1 / 10

Danger of programming bugs

Automated security testing with Flinder SEARCH-LAB Security Evaluation Analysis and Research Laboratory Ltd. Danger of programming bugs. “Every interesting program contains at least one variable, at least one cycle and at least one bug. ” – Murphy ’s law

quyn-case
Download Presentation

Danger of programming bugs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automated security testing with FlinderSEARCH-LAB Security Evaluation Analysis and Research Laboratory Ltd.

  2. Danger of programming bugs • “Every interesting program contains • at least one variable, • at least one cycle and • at least one bug.” – Murphy’s law • Global security danger of programming bugs • Automated intrusions • Virus spreading • With the help of cracked computers it is possible to • operate illegal web servers • distribute spam • carry out phishing • commit credit card fraud • Any application can contain a bug! Automated security testing with Flinder

  3. Security testing Programming bugs Security-relevant programming bugs Typical security-relevant programming bugs FLINDER Exploitable security holes Automated security testing with Flinder

  4. Automated testing and verification • Formal verification • Requires the specification of correct behavior • Static source code analysis • Complexity problems • Many false positives • Test-based evaluation • Test vector generation • Detection of typical bugs • Detects true positives, but not necessarily all • Can be used without the source code Automated security testing with Flinder

  5.   Black-box & white-box testing • Black-box testing • Analysis of concrete protocols • Complex description of the input • Fuzzing: manipulation of existing input • Less and scalable customization needs • White-box testing • Test vector generation based on source code evaluation • Fault injection Automated security testing with Flinder

  6. Flinder features • Looks for typical security-relevant programming bugs • Test-based evaluation • Black-box and white-box test modes • From applications to complex protocols • Required from the developer • Input Generator – according to the correct behavior • Input format description (XML-based) • Protocol Statechart (UML state machine) • Re-usable generic test algorithms for typical bugs • Proactive, multiple-step testing considering former reactions of the ToE • Cryptographic support • Plug-ins for cipher and compression methods Automated security testing with Flinder

  7.   Fuzzing... • By definition: fuzzing is algorithmic modification of binary input • Fuzzing based on descriptors • Random fuzzing • Reactively iterating fuzzing • Different fuzzers • Conformance checking • Stress test • Testing typical mistakes Automated security testing with Flinder

  8. ... and more • Flinder can • Parse and serialize protocol messages • Decode and encode cryptograms, compressed data • Follow complex protocols • like IPSec, TCP, SSL • Test Logic works on field level • Generic test algorithms • can be applied for different ToEs, protocols, messages and fields without modification Automated security testing with Flinder

  9. TOE Flinder modules IG Actuator TOE Actuator Input Generator IG Capturer TOE Capturer IG Dispatcher TOE Dispatcher Parser Serializer Protocol Logic Test Logic Automated security testing with Flinder

  10. OK ERROR REJECTION Example typical mistakes • Buffer Overflow • With successiveapproximation • Signedness bug • Integer Overflow • Encoding bug • Unicode bug if ((unsigned int) i < 0) if (i*256 <= 1024) Automated security testing with Flinder

More Related