A Language-theoretic View on Network Protocols
Pierre Ganty, Boris K\"opf, Pedro Valero
TL;DR
This paper advocates using context-free grammars and parser generators to build reliable network protocol input validators, addressing limitations of existing methods and demonstrating practical application to HTTP.
Contribution
It provides a rigorous language-theoretic analysis of protocol idioms and develops a modular, robust HTTP validator based on context-free grammars and regex.
Findings
Context-free grammars can effectively specify common protocol idioms.
The proposed validator improves robustness and efficiency in HTTP input validation.
Language-theoretic analysis clarifies the limitations of existing protocol specifications.
Abstract
Input validation is the first line of defense against malformed or malicious inputs. It is therefore critical that the validator (which is often part of the parser) is free of bugs. To build dependable input validators, we propose using parser generators for context-free languages. In the context of network protocols, various works have pointed at context-free languages as falling short to specify precisely or concisely common idioms found in protocols. We review those assessments and perform a rigorous, language-theoretic analysis of several common protocol idioms. We then demonstrate the practical value of our findings by developing a modular, robust, and efficient input validator for HTTP relying on context-free grammars and regular expressions.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsIPv6, Mobility, Handover, Networks, Security · Network Packet Processing and Optimization · Web Application Security Vulnerabilities