ADean TZulkernine M(2016)Intrusion detection in a private network by satisfying constraints2016 14th Annual Conference on Privacy, Security and Trust (PST)10.1109/PST.2016.7906997(623-628)Online publication date: Dec-2016
https://doi.org/10.1109/PST.2016.7906997

Index Terms

Packet decoding using context sensitive parsing
1. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning
      1. Parsing

Recommendations

Taming context-sensitive languages with principled stateful parsing
SLE 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Software Language Engineering

Historically, true context-sensitive parsing has seldom been applied to programming languages, due to its inherent complexity. However, many mainstream programming and markup languages (C, Haskell, Python, XML, and more) possess context-sensitive ...
LR(k)-parsing of Coupled-Context-Free Grammars
COLING '94: Proceedings of the 15th conference on Computational linguistics - Volume 1

Coupled-Context-Free Grammars are a generalization of context-free grammars obtained by combining nonterminals to parentheses which can only be substituted simultaneously. Referring to the generative capacity of the grammars we obtain an infinite ...
Parsing Arabic using induced probabilistic context free grammar

The importance of the parsing task for NLP applications is well understood. However developing parsers remains difficult because of the complexity of the Arabic language. Most parsers are based on syntactic grammars that describe the syntactic ...

Comments

Information & Contributors

Information

Published In

cover image DL Hosted proceedings

CASCON '06: Proceedings of the 2006 conference of the Center for Advanced Studies on Collaborative research

October 2006

388 pages

Conference Chairs:
Kelly Lyons
IBM Toronto Software Development Lab
,
Christian Couturier
National Research Council Canada
,
Editors:
Hakan Erdogmus
National Research Council Canada
,
Eleni Stroulia
University of Alberta
,
Darlene Stewart
National Research Council Canada
,
Program Chairs:
Hakan Erdogmus
National Research Council Canada
,
Eleni Stroulia
University of Alberta

Sponsors

IBM Toronto Lab
CAS

Publisher

IBM Corp.

United States

Publication History

Published: 16 October 2006

Qualifiers

Article

Acceptance Rates

CASCON '06 Paper Acceptance Rate 24 of 90 submissions, 27%;

Overall Acceptance Rate 24 of 90 submissions, 27%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
337
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Hasan MElShakankiry ADean TZulkernine M(2016)Intrusion detection in a private network by satisfying constraints2016 14th Annual Conference on Privacy, Security and Trust (PST)10.1109/PST.2016.7906997(623-628)Online publication date: Dec-2016
https://doi.org/10.1109/PST.2016.7906997

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten