Learning Fragments of the TCP Network Protocol
P. Fiterau-Brostean, R. Janssen and F.W. Vaandrager. Learning Fragments of the TCP Network Protocol In F. Lang and F. Flammini, editors. Proceedings 19th International Workshop on Formal Methods for Industrial Critical Systems, September 11-12, 2014, Florence, Italy. LNCS 8718, pp. 78--93, Springer-Verlag, 2014. DOI: 10.1007/978-3-319-10702-8_6Abstract
We apply automata learning techniques to learn fragments of the TCP network protocol by observing its external behaviour. We show that different implementations of TCP in Windows 8 and Ubuntu induce different automata models, thus allowing for fingerprinting of these implementations. In order to infer our models we use the notion of a mapper component introduced by Aarts, Jonsson and Uijen, which abstracts the large number of possible TCP packets into a limited number of abstract actions that can be handled by the regular inference tool LearnLib. Inspection of the learned models reveals that both Windows 8 and Ubuntu 13.10 violate RFC 793.