all InfoSec news
A Formal Analysis of SCTP: Attack Synthesis and Patch Verification
March 12, 2024, 4:10 a.m. | Jacob Ginesin, Max von Hippel, Evan Defloor, Cristina Nita-Rotaru, Michael T\"uxen
cs.CR updates on arXiv.org arxiv.org
Abstract: SCTP is a transport protocol offering features such as multi-homing, multi-streaming, and message-oriented delivery. Its two main implementations were subjected to conformance tests using the PacketDrill tool. Conformance testing is not exhaustive and a recent vulnerability (CVE-2021-3772) showed SCTP is not immune to attacks. Changes addressing the vulnerability were implemented, but the question remains whether other flaws might persist in the protocol design.
We study the security of the SCTP design, taking a rigorous approach …
analysis arxiv attack attacks cs.cr cve delivery features immune main message patch protocol streaming testing tests tool transport verification vulnerability
More from arxiv.org / cs.CR updates on arXiv.org
IDEA: Invariant Defense for Graph Adversarial Robustness
2 days, 7 hours ago |
arxiv.org
FairCMS: Cloud Media Sharing with Fair Copyright Protection
2 days, 7 hours ago |
arxiv.org
Efficient unitary designs and pseudorandom unitaries from permutations
2 days, 7 hours ago |
arxiv.org
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Officer Hospital Laguna Beach
@ Allied Universal | Laguna Beach, CA, United States
Sr. Cloud DevSecOps Engineer
@ Oracle | NOIDA, UTTAR PRADESH, India
Cloud Operations Security Engineer
@ Elekta | Crawley - Cornerstone
Cybersecurity – Senior Information System Security Manager (ISSM)
@ Boeing | USA - Seal Beach, CA
Engineering -- Tech Risk -- Security Architecture -- VP -- Dallas
@ Goldman Sachs | Dallas, Texas, United States