IPv6 and its implementations are complex. Interactions between different protocols and layers can lead to unintended complications: Seemingly benign privacy extensions can bring down the network switches at MIT. When OpenBSD's ICMPv6 handler tries to handle fragmented packets, it might drop a shell. To address these issues, we study IPv6 from a language-theoretic viewpoint and demonstrate a parser-based network stack. The stack uses an automatically generated parser to cleanly separate the layers, allowing each layer of functionality to be implemented with the least amount of computation necessary. This allows the stack to be more easily understood and analyzed and leads to less vulnerable systems.
To watch the video from this talk please check out this link: https://youtu.be/Pru5BRrImz0
Julian Bangert is a second year Ph.D. student focusing on computer security and systems at MIT with Nickolai Zeldovich. Previously, he studied at Dartmouth with Sergey Bratus, discovering interesting weird machines, for example in your CPU's memory manager. Nowadays, he is working on parser generators for real-world formats and their applications.