BEGIN:VCALENDAR VERSION:2.0 PRODID:-//Date iCal//NONSGML kigkonsult.se iCalcreator 2.20.2// METHOD:PUBLISH X-WR-CALNAME;VALUE=TEXT:Eventi DIAG BEGIN:VTIMEZONE TZID:Europe/Paris BEGIN:STANDARD DTSTART:20231029T030000 TZOFFSETFROM:+0200 TZOFFSETTO:+0100 RDATE:20241027T030000 TZNAME:CET END:STANDARD BEGIN:DAYLIGHT DTSTART:20240331T020000 TZOFFSETFROM:+0100 TZOFFSETTO:+0200 TZNAME:CEST END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT UID:calendar.28329.field_data.0@www.u-gov-ricerca.uniroma1.it DTSTAMP:20260407T200322Z CREATED:20240521T131329Z DESCRIPTION:Abstract Automated attack discovery techniques\, such as attack er synthesis or model-based fuzzing\, provide powerful ways to ensure netw ork protocols operate correctly and securely. Such techniques\, in general \, require a formal representation of the protocol\, often in the form of a finite state machine (FSM). Unfortunately\, many protocols are only desc ribed in English prose. We show how to extract protocol specification in t he form of FSM from RFCs.  Unlike other works that rely on rule-based appr oaches or use  off-the-shelf NLP tools directly\, we suggest a data-driven approach  for extracting FSMs from RFC documents. Specifically\, we use a hybrid approach consisting of three key steps: (1) large-scale  word-repr esentation learning for technical language\, (2) focused zero-shot learnin g for mapping protocol text to a protocol-independent information language \, and (3) rule-based mapping from protocol-independent information to a s pecific protocol FSM. We show the generalizability of our FSM extraction b y using the RFCs for six different protocols: BGPv4\, DCCP\, LTP\, PPTP\, SCTP and TCP. We demonstrate how automated extraction of an FSM from an RF C can be applied to the synthesis of attacks\, with TCP and DCCP as case-s tudies. This work appeared in IEEE Security and Privacy 2022 as``Automated Attack Synthesis by Extracting Finite State Machines from Protocol Specif ication Documents.''  Maria Leonor Pacheco\, Max von Hippel\, Ben Weintrau b Dan Goldwasser Cristina Nita-Rotaru. IEEE S&P 2022.Code available at: ht tps://github.com/RFCNLP Bio: Cristina Nita-Rotaru is a Professor of Comput er Science in the Khoury College of Computer Sciences at Northeastern Univ ersity (since 2015) where she leads the Network and Distributed Systems Se curity Laboratory (NDS2). Prior to joining Northeastern she was a faculty in the Department of Computer Science at Purdue University (2003 - 2015). She served as Associate Dean of Faculty at Northeastern University (2017 - 2020) and as an Assistant Director for CERIAS at Purdue University (2011 - 2013). Her research lies at the intersection of security\, distributed s ystems\, and computer networks. The overarching goal of her work is design ing and building secure and resilient distributed systems and network prot ocols\, with assurance that the deployed implementations provide their sec urity\, resilience\, and performance goals. Her work received several best paper awards in NETYS 2023\, ACM SACMAT 2022\, IEEE SafeThings 2019\, NDS S 2018\, ISSRE 2017\, DSN 2015\, two IETF/IRTF Applied Networking Research Prize in 2018 and 2016\, and Test-of-Time award in ACM SACMAT 2022. She i s a recipient of the NSF Career Award in 2006. Cristina Nita-Rotaru has se rved on the program committee of numerous conferences in networking\, dist ributed systems and security such as IEEE S&P\, USENIX Security\, ACM CCS\ , NDSS\, ACM Wisec\, USENIX OSDI\, USENIX ATC\, ACM SOCC\, ACM SIGCOMM\, A CM CoNEXT\, IEEE INFOCOM\, IEEE ICNP\, WWW\, IEEE ICDCS\, IEEE/IFIP DSN\, Eurosys\, and Euro S&P. She was an Associate Editor for IEEE Transactions on Computers\, ACM Transactions on Information Systems Security\, Computer Networks\, IEEE Transactions on Mobile Computing and IEEE Transactions on Dependable and Secure Systems. She was a chair for ACM Wisec 2010\, IEEE CNS 2013\, ACM GameSec 2013\, IEEE DSN 2016\, and IEEE ICNP 2018 and chair of the NDSS Steering Group 2023 - 2024.  She currently serves as TPC co-C hair for IEEE S&P 2025 and 2026. DTSTART;TZID=Europe/Paris:20240528T120000 DTEND;TZID=Europe/Paris:20240528T120000 LAST-MODIFIED:20240521T145146Z LOCATION:Aula B2 SUMMARY:Leveraging Textual Specifications for Automated Attack Discovery in Network Protocols - Cristina Nita-Rotaru URL;TYPE=URI:http://www.u-gov-ricerca.uniroma1.it/node/28329 END:VEVENT END:VCALENDAR