Abstract Interpretation of Stateful Networks

Kalev Alpernas; Roman Manevich; Aurojit Panda; Mooly Sagiv; Scott Shenker; Sharon Shoham; Yaron Velner

doi:10.1007/978-3-319-99725-4_8

Abstract Interpretation of Stateful Networks

Kalev Alpernas, Roman Manevich, Aurojit Panda, Mooly Sagiv, Scott Shenker, Sharon Shoham, Yaron Velner

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

8 Scopus citations

Abstract

Modern networks achieve robustness and scalability by maintaining states on their nodes. These nodes are referred to as middleboxes and are essential for network functionality. However, the presence of middleboxes drastically complicates the task of network verification. Previous work showed that the problem is undecidable in general and EXPSPACE-complete when abstracting away the order of packet arrival. We describe a new algorithm for conservatively checking isolation properties of stateful networks. The asymptotic complexity of the algorithm is polynomial in the size of the network, albeit being exponential in the maximal number of queries of the local state that a middlebox can do, which is often small. Our algorithm is sound, i.e., it can never miss a violation of safety but may fail to verify some properties. The algorithm performs on-the fly abstract interpretation by (1) abstracting away the order of packet processing and the number of times each packet arrives, (2) abstracting away correlations between states of different middleboxes and channel contents, and (3) representing middlebox states by their effect on each packet separately, rather than taking into account the entire state space. We show that the abstractions do not lose precision when middleboxes may reset in any state. This is encouraging since many real middleboxes reset, e.g., after some session timeout is reached or due to hardware failure.

Original language	English
Title of host publication	Static Analysis - 25th International Symposium, SAS 2018, Proceedings
Editors	Andreas Podelski
Publisher	Springer Verlag
Pages	86-106
Number of pages	21
ISBN (Print)	9783319997247
DOIs	https://doi.org/10.1007/978-3-319-99725-4_8
State	Published - 1 Jan 2018
Event	25th International Static Analysis Symposium, SAS 2018 - Freiburg, Germany Duration: 29 Aug 2018 → 31 Aug 2018

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11002 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	25th International Static Analysis Symposium, SAS 2018
Country/Territory	Germany
City	Freiburg
Period	29/08/18 → 31/08/18

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science (all)

Access to Document

10.1007/978-3-319-99725-4_8

Cite this

Alpernas, K., Manevich, R., Panda, A., Sagiv, M., Shenker, S., Shoham, S., & Velner, Y. (2018). Abstract Interpretation of Stateful Networks. In A. Podelski (Ed.), Static Analysis - 25th International Symposium, SAS 2018, Proceedings (pp. 86-106). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11002 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-99725-4_8

Alpernas, Kalev ; Manevich, Roman ; Panda, Aurojit et al. / Abstract Interpretation of Stateful Networks. Static Analysis - 25th International Symposium, SAS 2018, Proceedings. editor / Andreas Podelski. Springer Verlag, 2018. pp. 86-106 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5ec9b5c37bdf4f55a9afd0110f75b27f,

title = "Abstract Interpretation of Stateful Networks",

abstract = "Modern networks achieve robustness and scalability by maintaining states on their nodes. These nodes are referred to as middleboxes and are essential for network functionality. However, the presence of middleboxes drastically complicates the task of network verification. Previous work showed that the problem is undecidable in general and EXPSPACE-complete when abstracting away the order of packet arrival. We describe a new algorithm for conservatively checking isolation properties of stateful networks. The asymptotic complexity of the algorithm is polynomial in the size of the network, albeit being exponential in the maximal number of queries of the local state that a middlebox can do, which is often small. Our algorithm is sound, i.e., it can never miss a violation of safety but may fail to verify some properties. The algorithm performs on-the fly abstract interpretation by (1) abstracting away the order of packet processing and the number of times each packet arrives, (2) abstracting away correlations between states of different middleboxes and channel contents, and (3) representing middlebox states by their effect on each packet separately, rather than taking into account the entire state space. We show that the abstractions do not lose precision when middleboxes may reset in any state. This is encouraging since many real middleboxes reset, e.g., after some session timeout is reached or due to hardware failure.",

author = "Kalev Alpernas and Roman Manevich and Aurojit Panda and Mooly Sagiv and Scott Shenker and Sharon Shoham and Yaron Velner",

note = "Funding Information: Acknowledgments. We thank our anonymous shepherd, and anonymous referees for insightful comments which improved this paper. We thank LogicBlox for providing us with an academic license for their software, and Todd J. Green and Martin Bravenboer for providing technical support and helping with optimization. This publication is part of projects that have received funding from the European Research Council (ERC) under the European Union{\textquoteright}s Seventh Framework Program (FP7/2007– 2013)/ERC grant agreement no. [321174-VSSC], and Horizon 2020 research and innovation programme (grant agreement No. [759102-SVIS]). The research was supported in part by Len Blavatnik and the Blavatnik Family foundation, the Blavatnik Interdisciplinary Cyber Research Center, Tel Aviv University, and the Pazy Foundation. This material is based upon work supported by the United States-Israel Binational Science Foundation (BSF) grants No. 2016260 and 2012259. This research was also supported in part by NSF grants 1704941 and 1420064, and funding provided by Intel Corporation. Publisher Copyright: {\textcopyright} 2018, Springer Nature Switzerland AG.; 25th International Static Analysis Symposium, SAS 2018 ; Conference date: 29-08-2018 Through 31-08-2018",

year = "2018",

month = jan,

day = "1",

doi = "10.1007/978-3-319-99725-4_8",

language = "English",

isbn = "9783319997247",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "86--106",

editor = "Andreas Podelski",

booktitle = "Static Analysis - 25th International Symposium, SAS 2018, Proceedings",

address = "Germany",

}

Alpernas, K, Manevich, R, Panda, A, Sagiv, M, Shenker, S, Shoham, S & Velner, Y 2018, Abstract Interpretation of Stateful Networks. in A Podelski (ed.), Static Analysis - 25th International Symposium, SAS 2018, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11002 LNCS, Springer Verlag, pp. 86-106, 25th International Static Analysis Symposium, SAS 2018, Freiburg, Germany, 29/08/18. https://doi.org/10.1007/978-3-319-99725-4_8

Abstract Interpretation of Stateful Networks. / Alpernas, Kalev; Manevich, Roman; Panda, Aurojit et al.
Static Analysis - 25th International Symposium, SAS 2018, Proceedings. ed. / Andreas Podelski. Springer Verlag, 2018. p. 86-106 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11002 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Abstract Interpretation of Stateful Networks

AU - Alpernas, Kalev

AU - Manevich, Roman

AU - Panda, Aurojit

AU - Sagiv, Mooly

AU - Shenker, Scott

AU - Shoham, Sharon

AU - Velner, Yaron

N1 - Funding Information: Acknowledgments. We thank our anonymous shepherd, and anonymous referees for insightful comments which improved this paper. We thank LogicBlox for providing us with an academic license for their software, and Todd J. Green and Martin Bravenboer for providing technical support and helping with optimization. This publication is part of projects that have received funding from the European Research Council (ERC) under the European Union’s Seventh Framework Program (FP7/2007– 2013)/ERC grant agreement no. [321174-VSSC], and Horizon 2020 research and innovation programme (grant agreement No. [759102-SVIS]). The research was supported in part by Len Blavatnik and the Blavatnik Family foundation, the Blavatnik Interdisciplinary Cyber Research Center, Tel Aviv University, and the Pazy Foundation. This material is based upon work supported by the United States-Israel Binational Science Foundation (BSF) grants No. 2016260 and 2012259. This research was also supported in part by NSF grants 1704941 and 1420064, and funding provided by Intel Corporation. Publisher Copyright: © 2018, Springer Nature Switzerland AG.

PY - 2018/1/1

Y1 - 2018/1/1

N2 - Modern networks achieve robustness and scalability by maintaining states on their nodes. These nodes are referred to as middleboxes and are essential for network functionality. However, the presence of middleboxes drastically complicates the task of network verification. Previous work showed that the problem is undecidable in general and EXPSPACE-complete when abstracting away the order of packet arrival. We describe a new algorithm for conservatively checking isolation properties of stateful networks. The asymptotic complexity of the algorithm is polynomial in the size of the network, albeit being exponential in the maximal number of queries of the local state that a middlebox can do, which is often small. Our algorithm is sound, i.e., it can never miss a violation of safety but may fail to verify some properties. The algorithm performs on-the fly abstract interpretation by (1) abstracting away the order of packet processing and the number of times each packet arrives, (2) abstracting away correlations between states of different middleboxes and channel contents, and (3) representing middlebox states by their effect on each packet separately, rather than taking into account the entire state space. We show that the abstractions do not lose precision when middleboxes may reset in any state. This is encouraging since many real middleboxes reset, e.g., after some session timeout is reached or due to hardware failure.

AB - Modern networks achieve robustness and scalability by maintaining states on their nodes. These nodes are referred to as middleboxes and are essential for network functionality. However, the presence of middleboxes drastically complicates the task of network verification. Previous work showed that the problem is undecidable in general and EXPSPACE-complete when abstracting away the order of packet arrival. We describe a new algorithm for conservatively checking isolation properties of stateful networks. The asymptotic complexity of the algorithm is polynomial in the size of the network, albeit being exponential in the maximal number of queries of the local state that a middlebox can do, which is often small. Our algorithm is sound, i.e., it can never miss a violation of safety but may fail to verify some properties. The algorithm performs on-the fly abstract interpretation by (1) abstracting away the order of packet processing and the number of times each packet arrives, (2) abstracting away correlations between states of different middleboxes and channel contents, and (3) representing middlebox states by their effect on each packet separately, rather than taking into account the entire state space. We show that the abstractions do not lose precision when middleboxes may reset in any state. This is encouraging since many real middleboxes reset, e.g., after some session timeout is reached or due to hardware failure.

UR - http://www.scopus.com/inward/record.url?scp=85053597706&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-99725-4_8

DO - 10.1007/978-3-319-99725-4_8

M3 - Conference contribution

AN - SCOPUS:85053597706

SN - 9783319997247

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 86

EP - 106

BT - Static Analysis - 25th International Symposium, SAS 2018, Proceedings

A2 - Podelski, Andreas

PB - Springer Verlag

T2 - 25th International Static Analysis Symposium, SAS 2018

Y2 - 29 August 2018 through 31 August 2018

ER -

Alpernas K, Manevich R, Panda A, Sagiv M, Shenker S, Shoham S et al. Abstract Interpretation of Stateful Networks. In Podelski A, editor, Static Analysis - 25th International Symposium, SAS 2018, Proceedings. Springer Verlag. 2018. p. 86-106. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-319-99725-4_8

Abstract Interpretation of Stateful Networks

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this