Product Details
GadgetCA: A Tool for Generating ReDoS Attacks
Created: 2022
Czech title
GadgetCA - Nástroj pro generování ReDoS útoků
Type
software
License
In order to use the result by another entity, it is always necessary to acquire a license
License Fee
The licensor does not require a license fee for the result
Authors
Holík Lukáš, doc. Mgr., Ph.D.
(DITS)
Holíková Lenka, Ing., Ph.D. (DITS)
Homoliak Ivan, doc. Ing., Ph.D. (DITS)
Lengál Ondřej, Ing., Ph.D. (DITS)
Vojnar Tomáš, prof. Ing., Ph.D. (DITS)
Veanes Margus
Holíková Lenka, Ing., Ph.D. (DITS)
Homoliak Ivan, doc. Ing., Ph.D. (DITS)
Lengál Ondřej, Ing., Ph.D. (DITS)
Vojnar Tomáš, prof. Ing., Ph.D. (DITS)
Veanes Margus
Keywords
regular expressions, pattern matching, security, counting-set automata, ReDoS, generator
Description
The tool allows to generate ReDoS attacks for automata-based matchers. It is the first generator capable of attacking the automata-based matchers using bounded repetition. It is based on counting-set automata (CsA) which are small and can be constructed faster than deterministic counting automata (DFA).
Location
Nástroj i dokumentaci lze získat na URL: http://www.fit.vutbr.cz/research/groups/verifit/tools/gadgetca
License Conditions
Free software under the terms of GNU GPL (cf. http://www.gnu.org/licenses/gpl.html).
Projects
Efficient Finite Automata for Automated Reasoning, MŠMT, ERC CZ, LL1908, 2020-2024, running
Scalable Techniques for Analysis of Complex Properties of Computer Systems, GACR, Standardní projekty, GA20-07487S, 2020-2022, running
Spolehlivé, bezpečné a efektivní počítačové systémy, BUT, Vnitřní projekty VUT, FIT-S-20-6427, 2020-2023, completed
Scalable Techniques for Analysis of Complex Properties of Computer Systems, GACR, Standardní projekty, GA20-07487S, 2020-2022, running
Spolehlivé, bezpečné a efektivní počítačové systémy, BUT, Vnitřní projekty VUT, FIT-S-20-6427, 2020-2023, completed
Research groups
Automated Analysis and Verification Research Group - VeriFIT (RG VERIFIT)
IT Security Research Group (RG Security@FIT)
IT Security Research Group (RG Security@FIT)
Departments