Document Type

Technical Report

Publication Date

5-21-2020

Technical Report Number

TR2020-881

Abstract

The LangSec approach defends against crafted input attacks by defining a formal language specifying correct inputs and building a parser that decides that language. However, each successive input is not necessarily in the same basic language---e.g., most communication protocols use formats that depend on values previously received, or on some other additional context. When we try to use LangSec in these real-world scenarios, most parsers we write need additional mechanisms to change the recognized language as the execution progresses. This paper discusses approaches researchers have previously taken to build parsers for such protocols and provides formal descriptions of new sets of languages that could be considered to be a sequence of languages, instead of a single language describing an entire protocol---thus bringing LangSec theory closer to practice.

Download

Share

COinS