Symposium sur la sécurité des technologies de l'information et des communications

Conférence francophone sur le thème de la sécurité de l'information.
Elle se déroulera à Rennes du 3 au 5 juin 2026.

Using Active Automata Learning to Find Vulnerabilities in Network StacksAina Toky Rasoamanana, Olivier Levillain, Yohan Pipereau


Date : 05 juin 2026 à 14:15 — 30 min.

Network protocol implementations (stacks) are pervasive in our modern systems. Indeed, we rely on various protocols on a daily basis, the most proeminent thereof being TLS. One of the problem with network stacks is that they can exhibit wrong transitions in their state machines, which can lead to security issues. This is especially true when protocols are specified using natural language, which encourages ambiguities and discrepancies between implementations.

In this paper, we present a black-box approach to study real-world implementation and their internal state machines. Our methodology relies on Active Automata Learning to infer the behavior of a given stack. Using this approach, we were able to reproduce existing bugs and uncover new vulnerabilities, including authentication bypasses in TLS and SSH.