SSH Implementations: State Machine Learning and Analysis

SSH Implementations: State Machine Learning and Analysis

Yan, Yuzhu (TU Delft Electrical Engineering, Mathematics and Computer Science; TU Delft Intelligent Systems)

Verwer, S.E. (mentor)
Amzucu, Dragos (graduation committee)
van der Lubbe, J.C.A. (graduation committee)
Bozzon, A. (graduation committee)

Delft University of Technology

Computer Science | Cyber Security

2017-09-28

Analyzing large cryptographic protocol implementations can be challenging since their implementations do not perfectly match the standard [6]. The popular, highly configurable remote login method, Secure Shell (SSH) is such an example. In this thesis, we researched the fuzzing methodologies for SSH implementations. Three tools (Backfuzz, Paramiko-sshfuzz and Protocol state fuzzing) were implemented to explore their capabilities and to determine the most effective one. The protocol state fuzzing technique resulted to be the most promising approach since it is well-developed and has recently revealed a few abnormal behaviours of SSH [6], moreover it is also actively used in several cryptographic protocol implementations (i.e. TLS). Consequently, we applied this method on an real SSH implementation, the OpenSSH library (OpenSSH6.7-p1). The results are analyzed against the source code and RFC standards. To solve the readability problem of the results caused by the complex architecture of the SSH protocol, we combined the obtained SSH state machine with D3.js data visualization technique. As a result, we developed a tool for debugging SSH implementations based on the protocol state fuzzing, code review and D3.js. Lastly, the utility tool is evaluated in a survey and future works are presented.

SSH Implementations
Fuzzing
State machine learning

http://resolver.tudelft.nl/uuid:8c807ce9-0ad6-4525-b7f3-c0271448040d

Student theses

master thesis

© 2017 Yuzhu Yan