Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Paul Fiterau Brostean
Learning-SSH-Paper
Commits
94bcb64d
Commit
94bcb64d
authored
Feb 17, 2017
by
Frits Vaandrager
Browse files
added ref to related work of Chen et al
parent
7520fc22
Changes
2
Hide whitespace changes
Inline
Side-by-side
introduction.tex
View file @
94bcb64d
...
...
@@ -42,6 +42,10 @@ unexpected orders to expose any hidden anomalies.
%but that research does not consider logical flaws in actual software
%implementations.
Chen et al.
\cite
{
ChenDW04
}
use the MOPS software model checking tool
to detect security vulnerabilities in the OpenSSH C implementation
due to violation of folk rules for the construction of secure programs
such as ``Do not open a file in writing mode to stdout or stderr''.
Udrea et al.
\cite
{
Udrea
_
rule-based
_
2008
}
also investigated SSH
implementations for logical flaws. They used a static analysis tool to
check two C implementations of SSH against an extensive set of rules.
...
...
@@ -54,6 +58,7 @@ defined at an abstract level so do not need such tailoring. Moreover,
our black box approach approach means we can analyze any implementation
of SSH, not just C implementations.
Formal models of SSH in the form of state machines have been used
before, namely for a manual code review of OpenSSH
\cite
{
Poll
_
rigorous
_
2011
}
, formal program verification of a Java
...
...
sigproc.bib
View file @
94bcb64d
...
...
@@ -261,28 +261,24 @@ machine learning algorithms},
@misc
{
rfc4254
,
author
=
{Ylonen, T. and Lonvick, C.}
,
month
=
jan
,
title
=
{The Secure Shell ({SSH}) Connection Protocol. {RFC} 4254, IETF, Network Working Group}
,
year
=
{2006}
}
@misc
{
rfc4252
,
author
=
{Ylonen, T. and Lonvick, C.}
,
month
=
jan
,
title
=
{The Secure Shell ({SSH}) Authentication Protocol. {RFC} 4252, IETF, Network Working Group}
,
year
=
{2006}
}
@misc
{
rfc4253
,
author
=
{Ylonen, T. and Lonvick, C.}
,
month
=
jan
,
title
=
{The Secure Shell ({SSH}) Transport Layer Protocol. {RFC} 4253, IETF, Network Working Group}
,
year
=
{2006}
}
@misc
{
rfc4251
,
author
=
{Ylonen, T. and Lonvick, C.}
,
month
=
jan
,
title
=
{The Secure Shell ({SSH}) Protocol Architecture. {RFC} 4251, IETF, Network Working Group}
,
year
=
{2006}
}
...
...
@@ -564,3 +560,17 @@ machine learning algorithms},
}
@inproceedings
{
ChenDW04
,
author
=
{H. Chen and
D. Dean and
D. Wagner}
,
title
=
{Model Checking One Million Lines of {C} Code}
,
booktitle
=
{{NDSS}}
,
year
=
{2004}
,
publisher
=
{The Internet Society}
,
url
=
{http://www.isoc.org/isoc/conferences/ndss/04/proceedings/Papers/Chen.pdf}
,
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment