ANRW - Applied Networking Research Workshop IETF 114 in Philadelphia Tuesday, July 26, 2022, 10:00-12:00, 15:00-17:00 (UTC - 4) Meetecho: https://meetings.conf.meetecho.com/ietf114/?group=anrw&short=&item=1 Notes: https://notes.ietf.org/notes-ietf-114-anrw Chairs: Taejoong "Tijay" Chung and Marwan Fayed Session 1: Keynote and Research Papers 10:00 - Welcome and Introduction 10:10 - Keynote: Layer Four and Three Quarters: Fantastic Quirks and Where to Find Them Lucas Pardue 10:45 - Is It Really Necessary to Go Beyond A Fairness Metric for Next-Generation Congestion Control? Safiqul Islam 11:05 - Cross-layer Network Outage Classification Using Machine Learning Jan Marius Evang 11:25 - On the Suitability of BBR Congestion Control for QUIC over GEO SATCOM Networks Aitor Martin 11:45 - Priority-aware Forward Error Correction for HTTP Nooshin Eghbal (Remote presentation) 12:00 - Session 1 Closing Session 2: Special Session on Protocol Specification Techniques How should we describe and specify protocols? How can we ensure that network protocol specifications are consistent and correct, and how can we verify that specifications are correct and validate that implementations match the specification? The IETF community has long used natural language, English, to describe and specify its protocols, mixed with occasional formal languages such as ABNF, YANG, and so on. This session will discuss whether this is the right approach, and to what extent formal methods, structured specification languages, and natural language processing techniques can help describe network protocols. 15:00 - Introduction 15:10 - Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents Max von Hippel (Northeastern University) Automated attack discovery techniques, such as attacker synthesis or model-based fuzzing, provide powerful ways to ensure network protocols operate correctly and securely.  For RFC authors, these techniques can help assure that a protocol design is correct (devoid of bugs) and that its textual specification is unambiguous.  But such techniques, in general, require a formal representation of the protocol, often in the form of a finite state machine (FSM). Unfortunately, RFCs are written in English prose, and implementing even a simple network protocol as an FSM is time-consuming and prone to subtle logical errors. Automatically extracting protocol FSMs from documentation can significantly contribute to increased use of these techniques and result in more robust and secure protocol implementations. In this work we focus on attacker synthesis as a representative technique for assuring the security of protocols described by RFC documents. Unlike other works that rely on rule-based approaches or use off-the-shelf NLP tools directly, we suggest a data-driven approach for extracting FSMs from RFCs. Specifically, we use a hybrid approach consisting of three key steps: (1) large-scale word-representation learning for technical language, (2) focused zero-shot learning for mapping protocol text to a protocol-independent information language, and (3) rule-based mapping from protocol-independent information to a specific protocol FSM. We show the generalizability of our FSM extraction by using the RFCs for six different protocols: BGPv4, DCCP, LTP, PPTP, SCTP and TCP. We demonstrate how automated extraction of an FSM from an RFC can be applied to the synthesis of attacks, with TCP and DCCP as case-studies. Our approach shows how automated attack synthesis can help RFC authors design bug-free protocols and write unambiguous specifications. 15:40 - Tools for disambiguating RFCs Jane Yen (USC) (Remote presentation) To date, working groups and specification authors have been making significant effort in maintaining the quality of specifications. In particular, ambiguities are undesirable and critical to protocol implementation. While the guidelines of specification production are more complete over time to reduce the chances of uncertainty in specifications, it remains a question whether the networking community is achieving a near 0 ambiguity specification. In this talk, we will cover our work which discovers ambiguous instances and under-specified instances in long-standing protocol and discuss what extended work could be explored and what ongoing study is exploring. 16:10 - CFRG Specifications in Theory and Practice Chris Wood (Cloudflare) The IRTF Crypto Forum Research Group (CFRG) is chartered with a responsibility of "bringing new cryptographic techniques to the Internet and promoting an understanding of the use and applicability of these mechanisms via Informational RFCs." The value of its contributions are heavily dependent upon the quality of its technical specifications. Historically, this quality has varied due to a number of challenging and sometimes conflicting goals. Sometimes specifications are unclear or ambiguous, leading to interoperability or security issues in practice. Other times specifications are complex as a consequence of being maximally applicable to different use cases, making the specification hard to understand and use properly. This talk advocates for the obvious importance of specification quality in the CFRG, drawing from work completed or underway in the CFRG. It proposes a framework to aid specification production. And it offers strategies forward to improve the specification process and its outputs, with specific emphasis on the possible applicability of formal methods 16:40 - Discussion 17:00 - Session 2 closing Background reading: * Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specification Documents https://github.com/RFCNLP * Semi-Automated Protocol Disambiguation and Code Generation https://raghavan.usc.edu/papers/sage-sigcomm21.pdf