Back to overview

Finding Trojan Message Vulnerabilities in Distributed Systems

Type of publication Peer-reviewed
Publikationsform Proceedings (peer-reviewed)
Publication date 2014
Author Banabic Radu, Candea George, Guerraoui Rachid,
Project Trustworthy Cloud Storage
Show all

Proceedings (peer-reviewed)

Title of proceedings ASPLOS '14 Proceedings of the 19th international conference on Architectural support for programming
Place Salt Lake City Utah USA
DOI 10.1145/2541940.2541984


Trojan messages are messages that seem correct to the receiver but cannot be generated by any correct sender. Such messages constitute major vulnerability points of a distributed system---they constitute ideal targets for a malicious actor and facilitate failure propagation across nodes. We describe Achilles, a tool that searches for Trojan messages in a distributed system. Achilles uses dynamic white-box analysis on the distributed system binaries in order to infer the predicate that defines messages parsed by receiver nodes and generated by sender nodes, respectively, and then computes Trojan messages as the difference between the two. We apply Achilles on implementations of real distributed systems: FSP, a file transfer application, and PBFT, a Byzantine-fault-tolerant state machine replication library. Achilles discovered a new bug in FSP and rediscovered a previously known vulnerability in PBFT. In our evaluation we demonstrate that our approach can perform orders of magnitude better than general approaches based on regular fuzzing and symbolic execution.