A platform for finding attacks in unmodified implementations of intrusion tolerant systems

We present Turret, a platform for automatically find- ing performance attacks in unmodified implementations of intrusion tolerant systems. In performance attacks, malicious nodes deviate from the protocol when sending or creating messages, with the goal of degrading system performance. Turret assumes that the user provides the intrusion tolerant system binary, the format of messages sent by the system, and the metrics that measure its per- formance. Our platform leverages virtualization to run the user-specified operating system and intrusion tolerant system binary and uses a well-known network emulator to tunnel the network traffic. We ran Turret on 5 systems and found 29 performance attacks, 23 of which were not previously reported to the best of our knowledge. Turret was able to find these attacks in a matter of hours.