Skip to content
/ netlifter Public

Lifting network implementation to precise format specification

License

AGPL-3.0 license
22 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

qingkaishi/netlifter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
.vscode
.vscode
 
 
benchmarks
benchmarks
 
 
include
include
 
 
lib
lib
 
 
tools
tools
 
 
.gitignore
.gitignore
 
 
CMakeLists.txt
CMakeLists.txt
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 

Repository files navigation

Popeye

Popeye is a prototype implementation of the technique known as NetLifter, which is published in CCS 2023 and aims to lift the source code of a protocol implementation to BNF-style protocol formats.

Lifting Network Protocol Implementation to Precise Format Specification with Security Applications
Qingkai Shi, Junyang Shao, Yapeng Ye, Mingwei Zheng, Xiangyu Zhang
The ACM Conference on Computer and Communications Security (CCS '23)

News! A follow-up work on identifying silent protocol bugs has been accepted by OOPSLA 2024!

ParDiff: Practical Static Differential Analysis of Network Protocol Parsers
Mingwei Zheng, Qingkai Shi, Xuwei Liu, Xiangzhe Xu, Le Yu, Congyu Liu, Guannan Wei, Xiangyu Zhang
Proceedings of the ACM on Programming Languages (OOPSLA '24)
!!!ACM SIGPLAN Distinguished Paper Award!!!

Disclaimer

There are a lot of rough edges and bugs in this early prototype. Pull requests are welcome if you like to contribute to this project.

Build

Dependency:

  • llvm-12.0.1, you can install it by sudo apt install llvm-12.
  • z3-4.8.12, better to use my copy, need to compile and install using cmake.
$ git clone [email protected]:qingkaishi/netlifter.git
$ cd netlifter
$ mkdir build
$ cd build
$ cmake ..
$ make

Run the following command for regression testing. You can refer to benchmarks/popeye/regession.sh for how we run each benchmark protocol.

$ cd build
$ make regression

Run

Details of how we run Popeye can be found here. Please refer to benchmarks/readme.txt for more examples. Basically, the input is LLVM bitcode with some simple annotations that annotate the byte buffer containing the network message. The output is the message format in BNF.

Note that when compiling source code to LLVM bitcode, please add -fno-vectorize -fno-slp-vectorize to CFLAGS and CXXFLAGS to avoid generating vectorized instructions, which currently we do not support.

Also, it's better to remove all -Ox options and add the -g option to CFLAGS and CXXFLAGS, which will let the bitcode include debug information. The debug information will help infer the name of fields in a network message.

About

Lifting network implementation to precise format specification

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

22 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages