Adi Sosnovich scite author profile

Adi Sosnovich

5Publications

11Citation Statements Received

38Citation Statements Given

How they've been cited

How they cite others

Affiliations

IBM Research - Haifa, Technion – Israel Institute of Technology

Publications

Order By: Most citations

Finding Security Vulnerabilities in a Network Protocol Using Parameterized Systems

Sosnovich

Grumberg

Nakibly

2013

View full text Add to dashboard Cite

This paper presents a novel approach to automatically finding security vulnerabilities in the routing protocol OSPF-the most widely used protocol for Internet routing. We start by modeling OSPF on (concrete) networks with a fixed number of routers in a specific topology. By using the model checking tool CBMC, we found several simple, previously unpublished attacks on OSPF. In order to search for attacks in a family of networks with varied sizes and topologies, we define the concept of an abstract network which represents such a family. The abstract network A has the property that if there is an attack on A then there is a corresponding attack on each of the (concrete) networks represented by A. The attacks we have found on abstract networks reveal security vulnerabilities in the OSPF protocol, which can harm routing in huge networks with complex topologies. Finding such attacks directly on the huge networks is practically impossible. Abstraction is therefore essential. Further, abstraction enables showing that the attacks are general. That is, they are applicable in a large (even infinite) number of networks. This indicates that the attacks exploit fundamental vulnerabilities, which are applicable to many configurations of the network.

show abstract

OSPF vulnerability to persistent poisoning attacks

Nakibly

Sosnovich

Menahem

et al. 2014

View full text Add to dashboard Cite

Open Shortest Path First (OSPF) is one of the most widely deployed interior gateway routing protocols on the Internet. The most common attack vector against OSPF is spoofing of routing advertisements on behalf of a remote router. OSPF employs a self-defense "fight-back" mechanism that quickly reverts the effects of such attacks. Nonetheless, some attacks that evade the fight-back mechanism have been discovered, making it possible to persistently falsify routing advertisements. This type of attacks are the most serious threat to a routing protocol since they allow an attacker to gain persistent control over how traffic is routed throughout the network. This shows that despite its maturity, the OSPF specification is not without security flaws and may have stillunknown vulnerabilities. In this work we systematically analyze -manually and by formal verification -the OSPF specification for additional vulnerabilities in the fight-back mechanism. Our analysis uncovered a fundamental security flaw in OSPF that allows a simple means for an attacker to evade the fight-back mechanism. Most major router vendors acknowledged the existence of this vulnerability in their products. Fortunately, our analysis strongly indicates that no other vulnerabilities in the fight-back mechanism are likely to exist.

show abstract

A Model-Driven Framework for Automated Generation and Verification of Cloud Solutions from Requirements

Nezhad

Nakamura

Sosnovich

et al. 2018

View full text Add to dashboard Cite

Analyzing Internet Routing Security Using Model Checking

Sosnovich

Grumberg

Nakibly

2015

View full text Add to dashboard Cite

Formal Black-Box Analysis of Routing Protocol Implementations

Sosnovich¹,

Grumberg²,

Nakibly³

2017

Preprint

View full text Add to dashboard Cite

The Internet infrastructure relies entirely on open standards for its routing protocols. However, the overwhelming majority of routers on the Internet are proprietary and closed-source. Hence, there is no straightforward way to analyze them. Specifically, one cannot easily and systematically identify deviations of a router's routing functionality from the routing protocol's standard. Such deviations (either deliberate or inadvertent) are particularly important to identify since they present non-standard functionalities which have not been openly and rigorously analyzed by the security community. Therefore, these deviations may degrade the security or resiliency of the network.A model-based testing procedure is a technique that allows to systematically generate tests based on a model of the system to be tested; thereby finding deviations in the system compared to the model. However, applying such an approach to a complex multi-party routing protocol requires a prohibitively high number of tests to cover the desired functionality. We propose efficient and practical optimizations to the model-based testing procedure that are tailored to the analysis of routing protocols. These optimizations mitigate the scalability issues and allow to devise a formal black-box method to unearth deviations in closed-source routing protocols' implementations. The method relies only on the ability to test the targeted protocol implementation and observe its output. Identification of the deviations is fully automatic.We evaluate our method against one of the complex and widely used routing protocols on the Internet -OSPF. We search for deviations in the OSPF implementation of Cisco. Our evaluation identified numerous significant deviations that can be abused to compromise the security of a network. The deviations were confirmed by Cisco. We further employed our method to analyze the OSPF implementation of the Quagga Routing Suite -a popular open source routing software. The analysis revealed one significant deviation. Subsequent to the dis-closure of the deviations some of them were also identified by IBM, Lenovo and Huawei in their own products.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Adi Sosnovich

Finding Security Vulnerabilities in a Network Protocol Using Parameterized Systems

OSPF vulnerability to persistent poisoning attacks

A Model-Driven Framework for Automated Generation and Verification of Cloud Solutions from Requirements

Analyzing Internet Routing Security Using Model Checking

Formal Black-Box Analysis of Routing Protocol Implementations

Contact Info

Product

Resources

About