all InfoSec news
A Formal Analysis of SCTP: Attack Synthesis and Patch Verification
March 12, 2024, 4:10 a.m. | Jacob Ginesin, Max von Hippel, Evan Defloor, Cristina Nita-Rotaru, Michael T\"uxen
cs.CR updates on arXiv.org arxiv.org
Abstract: SCTP is a transport protocol offering features such as multi-homing, multi-streaming, and message-oriented delivery. Its two main implementations were subjected to conformance tests using the PacketDrill tool. Conformance testing is not exhaustive and a recent vulnerability (CVE-2021-3772) showed SCTP is not immune to attacks. Changes addressing the vulnerability were implemented, but the question remains whether other flaws might persist in the protocol design.
We study the security of the SCTP design, taking a rigorous approach …
analysis arxiv attack attacks cs.cr cve delivery features immune main message patch protocol streaming testing tests tool transport verification vulnerability
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Director, Cyber Risk
@ Kroll | South Africa
Security Engineer, XRM
@ Meta | New York City
Security Analyst 3
@ Oracle | Romania
Internship - Cyber Security Operations
@ SES | Betzdorf, LU
Principal Product Manager (Network/Security Management) - NetSec
@ Palo Alto Networks | Bengaluru, India
IT Security Engineer
@ Timocom GmbH | Erkrath, Germany