Sciweavers

CCS
2006
ACM

Replayer: automatic protocol replay by binary analysis

14 years 3 months ago
Replayer: automatic protocol replay by binary analysis
We address the problem of replaying an application dialog between two hosts. The ability to accurately replay application dialogs is useful in many security-oriented applications, such as replaying an exploit for forensic analysis or demonstrating an exploit to a third party. A central challenge in application dialog replay is that the dialog intended for the original host will likely not be accepted by another without modification. For example, the dialog may include or rely on state specific to the original host such as its hostname, a known cookie, etc. In such cases, a straight-forward byte-by-byte replay to a different host with a different state (e.g., different hostname) than the original observed dialog participant will likely fail. These statedependent protocol fields must be updated to reflect the different state of the different host for replay to succeed. We formally define the replay problem. We present a solution which makes novel use of program verification techniques s...
James Newsome, David Brumley, Jason Franklin, Dawn
Added 20 Aug 2010
Updated 20 Aug 2010
Type Conference
Year 2006
Where CCS
Authors James Newsome, David Brumley, Jason Franklin, Dawn Xiaodong Song
Comments (0)