The Problem
A team needed to audit a set of inter-related network protocols for vulnerabilities. While there are many tools that can perform static analysis of code for vulnerabilities, none were fit to assist with this type of audit. The team resorted to debugging techniques which consumed precious time.
The Analysis
We took a systematic approach to the analysis of the inter-related network protocols:
- We gathered and analyzed protocol logs to map the various protocol interactions generated by the protocols.
- We located the code pieces driving these interactions.
- We examined the code pieces for vulnerabilities using interaction simulation and manual inspection.
The Solution
We provided a detailed audit report for the inter-related network protocols which included:
- A map of protocol interactions.
- References to locations in the code for each protocol interaction
- Simulation results for protocol interactions.
The report was used as a basis for determining vulnerabilities of the protocols.
The Impact
The team obtained a clear view of the joint and dynamic behavior of the network protocols. The simulation results provided confidence in the accuracy and breadth of the audit. This significantly reduced the time spent on debugging, making the team more productive. The team learned about a number of important vulnerabilities which were not otherwise discovered.