1 / 1

Achieving Trusted Systems by Providing Security and Reliability A Finite State Machine Methodology for Analyzing Securit

Shuo Chen, Zbigniew Kalbarczyk, Jun Xu, Ravishankar K. Iyer. Motivations. Overview of the Analysis Approach. Effectiveness of the FSM methodology. Achieving Trusted Systems by Providing Security and Reliability A Finite State Machine Methodology for Analyzing Security Vulnerabilities.

helen
Download Presentation

Achieving Trusted Systems by Providing Security and Reliability A Finite State Machine Methodology for Analyzing Securit

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shuo Chen, Zbigniew Kalbarczyk, Jun Xu, Ravishankar K. Iyer Motivations Overview of the Analysis Approach Effectiveness of the FSM methodology Achieving Trusted Systems by Providing Security and ReliabilityA Finite State Machine Methodology for Analyzing Security Vulnerabilities • Major Data Source: Bugtraq • Data in Bugtraq are well organized and suitable for statistical analysis. • Three steps of the analysis • Statistical study on Bugtraq database • In-depth study on vulnerability reports and corresponding source codes. • Develop a FSM (finite state machine) methodology to model the vulnerabilities, based on the observations, from the analyzed data. • General Objectives • Understand the characteristics of security vulnerabilities • Identification of root causes of security vulnerabilities can help us prevent and detect them • Specific Objectives • How are security vulnerabilities distributed among different categories? • What are the limitations of existing techniques of security vulnerability analysis? • How to develop a new analysis technique to overcome the limitations. • Enables modeling a variety of security vulnerabilities, including stack overflow, heap overflow, signed integer overflow, format string vulnerability, and file race conditions. • Identify reasoning flaws as root causes of the analyzed security vulnerabilities. • Helps uncovering application vulnerabilities. • E.g., a new remotely exploitable heap overflow vulnerability, which is now published in Bugtraq, has been discovered using this approach. In-depth Analysis of Vulnerability Reports Statistical Analysis: Bugtraq Vulnerability Classification Case 1: Sendmail Debugging Function Signed Integer Overflow • Observations • Observation 1: exploits must pass through multiple elementary activities • Observation 2: exploiting a vulnerability involves multiple vulnerable operations on several objects. • Observation 3: for each elementary activity, the vulnerability data and corresponding code inspections allow us to define a predicate, which if violated, naturally results in a security vulnerability. • These observations motivate development of a FSM model to depict security vulnerabilities. 5925 reports of security vulnerabilities (Nov.30 2002) Case 2: NULL HTTPD Heap Overflow Common pFSM Types Future Directions Three common pFSM types are identified, corresponding to three common reasoning flaws in programs • Automate the FSM analysis of vulnerabilities • Each pFSM indicates a vulnerability, also an opportunity of detection. How to build protection mechanisms based on FSM? • Study the common impacts of security vulnerabilities, e.g., what are common activities of viruses?

More Related