Skip to main content

Agenda IETF114: anrw
agenda-114-anrw-03

Meeting Agenda ACM/IRTF Applied Networking Research Workshop (anrw) RAG
Date and time 2022-07-26 14:00
Title Agenda IETF114: anrw
State Active
Other versions plain text
Last updated 2022-07-24

agenda-114-anrw-03
ANRW - Applied Networking Research Workshop
IETF 114 in Philadelphia

Tuesday, July 26, 2022, 10:00-12:00, 15:00-17:00 (UTC - 4)

Meetecho: https://meetings.conf.meetecho.com/ietf114/?group=anrw&short=&item=1
Notes: https://notes.ietf.org/notes-ietf-114-anrw

Chairs:  Taejoong "Tijay" Chung and Marwan Fayed

Session 1: Keynote and Research Papers

10:00 - Welcome and Introduction

10:10 - Keynote: Layer Four and Three Quarters: Fantastic Quirks and Where to
Find Them
        Lucas Pardue

10:45 - Is It Really Necessary to Go Beyond A Fairness Metric for
Next-Generation Congestion Control?
        Safiqul Islam

11:05 - Cross-layer Network Outage Classification Using Machine Learning
        Jan Marius Evang

11:25 - On the Suitability of BBR Congestion Control for QUIC over GEO SATCOM
Networks
        Aitor Martin

11:45 - Priority-aware Forward Error Correction for HTTP
        Nooshin Eghbal
        (Remote presentation)

12:00 - Session 1 Closing

Session 2: Special Session on Protocol Specification Techniques

How should we describe and specify protocols?

How can we ensure that network protocol specifications are consistent and
correct, and how can we verify that specifications are correct and validate
that implementations match the specification?

The IETF community has long used natural language, English, to describe and
specify its protocols, mixed with occasional formal languages such as ABNF,
YANG, and so on. This session will discuss whether this is the right approach,
and to what extent formal methods, structured specification languages, and
natural language processing techniques can help describe network protocols.

15:00 - Introduction
15:10 - Automated Attack Synthesis by Extracting Finite State Machines from
Protocol Specification Documents
        Max von Hippel (Northeastern University)

          Automated attack discovery techniques, such as attacker synthesis
          or model-based fuzzing, provide powerful ways to ensure network
          protocols operate correctly and securely.  For RFC authors, these
          techniques can help assure that a protocol design is correct
          (devoid of bugs) and that its textual specification is
          unambiguous.  But such techniques, in general, require a formal
          representation of the protocol, often in the form of a finite
          state machine (FSM). Unfortunately, RFCs are written in English
          prose, and implementing even a simple network protocol as an FSM
          is time-consuming and prone to subtle logical errors.
          Automatically extracting protocol FSMs from documentation can
          significantly contribute to increased use of these techniques and
          result in more robust and secure protocol implementations.

          In this work we focus on attacker synthesis as a representative
          technique for assuring the security of protocols described by RFC
          documents. Unlike other works that rely on rule-based approaches
          or use off-the-shelf NLP tools directly, we suggest a data-driven
          approach for extracting FSMs from RFCs. Specifically, we use a
          hybrid approach consisting of three key steps: (1) large-scale
          word-representation learning for technical language, (2) focused
          zero-shot learning for mapping protocol text to a
          protocol-independent information language, and (3) rule-based
          mapping from protocol-independent information to a specific
          protocol FSM. We show the generalizability of our FSM extraction
          by using the RFCs for six different protocols: BGPv4, DCCP, LTP,
          PPTP, SCTP and TCP. We demonstrate how automated extraction of an
          FSM from an RFC can be applied to the synthesis of attacks, with
          TCP and DCCP as case-studies. Our approach shows how automated
          attack synthesis can help RFC authors design bug-free protocols
          and write unambiguous specifications.

15:40 - Tools for disambiguating RFCs
        Jane Yen (USC)
        (Remote presentation)

          To date, working groups and specification authors have been
          making significant effort in maintaining the quality of
          specifications. In particular, ambiguities are undesirable and
          critical to protocol implementation. While the guidelines of
          specification production are more complete over time to reduce
          the chances of uncertainty in specifications, it remains a
          question whether the networking community is achieving a near 0
          ambiguity specification. In this talk, we will cover our work
          which discovers ambiguous instances and under-specified instances
          in long-standing protocol and discuss what extended work could be
          explored and what ongoing study is exploring.

16:10 - CFRG Specifications in Theory and Practice
        Chris Wood (Cloudflare)

          The IRTF Crypto Forum Research Group (CFRG) is chartered with a
          responsibility of "bringing new cryptographic techniques to the
          Internet and promoting an understanding of the use and
          applicability of these mechanisms via Informational RFCs." The
          value of its contributions are heavily dependent upon the quality
          of its technical specifications. Historically, this quality has
          varied due to a number of challenging and sometimes conflicting
          goals. Sometimes specifications are unclear or ambiguous, leading
          to interoperability or security issues in practice. Other times
          specifications are complex as a consequence of being maximally
          applicable to different use cases, making the specification hard
          to understand and use properly. This talk advocates for the
          obvious importance of specification quality in the CFRG, drawing
          from work completed or underway in the CFRG. It proposes a
          framework to aid specification production. And it offers
          strategies forward to improve the specification process and its
          outputs, with specific emphasis on the possible applicability of
          formal methods

16:40 - Discussion
17:00 - Session 2 closing

Background reading:
* Automated Attack Synthesis by Extracting Finite State Machines from Protocol
Specification Documents https://github.com/RFCNLP * Semi-Automated Protocol
Disambiguation and Code Generation
https://raghavan.usc.edu/papers/sage-sigcomm21.pdf