[1] | Hakan Kvarnstrom.
A survey of commercial tools for intrusion detection.
Technical report, Chalmers University of Technology, 1999. BibTeX entry, Available here |
[2] | Thomas H. Ptacek and Timothy N. Newsham.
Insertion, evasion and denial of service: Eluding network intrusion
detection.
Technical report, Secure Networks, Inc., 1998. BibTeX entry, Available here |
[3] | Stefan Axelsson.
Research in intrusion-detection systems: A survey.
Technical report, Chalmers University of Technology, 1999. BibTeX entry, Available here |
[4] | Xiaoming Liu, Robbert van Renesse, Mark Bickford, Christoph Kreitz, and Robert
Constable.
Protocol switching: Exploiting meta properties.
In Proceedings of International Workshop on Applied Reliable
Group Communication, 2001. BibTeX entry, Available here |
[5] | Jason Hickey, Nancy Lynch, and Robbert van Renesse.
Specifications and proofs for ensemble layers.
In Proceedings of TACAS'99. Springer, MAy 1999. BibTeX entry, Available here |
[6] | Ahmed Helmy and Deborah Estrin.
Simulation-based `STRESS' Testing Case Study.
In Sixth International Symposium on Modeling, Analysis
and Simulation of Computer and Telecommunication Systems (MASCOTS),
July 1998. BibTeX entry, Compressed PS |
[7] | Ahmed Helmy, Deborah Estrin, and Sandep Gupta.
Fault-oriented Test Generation for Multicast Routing
Protocol Design.
In Formal Description Techniques & Protocol
Specification, Testing, and Verification (FORTE/PSTV) IFIP,
November 1998. BibTeX entry, Compressed PS |
[8] | Yan Yu, Deborah Estrin, and Sandeep Gupta.
Worst case performance analysis of wireless ad-hoc routing protocols:
Case studies.
Technical Report 00-730, USC, 2000.
Submitted for Publication. BibTeX entry, Compressed PS |
[9] | John R. Callahan, Stephen M. Easterbrook, and Todd L. Montgomery.
Generating test oracles via model checking, 1998.
Unpublished, working paper. Available at
http://research.ivv.nasa.gov/projects/blurbs/FormalTesting.html. BibTeX entry, Compressed PDF |
[10] | J. Callahan and F. Schneide.
Specification-based testing using model checking.
In 1996 SPIN Workshop, Rutgers University, August 1996. BibTeX entry, Compressed PS
|
[11] | X. Du, S.A. Smolka, and R. Cleaveland.
Local model checking and protocol analysis.
Software Tools for Technology Transfer, 2(3):219-241,
November 1999. BibTeX entry, Compressed PS |
[12] | X. Du, K.T. McDonnell, E. Nanos, Y.S. Ramakrishna, and S.A. Smolka.
Software Design, Specification, and Verification: Lessons
learned from the Rether case study.
In Proceedings of the Sixth International Conference on
Algebraic Methodology and Software Technology (AMAST'97), Sydney,
Australia, December 1997. BibTeX entry, Compressed PS |
[13] | Abdel Mokkedem, Ravi Hosabettu, and Ganesh Gopalakrishnan.
Formalization and Proof of a Solution to the PCI 2.1 Bus
Transaction Ordering Problem.
In Ganesh Gopalakrishnan and Phillip Windley, editors, Formal
methods in computer aided design: second internaitonal conference, FMCAD '98,
Palo Alto, CA, USA, November 1998. BibTeX entry, Compressed PS |
[14] | Vijay Nagasamy, Sreeranga Rajan, and Preeti R. Panda.
Fibre channel protocol: Formal specification and verification.
In Sixth Annual Silicon Valley Networking Conference. SysTech
Research, April 1995. BibTeX entry, Compressed PS |
[15] | J. R. Callahan and T. L. Montgomery.
An Approach to Verification and Validation of a Reliable
Multicasting Protocol.
In International Symposium on Software Testing and
Analysis (ISSTA'96), January 1996. BibTeX entry, Compressed PS
|
[16] | Mark A. Smith.
Formal verification of Communication Protocols.
In Formal Description Techniques & Protocol
Specification, Testing, and Verification (FORTE/PSTV) IFIP, pages
129-144, October 1996. BibTeX entry, Compressed PS |
[17] | J.J. Garcia-Luna-Aceves and Shree Murthy.
A Loop-Free Path-Finding Algorithm: Specification,
Verification and Complexity.
In Proceedings of IEEE INFOCOM '95, April 1995. BibTeX entry, Compressed PS |
[18] | Shree Murthy and J.J.Garcia-Luna-Aceves.
A Routing Protocol for Wireless Networks.
Mobile Networks and Nomadic Applications (NOMAD),
October 1996.
Special Issue on Routing in Mobile Communication Network. BibTeX entry, Compressed PS
|
[19] | D. Cypher, D. Lee, M. Martin-Villalba, C. Prins, and D. Su.
Formal Specification, Verification, and Automatic Test
Generation of ATM Routing Protocol: PNNI.
In Formal Description Techniques & Protocol
Specification, Testing, and Verification (FORTE/PSTV) IFIP,
November 1998. BibTeX entry, PDF |
[20] | Richard O. Sinnott and Kenneth J. Turner.
Applying formal methods to standard development: The Open
Distributed Processing experience.
Computer Standards and Interfaces, 17:615-630, October 1995. BibTeX entry, Compressed PS |
[21] | Abdel Mokkedem, Ravi Hosabettu, Michael D. Jones, and Ganesh Gopalakrishnan.
Formalization and Analysis of a Solution to the PCI 2.1 Bus
Transaction Ordering Problem.
Formal Methods in System Design, 16(1):93-119, January 2000. BibTeX entry, Compressed PS |
[22] | Kenneth L. McMillan, Shaz Qadeer, and James B. Saxe.
Induction in compositional model checking.
In Twelfth International Conference on Computer Aided
Verification (CAV 2000), 2000.
To Appear. BibTeX entry, Compressed PS |
[23] | Olaf Muller and Tobias Nipkow.
Combining model checking and deduction for i/o-automata.
In Proceedings of the Workshop on Tools and Algorithms for the
Construction and Analysis of Systems, May 1995. BibTeX entry, Compressed PS
|
[24] | N. Shankar.
PVS: Combining specification, proof checking, and model checking.
In Mandayam Srivas and Albert Camilleri, editors, Formal Methods
in Computer-Aided Design (FMCAD '96), volume 1166 of Lecture Notes in
Computer Science, pages 257-264, Palo Alto, CA, November 1996.
Springer-Verlag. BibTeX entry, Compressed PS
|
[25] | Edmund M. Clarke and Jeannette M. Wing.
Formal Methods: State of the Art and Future Directions.
ACM Computing Surveys, 28(4):626-643, December 1996.
report by the Working Group on Formal Methods for the ACM
Workshop on Strategic Directions in Computing Research. BibTeX entry, Compressed PS
|
[26] | V. Paxson.
Bro: A System for Detecting Network Intruders in
Real-Time.
Computer Networks, 31:2435-2463, 14 December 1999.
This paper is a revision of paper that previously appeared in Proc.
7th USENIX Security Symposium , January 1998. BibTeX entry, Compressed PS |
[27] | D.J. Richardson, S. Leif Aha, and T.O. O'Malley.
Specification-Based Oracles for Reactive Systems.
In 14th International Conference on Software
Engineering, May 1992. BibTeX entry, Compressed PS
|
[28] | Laura K. Dillon and Y.S. Ramakrishna.
Generating Oracles from Your Favorite Temporal Logic
Specifications.
In Proc. 4th ACM SIGSOFT Symp. Foundations of Software
Engineering, San Francisco, pages 106-117, October 1996. BibTeX entry, Compressed PS
|
[29] | T.O. O'Malley, D.J. Richardson, and L.K. Dillon.
Efficient Specification-Based Test Oracles.
In Second California Software Symposium (CSS'96), April
1996. BibTeX entry, Compressed PS
|
[30] | D.J. Richardson.
TAOS: Testing with Analysis and Oracle Support.
In Proceedings of the International Symposium on Software
Testing and Analysis, August 1994. BibTeX entry, Compressed PS
|
[31] | L. Jagadeesan, C. Puchol, and J. Von Olnhausen.
Safety property verification of esterel programs and applications to
telecommunications software.
In Proceedings of the 7th International Conference on Computer
Aided Verification, volume 939 of Lecture Notes in Computer Science,
pages 127-140, July 1995. BibTeX entry, Available here |
[32] | L. J. Jagadeesan, A. Porter, C. Puchol, J. C. Ramming, and L.G.Votta.
Specification-based testing of reactive software: Tools and
experiments.
In Proceedings of the International Conference on Software
Engineering, May 1997. BibTeX entry, PS
We have built a set of tools to automatically test software applications for violations of safety properties expressed in
temporal logic. Our testing system automatically constructs finite state machine oracles corresponding to safety properties,
builds test harnesses, and integrates them with an application. The test harness then generates inputs automatically to test
the application.
We describe a study examining the feasibility of this approach for testing industrial applications. To conduct this study we
formally modeled an Automatic Protection Switching system (APS), which is an application common to many telephony
systems. We then asked a number of computer science graduate students to develop several versions of the APS and
use our tools to test them. We found that the tools are very effective, save significant amounts of human effort (at the
expense of machine resources), and are easy to use. We also discuss improvements that are needed before we can use
the tools with professional developers building commercial
products.
|
[33] | Laura K. Dillon and Q. Yu.
Oracles for Checking Temporal Properties of Concurrent
Systems.
In Proceedings of the 2nd ACM SIGSOFT Symposium on
Foundations of Software Engineering (SIGSOFT'94), volume 19, pages
140-153, December 1994.
Proceedings published as Software Engineering Notes. BibTeX entry, Compressed PS
|
[34] | V. Paxson.
End-to-end internet packet dynamics.
In ACM SIGCOMM '97, September 1997. BibTeX entry, PS |
[35] | V. Paxson.
Automated Packet Trace Analysis of TCP Implementations.
In ACM SIGCOMM '97, September 1997. BibTeX entry, Compressed PS |
[36] | A. Petrenko, N. Yevtushenko, and G.v. Bochmann.
Testing deterministic implementations from nondeterministic FSM
specifications.
In Proc. of 9th International Workshop on Testing of
Communicating Systems (IWTCS'96), pages 125-140, 1996. BibTeX entry, Compressed PS |
[37] | S.A. Ezust and G.v. Bochmann.
An Automatic Trace Analysis Tool Generator for Estelle
Specifications.
Computer Communication Review, 25(4):175-184, October
1995.
Proceedings of ACM SIGCOMM 95 Conference. BibTeX entry, Compressed PS |
[38] | G.v. Bochmann, D. Desbiens, M. Dubuc, D. Ouimet, and F.
Saba.
Test result analysis and validation of test verdicts.
In Proc. Workshop on Protocol Test Systems (IFIP),
1990. BibTeX entry, Compressed PS
|
[39] | G.v. Bochmann and O. Bellal.
Test result analysis with respect to formal specifications.
In Proc. 2-nd Int. Workshop on Protocol Test Systems,
Berlin, pages 272-294, October 1989. BibTeX entry, Compressed PS
|
[40] | G.v. Bochmann, R. Dssouli, and J.R. Zhao.
Trace analysis for conformance and arbitration testing.
IEEE Tr. on Soft. Eng., 15(11):1347-1356, November
1989. BibTeX entry |
[41] | Joshua D. Guttman.
Filtering postures: Local enforcement for global policies.
Technical report, The MITRE Corporation, 1997. BibTeX entry |
[42] | Joshua D. Guttman.
Filtering postures: Local enforcement for global policies.
In Proceedings of IEEE Symposium on Security and Privacy, 1997. BibTeX entry, Available here |
[43] | L. R. Ford Jr. and D. R. Fulkerson.
Flows in Networks.
Princeton University Press, 1962. BibTeX entry |
[44] | Debra Anderson, Thane Frivold, and Alfonso Valdes.
Next-generation intrusion detection expert system (NIDES) : A
summary.
Technical report, May 1995.
SRI-CSL-95-07. BibTeX entry |
[45] | Phillip A. Porras and Peter G. Neumann.
Emerald: Event monitoring enabling responses to anomalous live
disturbances.
In National Information Systems Security Conference, 1997. BibTeX entry, PS |
[46] | Sandeep Bajaj, Lee Breslau, Deborah Estrin, Sally Floyd Kevin Fall, Padma
Haldar, Mark Handley, Ahmed Helmy, John Heidemann, Polly Huang, Satish Kumar,
Steven McCanne, Reza Rejaie, Puneet Sharma, Kannan Varadhan, Ya Xu, Haobo Yu,
and Daniel Zappala.
Improving simulation for network research.
USC Technical Report 99-702, USC, 1999. BibTeX entry |
[47] | Kevin Fall and Kannan Varadhan.
ns Notes and Documentation.
The VINT Project, February 2000. BibTeX entry |
[48] | The VINT Project.
The ns Network Simulator.
Web Page.
Available at http://www-mash.CS.Berkeley.EDU/ns. BibTeX entry |
[49] | Dimitri P. Bertsekas and Robert Gallager.
Data Networks.
Prentice Hall, 1991. BibTeX entry |
[50] | Bhargav Bellur and Richard G. Ogier.
A reliable, efficient topology broadcast protocol for dynamic
networks.
In IEEE Infocomm. IEEE, 1999. BibTeX entry |
[51] | Christian Huitema.
Routing in the Internet.
Prentice Hall, 1995. BibTeX entry |
[52] | R. Perlman.
An algorithm for distributed computation of spanning trees in an
extended LAN.
In Proceedings of the Ninth Data Communications Symposium,
pages 44-53, September 1985. BibTeX entry |
[53] | R. Perlman.
Interconnections: Bridges and Routers.
Addison-Wesley, 1992. BibTeX entry |
[54] | C.-C. Chiang.
Routing in clustered multihop, mobile wireless networks with fading
channel.
In Proceedings of IEEE SICON '97, pages 197-211, April 1997. BibTeX entry |
[55] | Elizabeth M. Royer and Chai-Keong Toh.
A review of current routing protocols for ad hoc mobile wireless
networks.
IEEE Personal Communications, pages 46-55, April 1999. BibTeX entry |
[56] | Charles E. Perkins and Pravin Bhagwat.
Highly dynamic destination-sequenced distance-vector routing (DSDV)
for mobile computers.
Computer Communications Review, pages 234-244, October 1994. BibTeX entry, PS |
[57] | Zhengyu Xu, Sa Dai, and J.J. Garcia-Luna-Aceves.
A more efficient distance vector routing algorithm.
In Proceedings of Milcomm 97, pages 993-997. IEEE
Communications Society, 1997. BibTeX entry |
[58] | Bradley R. Smith, Shree Murthy, and J.J. Garcia-Luna-Aceves.
Securing distance-vector routing protocols.
In Proceedings of the 1997 Symposium on Network and Distributed
System Security, pages 85-92. IEEE Computer Society Press, February 1997. BibTeX entry |
[59] | David B. Johnson and David A. Maltz.
Dynamic source routing in ad hoc wireless networks.
Mobile Computing, pages 153-181, 1996. BibTeX entry, PS |
[60] | Josh Broch, David A. Maltz, David B. Johnson, Yih-Chun Hu, and Jorjeta
Jetcheva.
A performance comparison of multi-hop wireless ad hoc network routing
protocols.
In Proceedings of the Fourth Annual ACM/IEEE International
Conference on Mobile Computing and Networking, October 1998. BibTeX entry, PS |
[61] | Charles E. Perkins and Elizabeth M. Royer.
Ad-hoc on-demand distance vector routing.
In Proceedings of the 2nd IEEE Workshop on Mobile Computer
Systems and Applications, pages 90-100, February 1999. BibTeX entry, PS |
[62] | Timothy G. Griffin and Gordon Wilfong.
A safe path vector protocol.
In Proceedings of INFOCOM 2000 Conference, Tel Aviv, Israel,
March 2000. BibTeX entry, PS |
[63] | Timothy G. Griffin, F. Bruce Shepherd, and Gordon Wilfong.
Policy disputes in path-vector protocols.
In Proceedings of ICNP '99 Conference, Toronto, Canada,
October 1999. BibTeX entry, PS |
[64] | Timothy G. Griffin and Gordon Wilfong.
An analysis of BGP convergence properties.
In Guru Parulkar and Jonathan S. Turner, editors, Proceedings of
ACM SIGCOMM '99 Conference, pages 277-288, Boston, August 1999. BibTeX entry, PS |
[65] | K. Varadhan, R. Govindan, and D. Estrin.
Persistent route oscillations in inter-domain routing.
ISI Technical Report 96-631, USC/Information Sciences Institute,
1996. BibTeX entry, PS |
[66] | C. Labovitz, A. Ahuja, A. Bose, and F. Jahanian.
An experimental study of internet routing convergence.
Technical Report MSR-TR-2000-08, Microsoft Research, 2000. BibTeX entry, PS |
[67] | Tony Larsson and Nicklas Hedman.
Routing protocols in wireless ad-hoc networks-a simulation study.
Master's thesis, Luleå University of Technology, Stockholm, 1998. BibTeX entry, PDF |
[68] | Elsa L. Gunter.
Adding external decision procedures to hol90 securely.
In Theorem Proving in Higher Order Logics, 11th International
Conference TPHOLs '98, volume 1479. Springer-Verlag LNCS, September 1998. BibTeX entry, PS
|
[69] | John Rushby.
Critical system properties: Survey and taxonomy.
Technical Report CSL-93-01, SRI Internetional, 1993.
Revised February 1994. BibTeX entry, PS |
[70] | Home page for the SPIN model checker.
http://netlib.bell-labs.com/netlib/spin/whatispin.html. BibTeX entry |
[71] | Home page for the HOL interactive theorem proving system.
http://www.cl.cam.ac.uk/Research/HVG/HOL. BibTeX entry |
[72] | M. J. C. Gordon and T. F. Melham, editors.
Introduction to HOL: A theorem proving environment for higher
order logic.
Cambridge University Press, 1993. BibTeX entry |
[73] | Constance Heitmeyer, James Kirby, and Bruce Labaw.
Applying the SCR requirements method to a weapons control panel: An
experience report.
In Formal Methods in Software Practice. ACM SIGSOFT, March
1998. BibTeX entry |
[74] | Bernd Grobauer and Olaf Müller.
From I/O automata to timed I/O automata: A solution to the
`generalized railroad crossing' in Isabelle/HOLCF.
In Procedeedings of the Conference on Theorem Provers for Higher
Order Logic, 1999. BibTeX entry, PS |
[75] | Petere J. McCann and Gruia-Catalin Roman.
Modeling mobile ip in mobile unity.
ACM Transactions on Software Engineering and Methodology
(TOSEM), 8:115-146, 1999. BibTeX entry, PS |
[76] | H. Paul Lin.
Modeling a transport layer protocol using first order logic.
In SIGCOMM. ACM, 1986. BibTeX entry |
[77] | Monica Brockmeyer, Farnam Jahanian, Constance Heitmeyer, and Bruce Labaw.
A flexible, extensible environment for testing real-time
specifications.
In Proceedings of the IEEE Real-Time Technology and Applications
Symposium (RTAS), 1997. BibTeX entry
|
[78] | Constance Heitmeyer, Alan Bull, Carolyn Gasarch, and Bruce Labaw.
Scr*: A toolset for specifying and analyzing requirements.
In Proceedings of the 10th Annual IEEE Conference on COMPuter
ASSurance (COMPASS), 1995. BibTeX entry, PS |
[79] | Ulf Lindqvist and Phillip A. Porras.
Detecting computer and network misuse through the production-based
expert system toolset (P-BEST).
In Proceedings of the 1999 IEEE Symposium on Security and
Privacy, Oakland, California, May 1999. BibTeX entry, PDF |
[80] | Gerard J. Holzmann.
Design and Validation of Computer Protocols.
Prentice Hall, 1991.
http://cm.bell-labs.com/cm/cs/what/spin/Doc/Book91.html. BibTeX entry |
[81] | Time rover home page, 1997.
http://www.time-rover.com/. BibTeX entry |
[82] | Monitoring server, 1998.
http://www.compsvcs.com/somos.html. BibTeX entry |
[83] | Yingsha Liao and Donald Cohen.
A specificational approach to high level program monitoring and
measuring.
IEEE Transactions on Software Engineering, 18(11):969-979,
November 1992. BibTeX entry |
[84] | F. Jahanian and A. Goyal.
A formalism for monitoring real-time constraints at run-time.
20th Int. Symp. on Fault-Tolerant Computing Systems (FTCS-20),
pages 148-55, 1990. BibTeX entry
|
[85] | Aloysius K. Mok and Guangtian Liu.
Efficient run-time monitoring of timing constraints.
In IEEE Real-Time Technology and Applications Symposium, June
1997. BibTeX entry, PS |
[86] | Daniel Jackson, Yuchung Ng, and Jeannette Wing.
A nitpick analysis of mobile ipv6.
Technical report, Carnegie Mellon University, March 1998. BibTeX entry, PS |
[87] | J. C. Mitchell, V. Shmatikov, and U. Stern.
Finite-state analysis of SSL 3.0.
In Seventh USENIX Security Symposium, pages 201-216. USENIX,
San Antonio, 1998. BibTeX entry, PS |
[88] | I. Lee, S. Kannan, M. Kim, O. Sokolsky, and M.Viswanathan.
Runtime assurance based on formal specifications.
In Proceedings International Conference on Parallel and
Distributed Processing Techniques and Applications, 1999. BibTeX entry, Compressed PS |
[89] | Moonjoo Kim, Mahesh Viswanathan, Hanêne Ben-Abdallah, Sampath Kannan, Insup
Lee, and Oleg Sokolsky.
A framework for run-time correctness assurance of real-time systems.
Technical Report MS-CIS-98-37, University of Pennsylvania, 1998. BibTeX entry, PS |
[90] | Moonjoo Kim, Mahesh Viswanathan, Hanêne Ben-Abdallah, Sampath Kannan, Insup
Lee, and Oleg Sokolsky.
Formally specified monitoring of temporal properties.
In Proceedings European Conference on Real-Time Systems, 1999. BibTeX entry |
[91] | Michael Jackson and Pamela Zave.
Domain descriptions.
In Proceedings of the IEEE International Symposium on
Requirements Engineering, pages 56-64. IEEE Computer Society Press, 1992. BibTeX entry |
[92] | Pamela Zave and Michael Jackson.
Four dark corners of requirements engineering.
ACM Transactions on Software Engineering and Methodology,
6(1):1-30, January 1997. BibTeX entry, PDF |
[93] | Michael Jackson and Pamela Zave.
Deriving specifications from requirements: an example.
In Proceedings of the Seventeenth International Conference on
Software Engineering, pages 15-24. IEEE Computer Society Press, 1995. BibTeX entry, PDF |
[94] | Z. Manna and A. Pnueli.
The Temporal Logic of Reactive and Concurrent Systems.
Springer-Verlag, 1991. BibTeX entry |
[95] | Gerard J. Holzmann.
SPIN-formal verification.
Web Page.
Available at
http://netlib.bell-labs.com/netlib/spin/whatispin.html. BibTeX entry |
[96] | Gerard J. Holzmann.
The Spin Model Checker.
IEEE Trans. on Software Engineering, 23(5):279-295, May 1997. BibTeX entry, Compressed PS |
[97] | Martín Abadi and Leslie Lamport.
Composing specifications.
ACM Transactions on Programming Languages and Systems
(TOPLAS), 15:73-132, 1993. BibTeX entry, PS |