Volume V, 2006
Dr. Zornitza Genova Prodanoff
This paper describes a class of insecure .NET client applications, which avoid higher layer protocol protection through using a “raw” send and receive API. The .NET Framework rests on many other Microsoft components, including the Windows Driver Model (WDM). This model supports four driver types, two of which were considered in this paper: protocol and miniport drivers. By compiling and executing client applications using the “raw” sockets interface, we demonstrate that insecure clients can be written with minimal programming effort (lines of code).
Melnik, Tatiana, "Microsoft .NET and Security Provided by High -Level Internet Protocols" (2006). All Volumes (2001-2008). Paper 65.