The Community for Technology Leaders
RSS Icon
Issue No.04 - July/August (2011 vol.37)
pp: 575-591
Laurent Burgy , Princeton University, Princeton
Laurent Réveillère , University of Bordeaux, LaBRI, Talence
Julia Lawall , DIKU, University of Copenhagen, Paris
Gilles Muller , INRIA-Regal, LIP6, Paris
A network application communicates with other applications according to a set of rules known as a protocol. This communication is managed by the part of the application known as the protocol-handling layer, which enables the manipulation of protocol messages. The protocol-handling layer is a critical component of a network application since it represents the interface between the application and the outside world. It must thus satisfy two constraints: It must be efficient to be able to treat a large number of messages and it must be robust to face various attacks targeting the application itself or the underlying platform. Despite these constraints, the development process of this layer still remains rudimentary and requires a high level of expertise. It includes translating the protocol specification written in a high-level formalism such as ABNF toward low-level code such as C. The gap between these abstraction levels can entail many errors. This paper proposes a new language-based approach to developing protocol-handling layers, to improve their robustness without compromising their performance. Our approach is based on the use of a domain-specific language, Zebu, to specify the protocol-handling layer of network applications that use textual HTTP-like application protocols. The Zebu syntax is very close to that of ABNF, facilitating the adoption of Zebu by domain experts. By annotating the original ABNF specification of a protocol, the Zebu user can dedicate the protocol-handling layer to the needs of a given application. The Zebu compiler first checks the annotated specification for inconsistencies, and then generates a protocol-handling layer according to the annotations. This protocol-handling layer is made up of a set of data structures that represent a message, a parser that fills in these data structures, and various stub functions to access these data structures or drive the parsing of a message.
Network protocols, message parsing, message composing, domain-specific languages.
Laurent Burgy, Laurent Réveillère, Julia Lawall, Gilles Muller, "Zebu: A Language-Based Approach for Network Protocol Message Processing", IEEE Transactions on Software Engineering, vol.37, no. 4, pp. 575-591, July/August 2011, doi:10.1109/TSE.2010.64
[1] X. Qie, R. Pang, and L. Peterson, "Defensive Programming: Using an Annotation Toolkit to Build DoS-Resistant Software," Proc. Fifth Symp. Operating System Design and Implementation, pp. 45-60, 2002.
[2] J. Rosenberg et al., "SIP: Session Initiation Protocol," IETF, RFC 3261, 2002.
[3] J. Postel, RFC 821: Simple Mail Transfer Protocol, 1982.
[4] A. Pelinescu-Onciul, J. Janak, and J. Kuthan, "SIP Express Router (SER)," IEEE Network Magazine, vol. 17, no. 4, p. 9, July/Aug. 2003.
[5] S. Krishnamurthy, "TinySIP: Providing Seamless Access to Sensor-Based Services," Proc. Third Int'l Conf. Mobile and Ubiquitous Systems: Networking and Services, pp. 1-9, 2006.
[6] S. Leggio, J. Manner, A. Hulkkonen, and K. Raatikainen, "Session Initiation Protocol Deployment in Ad-Hoc Networks: A Decentralized Approach," Proc. Second Int'l Workshop Wireless Ad-Hoc Networks, 2005.
[7] P. Stuedi, M. Bihr, A. Remund, and G. Alonso, "SIPHoc: Efficient SIP Middleware for Ad Hoc Networks," Proc. Eighth ACM/IFIP/USENIX Int'l Conf. Middleware, 2007.
[8] S.C. Johnson, "Yacc: Yet Another Compiler Compiler," technical report, Bell Telephone Laboratories, 1975.
[9] P. Hazel, PCRE—Perl Compatible Regular Expressions, http:/, 2006.
[10] D. Crocker, ed., and P. Overell, "RFC 2234: Augmented BNF for Syntax Specifications: ABNF," 1997.
[11] M. Cortes, J. Ensor, and J. Esteban, "On SIP Performance," Bell Labs Technical J., vol. 9, no. 3, pp. 155-172, 2004.
[12] M. Cortes and J.R. Ensor, "Narnia: A Virtual Machine for Multimedia Communication Services," Proc. Fourth Int'l Symp. Multimedia Software Eng., pp. 246-254, 2002.
[13] S. Wanke, M. Scharf, S. Kiesel, and S. Wahl, "Measurement of the SIP Parsing Performance in the SIP Express Router," Proc. Conf. Dependable and Adaptable Networks and Services, pp. 103-110, 2007.
[14] A. Spencer, Asterisk: The Open Source PBX, http:/www., 2010.
[15] D. Wessels, Squid: The Definitive Guide. O'Reilly & Assoc., Inc., 2004.
[16] K. Fisher and R. Gruber, "PADS: A Domain-Specific Language for Processing Ad Hoc Data," Proc. ACM SIGPLAN '05, pp. 295-304, 2005.
[17] P.J. McCann and S. Chandra, "PacketTypes: Abstract Specifications of Network Protocol Messages," Proc. SIGCOMM '00, pp. 321-333, 2000.
[18] R. Pang, V. Paxson, R. Sommer, and L. Peterson, "Binpac: A Yacc for Writing Application Protocol Parsers," Proc. Sixth ACM SIGCOMM Internet Measurement, pp. 289-300, 2006.
[19] V. Paxson, "Bro: A System for Detecting Network Intruders in Real-Time," Computer Networks: Int'l J. Computer and Telecomm. Networking, vol. 31, nos. 23/24, pp. 2435-2463, 1999.
[20] N. Borisov, D.J. Brumley, H.J. Wang, J. Dunagan, P. Joshi, and C. Guo, "A Generic Application-Level Protocol Analyzer and Its Language," Proc. 14th Ann. Network and Distributed System Security Symp., 2007.
[21] A. Madhavapeddy, "Creating High-Performance, Statically Type-Safe Network Applications," PhD dissertation, Cambridge Univ., 2007.
[22] L. Burgy, L. Réveillère, J. Lawall, and G. Muller, "A Language-Based Approach for Improving the Robustness of Network Application Protocol Implementations," Proc. 26th IEEE Int'l Symp. Reliable Distributed Systems, pp. 149-159, 2007.
[23] M.E. Lesk and E. Schmidt, "Lex—A Lexical Analyzer Generator," technical report, Bell Telephone Laboratories, 1975.
[24] The Extended Osip Library, projectsexosip , 2003.
[25] R.A. DeMillo, R.J. Lipton, and F.G. Sayward, "Hints on Test Data Selection: Help for the Practicing Programmer," Computer, vol. 11, no. 4, pp. 34-41, Apr. 1978.
[26] R. Sparks, A. Hawrylyshen, A. Johnston, J. Rosenberg, and H. Schulzrinne, "Session Initiation Protocol (SIP) Torture Test Messages," Internet Eng. Task Force: RFC 4475, 2006.
[27] H. Agrawal, R. DeMillo, R. Hathaway, W. Hsu, W. Hsu, E. Krauser, R. Martin, A. Mathur, and E. Spafford, "Design of Mutant Operators for the C Programming Language," Technical Report SERC-TR-41-P, Software Eng. Research Center, Computer Science Dept., Purdue Univ., 1989.
[28] A. Moizard, The GNU oSIP Library, softwareosip, 2001.
[29] Livemedia: Streaming Media, http:/, 2010.
[30] The Videolan Project, http://www.videolan.orgvlc, 2010.
[31] Linphone, An Open-Source SIP Video-Phone for Linux and Windows, http:/, 2010.
[32] Sofia-SIP, , 2006.
[33] Exmap-Console, http://projects.o-hand.comexmap-console, 2010.
[34] M. Musuvathi and D. Engler, "Model Checking Large Network Protocol Implementations," Proc. First Conf. Symp. Networked Systems Design and Implementation, pp. 155-168, Mar. 2004.
21 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool