Automated security testing with Flinder
This presentation is the property of its rightful owner.
Sponsored Links
1 / 10

Danger of programming bugs PowerPoint PPT Presentation


  • 42 Views
  • Uploaded on
  • Presentation posted in: General

Automated security testing with Flinder SEARCH-LAB Security Evaluation Analysis and Research Laboratory Ltd. Danger of programming bugs. “Every interesting program contains at least one variable, at least one cycle and at least one bug. ” – Murphy ’s law

Download Presentation

Danger of programming bugs

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Danger of programming bugs

Automated security testing with FlinderSEARCH-LAB Security Evaluation Analysis and Research Laboratory Ltd.


Danger of programming bugs

Danger of programming bugs

  • “Every interesting program contains

    • at least one variable,

    • at least one cycle and

    • at least one bug.” – Murphy’s law

  • Global security danger of programming bugs

    • Automated intrusions

    • Virus spreading

    • With the help of cracked computers it is possible to

      • operate illegal web servers

      • distribute spam

      • carry out phishing

      • commit credit card fraud

  • Any application can contain a bug!

Automated security testing with Flinder


Security testing

Security testing

Programming bugs

Security-relevant programming bugs

Typical security-relevant programming bugs

FLINDER

Exploitable security holes

Automated security testing with Flinder


Automated testing and verification

Automated testing and verification

  • Formal verification

    • Requires the specification of correct behavior

  • Static source code analysis

    • Complexity problems

    • Many false positives

  • Test-based evaluation

    • Test vector generation

    • Detection of typical bugs

    • Detects true positives, but not necessarily all

    • Can be used without the source code

Automated security testing with Flinder


Black box white box testing

Black-box & white-box testing

  • Black-box testing

    • Analysis of concrete protocols

    • Complex description of the input

    • Fuzzing: manipulation of existing input

      • Less and scalable customization needs

  • White-box testing

    • Test vector generation based on source code evaluation

    • Fault injection

Automated security testing with Flinder


Flinder features

Flinder features

  • Looks for typical security-relevant programming bugs

  • Test-based evaluation

    • Black-box and white-box test modes

    • From applications to complex protocols

  • Required from the developer

    • Input Generator – according to the correct behavior

    • Input format description (XML-based)

    • Protocol Statechart (UML state machine)

  • Re-usable generic test algorithms for typical bugs

    • Proactive, multiple-step testing considering former reactions of the ToE

  • Cryptographic support

    • Plug-ins for cipher and compression methods

Automated security testing with Flinder


Fuzzing

Fuzzing...

  • By definition: fuzzing is algorithmic modification of binary input

    • Fuzzing based on descriptors

    • Random fuzzing

    • Reactively iterating fuzzing

  • Different fuzzers

    • Conformance checking

    • Stress test

    • Testing typical mistakes

Automated security testing with Flinder


And more

... and more

  • Flinder can

    • Parse and serialize protocol messages

    • Decode and encode cryptograms, compressed data

    • Follow complex protocols

      • like IPSec, TCP, SSL

    • Test Logic works on field level

    • Generic test algorithms

      • can be applied for different ToEs, protocols, messages and fields without modification

Automated security testing with Flinder


Flinder modules

TOE

Flinder modules

IG Actuator

TOE Actuator

Input Generator

IG Capturer

TOE Capturer

IG Dispatcher

TOE Dispatcher

Parser

Serializer

Protocol Logic

Test Logic

Automated security testing with Flinder


Example typical mistakes

OK

ERROR

REJECTION

Example typical mistakes

  • Buffer Overflow

    • With successiveapproximation

  • Signedness bug

  • Integer Overflow

  • Encoding bug

    • Unicode bug

if ((unsigned int) i < 0)

if (i*256 <= 1024)

Automated security testing with Flinder


  • Login