Testing the Conformance of Implementations of the EAP Protocol and Its Methods to Internet Specifications
- Авторы: Nikeshin A.1, Shnitman V.1,2
-
Учреждения:
- Ivannikov Institute for System Programming, Russian Academy of Sciences
- Moscow Institute of Physics and Technology
- Выпуск: Том 45, № 7 (2019)
- Страницы: 417-423
- Раздел: Article
- URL: https://journals.rcsi.science/0361-7688/article/view/176958
- DOI: https://doi.org/10.1134/S0361768819070090
- ID: 176958
Цитировать
Аннотация
Generation of tests for checking the conformance of implementations of the Extensible Authentication Protocol (EAP) and its methods to Internet specifications is described. The project is based on the UniTESK technology that allows one to automate the verification of network protocols using their formal models and the extension JavaTesK, which implements the UniTESK technology in Java. The additional use of mutation testing techniques makes it possible to test the stability of a protocol implementation to corrupt messages. This approach proved to be effective in finding a number of critical vulnerabilities and other deviations from the EAP in some implementations.
Об авторах
A. Nikeshin
Ivannikov Institute for System Programming, Russian Academy of Sciences
Автор, ответственный за переписку.
Email: alexn@ispras.ru
Россия, Moscow, 109004
V. Shnitman
Ivannikov Institute for System Programming, Russian Academy of Sciences; Moscow Institute of Physics and Technology
Автор, ответственный за переписку.
Email: vzs@ispras.ru
Россия, Moscow, 109004; Dolgoprudnyi, Moscow oblast, 141700