A deep, pervasive problem when attempting to secure modern computer networks arises from the bewildering range of applications that these networks carry. Unless a specific application is understood, its presence cannot be soundly monitored and controlled. Yet we have seen in the past decade the rise and use of many hundreds of applications, a growth far outpacing the ability of security practitioners to apprehend their individual operation and implications. This research effort aims to facilitate pervasive understanding and control of the wealth of application protocols running on today's networks. Developing in-depth visibility into these protocols will perforce lead to new capabilities for exposing the inner-workings of modern applications that have yet to be well understood within the community. Such understanding will provide pragmatic, high-impact functionality, since operators will be able to directly incorporate this information in their monitoring efforts. A key goal of the undertaking is to facilitate the means by which the broader network research community can work together to jointly construct application analysis resources that are shared across the field. The project envisions a "lingua franca" for expressing application protocol structure and semantics that moves beyond the status quo by providing a common platform and language for expressing a wide range of semantics and analyses. While the focus within our project is on application analysis for purposes of monitoring and securing networks, the tools we develop will often lend themselves to repurposing in support of other networking concerns such as network management, trouble-shooting, and performance optimization.
CT-L: Collaborative Research: Comprehensive Application Analysis and Control