Approche langage au développement du support protocolaire d'applications réseaux

A network application communicates with other applications according to a set of rules known as a protocol. This communication is managed by the part of the application known as the protocolhandling layer. This protocol-handling layer enables the manipulation of protocol messages. This layer is a critical component of a network application since it represents the interface between the application and the outside world. It must thus satisfy two constraints : it must be efficient to be able to treat a large number of messages and it must be robust to face various attacks targetting the application itself or the underlying platform. Despite these constraints, the development process of this protocol-handling layer still remains rudimentary and requires a high level of expertise. It consists of translating the protocol specification written in a high level formalism such as ABNF towards low level code such as C. The gap between these abstraction levels can entail many errors. This thesis proposes a new language-based approach to the development of protocol-handling layers, to improve their robustness without compromising their performance. Our approach is based on the use of a domain-specific language, Zebu, to specify the protocol-handling layer of network applications that use textual application protocols à la HTTP. The Zebu syntax is very close to that of ABNF, facilitating the adoption of Zebu by domain experts. By annotating the original ABNF specification of a protocol, the Zebu user can dedicate the protocol-handling layer to the needs of a given application. The Zebu compiler first checks the annotated specification for inconsistencies and then generates a protocol-handling layer according to the provided annotations. This protocolhandling layer is made of a set of data structures that represent a message, a parser that fills in these data structures and various stub functions to access these data structures or drive the parsing of a message. By default, the generated message parser only accepts messages that strictly conform to the protocol. This validation criteria can be relaxed for more flexibility and better performance. The contributions of this thesis are as follows : – We carry out a complete analysis of the network application domain. Guided by the results of this domain analysis, we identify the input parameters of the design of a domain-specific language. – We present the design of a declarative domain-specific language, Zebu, for specifying a protocolhandling layer dedicated to a given application. We have developed various specifications to validate the expressiveness of the language. – We describe a Zebu compiler that generates C code that can be used with the Linux operating system. We experimentally assess the robustness of protocol-handling layers generated using the Zebu approach, and find that four times more invalid messages are detected by a Zebu-based protocol-handling layer than by equivalent protocol-handling layer. – We perform performance experiments on various protocol-handling layers in real conditions, and find that the use of Zebu incurs no significant performance penalty for an equivalent degree of robustness. The approach based on the use of domain-specific languages that we propose in this thesis opens up new possibilities for the development of the robust and efficient network applications.