Improving network applications security a new heuristic to generate stress testing data
This presentation is the property of its rightful owner.
Sponsored Links
1 / 16

Improving Network Applications Security: a New Heuristic to Generate Stress Testing Data PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on
  • Presentation posted in: General

Improving Network Applications Security: a New Heuristic to Generate Stress Testing Data. Del Grosso et al. Presented by Conrad Pack. Overview. Buffer Overflow problem Network security Critical systems Testing to identify/remove vulnerabilities Combined static and dynamic approach

Download Presentation

Improving Network Applications Security: a New Heuristic to Generate Stress Testing Data

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Improving network applications security a new heuristic to generate stress testing data

Improving Network Applications Security: a New Heuristicto Generate Stress Testing Data

Del Grosso et al

Presented by Conrad Pack


Overview

Overview

  • Buffer Overflow problem

    • Network security

    • Critical systems

  • Testing to identify/remove vulnerabilities

    • Combined static and dynamic approach

    • Static slicing

    • Genetic algorithms (GAs) in dynamic search

      • New heuristic


Buffer overflow

Buffer Overflow

  • Incorrect handling of input

  • Data overwritten


Impact of buffer overflow

Impact of Buffer Overflow

  • Scope

    • Language variations (C++ vs. Java)

    • Prevalence of unaudited code

  • Over 50% of vulnerabilities (CERT)

  • Potential harm

    • Unauthorized access in network/security applications

    • Serious accidents in critical embedded systems


Overview of approach

Overview of Approach


Static analysis

Static Analysis

  • Tools

    • RatScan (front end to RATS)

    • Splint

  • Extracted Information

    • Potentially vulnerable source statements

    • Call to potentially unsafe functions/libraries

    • Estimated buffer sizes


Static slicing

Static Slicing

  • Software maintenance technique

    • “all program code that can in anyway affect the value of a given variable”

  • Inputs and source code relationship

    • Data dependency

    • Some inputs not tied to vulnerable statements

  • Tool: CodeSurfer (GrammaTech)

  • Purpose: Search space reduction


Test case generation using ga

Test Case Generation Using GA

  • GA aspects

    • Chromosome (2 dimensional array)

    • Crossover/mutation operators (whole/creep)

    • Fitness function (to follow)

    • Parameters

      • Number of generations (500)

      • Population size (70)

      • Propagation rules (2 best)

      • Probabilities (pcross = 0.7, pmut = 0.01)


Fitness

Fitness

  • GA is an optimization problem

  • Three Approaches

    • Vulnerable coverage fitness

    • Nesting fitness

    • Buffer boundary fitness

  • Correlation to crashes alone not enough

    • Flat landscape

    • Random search


Vulnerable coverage fitness

Vulnerable Coverage Fitness

  • Statement coverage

  • Vulnerable statement coverage

  • Number of vulnerable statement executions

  • Function

F(g) = w1 • scov + w2 • log(k) • vcov + w3 • crash


Nesting fitness

Nesting Fitness

  • Unconstrained nodes (graph theory)

    • Control flow graphs

    • Do not dominate any node

    • Do not postdominate any node

  • Often correspond with maximum nesting

  • Function

F(g) = w1 • scov + w2 • log(k) • vcov + w3 • nesting


Buffer boundary fitness

Buffer Boundary Fitness

  • Buffer boundaries in fitness calculation

    • Often difficult to precisely determine

    • Intended for future implementation

  • Distance from boundary by size estimate

    • Compile time (can’t always be determined)

  • Function

F(g) = w1 • scov + w2 • log(k) • vcov + w3 • nesting

+ w4 • maxi{minj(Li,j – SBi)}


Empirical results

Empirical Results

  • Two test programs

    • White noise generator (scientific application)

    • FTP client (network application)

  • Random search as a control

    • Pure random search

    • GA search with no fitness

  • White noise: fixed initial population

  • FTP: random initial populations


White noise generator results

White Noise Generator Results


Ftp client results

FTP Client Results


Personal conclusions

Personal Conclusions

  • Use of Genetic Algorithms in testing is compelling

  • Fitness Heuristic using source code is a valuable concept

  • Useful in large projects

  • Buffer overflow will likely have less importance over time

  • GA assumptions


  • Login