Inferring OpenVPN State Machines Using Protocol State Fuzzing

Daniel, Lesly-Ann; Poll, Erik; Ruiter, Joeri de

doi:10.1109/eurospw.2018.00009

Cited by 24 publications

(10 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Open Virtual Private Network (OpenVPN) (Daniel et al, 2018). Sebuah VPN memanfaatkan jaringan publik untuk menghubungkan beberapa lokasi jarak jauh.…”

Section: Openvpnunclassified

Implementasi Keamanan Jalur Internet Menggunakan IP Tunneling pada OpenVPN Access Server dengan Protokol OpenVPN dan Protokol DNS Over HTTPS

Winawang

2021

JSA

View full text Add to dashboard Cite

OpenVPN access server merupakan salah satu solusi VPN yang sangat cocok diterapkan untuk perusahaan maupun personal karena mudah dikonfigurasi dan bisa dipasang pada server secara on-premise. Walaupun pengguna sudah menggunakan protokol OpenVPN namun masih ada celah keamanan pada sisi DNS apabila masih menggunakan DNS milik ISP yang menerapkan banyak filtering. Untuk itu protokol OpenVPN dapat digabungkan dengan protokol DNS Over HTTPS (DOH) agar traffic DNS juga sulit dimanipulasi atau diblokir. Keamanan dan kestabilan akses menggunakan OpenVPN mempunyai Quality of Service (QoS) yang mendekati akses langsung, yang mempunyai nilai selisih paket dikirim dibanding paket diterima sekitar 1,7%. Ketika ditambahkan protokol OpenVPN dan protokol DOH secara bersamaan maka selisih rata-rata paket loss akan naik menjadi 1,8%. Akses ke DNS dengan OpenVPN+DOH mempunyai response time yang lebih besar dibandingkan dengan akses DNS ke ISP secara langsung. Namun response time DNS ini tidak terlalu berpengaruh pada kecepatan akses karena DNS berfungsi untuk menerjemahkan alamat domain menjadi IP address. Tujuan dari penelitian ini adalah untuk melakukan analisis keamanan akses internet dengan cara melakukan dial VPN menggunakan protocol OpenVPN yang digabungkan dengan protokol DNS Over HTTPS.

show abstract

“…Open Virtual Private Network (OpenVPN) (Daniel et al, 2018). Sebuah VPN memanfaatkan jaringan publik untuk menghubungkan beberapa lokasi jarak jauh.…”

Section: Openvpnunclassified

Implementasi Keamanan Jalur Internet Menggunakan IP Tunneling pada OpenVPN Access Server dengan Protokol OpenVPN dan Protokol DNS Over HTTPS

Winawang

2021

JSA

View full text Add to dashboard Cite

show abstract

“…Attacks are performed over the first 25 seconds of a measurement, which stops after 85 seconds if no connection has been established. 2 GNU/Linux 5.10.11-051011-generic x86 64 3 Intel® Xeon® CPU E5-2695 v4 4 Intel® Ethernet Controller XL710 for 40 GbE QSFP+ 5 GNU/Linux 5.4.0 x86 64 6 Intel® Xeon® Gold 6242 CPU 7 Mellanox MT27800 ConnectX-5 Measurements are taken across five runs. The plots in the following sections show mean and standard deviation values across these runs.…”

Section: B) Connection Setup Delaymentioning

confidence: 99%

“…This approach is related to fuzzing, a common software testing technique that explores a large domain of possible inputs to provoke edge cases and reveal implementation bugs [18]. This technique has been applied to OpenVPN to find logical flaws in the state machine of implementations [2]. Similar to our approach, some fuzzing tools also apply evolutionary algorithms to effectively explore the input space of a given black-box application [20].…”

Section: B) Dos Attacks On Vpnmentioning

confidence: 99%

Evaluating Susceptibility of VPN Implementations to DoS Attacks Using Adversarial Testing

Streun,

Wanner,

Perrig

2021

Preprint

View full text Add to dashboard Cite

Many systems today rely heavily on virtual private network (VPN) technology to connect networks and protect their services on the Internet. While prior studies compare the performance of different implementations, they do not consider adversarial settings. To address this gap, we evaluate the resilience of VPN implementations to flooding-based denial-of-service (DoS) attacks.We focus on a class of stateless flooding attacks, which are particularly threatening to real connections, as they can be carried out by an off-path attacker that operates stealthily by spoofing source IP addresses. We have implemented various attacks to evaluate DoS resilience for three major open-source VPN solutions, with surprising results: On high-performance hardware with a 40 Gb/s interface, data transfer over established WireGuard connections can be fully denied with 700 Mb/s of attack traffic. For strongSwan (IPsec), an adversary can block any legitimate connections from being established using only 75 Mb/s of attack traffic. OpenVPN can be overwhelmed with 100 Mb/s of flood traffic, denying data transfer through the VPN connection as well as connection establishment completely. Further analysis has revealed implementation bugs and major inefficiencies in the implementations related to concurrency aspects. These findings demonstrate a need for more adversarial testing of VPN implementations with respect to DoS resilience.

show abstract

“…The release of this library sparked a number of efforts to deploy model learning for applications such as conformance testing, legacy system inference, and most relevantly, security protocol analysis. In the security domain, it has been applied to various protocols, including TLS [17,18], SSH [22], Wi-Fi [36], TCP [20], OpenVPN [16], and many others [2,3,37].…”

Section: Introductionmentioning

confidence: 99%

The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning

Stone¹,

Thomas²,

Vanhoef³

et al. 2021

Preprint

View full text Add to dashboard Cite

In this paper, we propose a new approach to infer state machine models from protocol implementations. Our method, STATEINSPECTOR, learns protocol states by using novel program analyses to combine observations of run-time memory and I/O. It requires no access to source code and only lightweight execution monitoring of the implementation under test. We demonstrate and evaluate STATEINSPECTOR's effectiveness on numerous TLS and WPA/2 implementations. In the process, we show STATEINSPECTOR enables deeper state discovery, increased learning efficiency, and more insightful post-mortem analyses than existing approaches. Further to improved learning, our method led us to discover several concerning deviations from the standards and a high impact vulnerability in a prominent Wi-Fi implementation.

show abstract

Inferring OpenVPN State Machines Using Protocol State Fuzzing

Cited by 24 publications

References 24 publications

Implementasi Keamanan Jalur Internet Menggunakan IP Tunneling pada OpenVPN Access Server dengan Protokol OpenVPN dan Protokol DNS Over HTTPS

Implementasi Keamanan Jalur Internet Menggunakan IP Tunneling pada OpenVPN Access Server dengan Protokol OpenVPN dan Protokol DNS Over HTTPS

Evaluating Susceptibility of VPN Implementations to DoS Attacks Using Adversarial Testing

The Closer You Look, The More You Learn: A Grey-box Approach to Protocol State Machine Learning

Contact Info

Product

Resources

About