AutoISES: Automatically Inferring Security Specification and Detecting Violations
نویسندگان
چکیده
The importance of software security cannot be overstated. In the past, researchers have applied program analysis techniques to automatically detect security vulnerabilities and verify security properties. However, such techniques have limited success in reality because they require manually provided code-level security specifications. Manually writing and generating these code-level security specifications are tedious and error-prone. Additionally, they seldom exist in production software. In this paper, we propose a novel method and tool, called AutoISES, which Automatically Infers Security Specifications by statically analyzing source code, and then directly use these specifications to automatically detect security violations. Our experiments with the Linux kernel and Xen demonstrated the effectiveness of this approach – AutoISES automatically generated 84 security specifications and detected 8 vulnerabilities in the Linux kernel and Xen, 7 of which have already been confirmed by the corresponding developers.
منابع مشابه
An Architecture for Specification-Based Detection of Semantic Integrity Violations in Kernel Dynamic Data
The ability of intruders to hide their presence in compromised systems has surpassed the ability of the current generation of integrity monitors to detect them. Once in control of a system, intruders modify the state of constantly-changing dynamic kernel data structures to hide their processes and elevate their privileges. Current monitoring tools are limited to detecting changes in nominally s...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کاملAutomatic Generation of Runtime Failure Detectors from Property Templates
Fine grained error or failure detection is often indispensable for precise, effective, and efficient reactions to runtime problems. In this chapter we describe an approach that facilitates automatic generation of efficient runtime detectors for relevant classes of functional problems. The technique targets failures that commonly manifest at the boundaries between the components that form the sy...
متن کاملCases of Limitations and Violations of the Principles of Moral and Criminal Law in the Study of Reasons for Crimes Against Security Based on Expediency
Background: In specific criminal law, security crimes are of special importance due to their harmful effects on the whole society and the country. One of the reasons for studying crimes against security is that the way and method of discovering and investigating the perpetrators of crimes against security is different from other crimes. The purpose of explaining the limitations and deviations f...
متن کاملHeterogeneous Security Policy Validation: From Formal to Executable Specifications
— This paper develops a prototyping technique for information systems security policies. Starting from the algebraic specification of a security policy, we derive an executable specification that represents a prototype of the actual policy. Executing the specification allows determining sequences of actions that lead to security policy violations. We propose a composition framework to build com...
متن کامل