34 research outputs found
Towards Vulnerability Discovery Using Staged Program Analysis
Full text linkEliminating vulnerabilities from low-level code is vital for securing
software. Static analysis is a promising approach for discovering
vulnerabilities since it can provide developers early feedback on the code they
write. But, it presents multiple challenges not the least of which is
understanding what makes a bug exploitable and conveying this information to
the developer. In this paper, we present the design and implementation of a
practical vulnerability assessment framework, called Melange. Melange performs
data and control flow analysis to diagnose potential security bugs, and outputs
well-formatted bug reports that help developers understand and fix security
bugs. Based on the intuition that real-world vulnerabilities manifest
themselves across multiple parts of a program, Melange performs both local and
global analyses. To scale up to large programs, global analysis is
demand-driven. Our prototype detects multiple vulnerability classes in C and
C++ code including type confusion, and garbage memory reads. We have evaluated
Melange extensively. Our case studies show that Melange scales up to large
codebases such as Chromium, is easy-to-use, and most importantly, capable of
discovering vulnerabilities in real-world code. Our findings indicate that
static analysis is a viable reinforcement to the software testing tool set.Comment: A revised version to appear in the proceedings of the 13th conference
on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA),
July 201
STATIC ANALYSIS OF SOURCE CODE MODELED FOR JAVA-PROGRAMS CONTAINING APPLICATIONS WITH ANDROID SECURITY
Get PDFΠΠ΄ΡΠΉΡΠ½Π΅Π½ΠΎ ΠΏΠΎΡΠ΄Π½Π°Π½Π½Ρ ΠΌΠ΅ΡΠΎΠ΄ΡΠ² ΡΡΠ°ΡΠΈΡΠ½ΠΎΠ³ΠΎ Π°Π½Π°Π»ΡΠ·Ρ Π· ΠΌΠΎΠ΄Π΅Π»Π»Ρ Π΄Π΅Π΄ΡΠΊΡΠΈΠ²Π½ΠΎΡ ΠΏΠ΅ΡΠ΅Π²ΡΡΠΊΠΈ ΠΉ Π²ΠΈΠΊΠΎΡΠΈΡΡΠ°Π½Π½ΡΠΌ ΡΡΡΠ΅Π½ΡΡΠ΅ΠΎΡΡΡ ΡΡΠ°ΡΠΈΡΠ½ΠΎΡ ΠΌΠΎΠ΄Π΅Π»Ρ (Π’Π‘Π) Π΄Π»Ρ ΡΡΠ²ΠΎΡΠ΅Π½Π½Ρ ΠΎΡΠ½ΠΎΠ²ΠΈ, ΡΠΊΠ°, Π²ΡΠ°Ρ
ΠΎΠ²ΡΡΡΠΈ Π°ΡΠΏΠ΅ΠΊΡ Π°Π½Π°Π»ΡΠ·Ρ Π²ΠΈΡ
ΡΠ΄Π½ΠΎΠ³ΠΎ ΠΊΠΎΠ΄Ρ,Π°Π²ΡΠΎΠΌΠ°ΡΠΈΡΠ½ΠΎ ΡΡΠ²ΠΎΡΡΡΡΡΡΡ Π·Π° Π΄ΠΎΠΏΠΎΠΌΠΎΠ³ΠΎΡ Π°Π½Π°Π»ΡΠ·Π°ΡΠΎΡΠ°, ΠΊΠΎΡΡΠΈΠΉ Π²ΠΈΠ²ΠΎΠ΄ΠΈΡΡ ΠΊΡΠ½ΡΠ΅Π²Ρ ΡΠ½ΡΠΎΡΠΌΠ°ΡΡΡ ΠΏΡΠΎ ΡΠ΅ΠΉ Π°ΡΠΏΠ΅ΠΊΡ.ΠΠ½Π°Π»ΡΠ·Π°ΡΠΎΡ Π³Π΅Π½Π΅ΡΡΡΡΡΡΡ ΡΠ»ΡΡ
ΠΎΠΌ ΠΏΠ΅ΡΠ΅ΠΊΠ»Π°Π΄Ρ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΈ Π΄Π»Ρ Π·Π±ΠΎΡΡ ΡΠ΅ΠΌΠ°Π½ΡΠΈΠΊΠΈ Π· ΠΌΠ΅ΡΠΎΡ Π²ΠΈΠΊΠ»Π°Π΄Π΅Π½Π½Ρ ΡΠΎΡΠΌΡΠ» Π² ΠΏΠ΅ΡΡΠΎΠΌΡ Π½Π°Π±Π»ΠΈΠΆΠ΅Π½Π½Ρ Π½Π° ΠΎΡΠ½ΠΎΠ²Ρ ΠΊΡΠ»ΡΠΊΠΎΡ
ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½ΠΈΡ
ΡΠ΅ΠΎΡΡΠΉ. ΠΡΠΊΡΠ»ΡΠΊΠΈ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠ° Π·Π΄ΡΠΉΡΠ½ΡΡ ΡΠΌΠΏΠΎΡΡ ΠΏΠ°ΠΊΠ΅ΡΡΠ² Ρ Π²ΠΈΠΊΠΎΡΠΈΡΡΠΎΠ²ΡΡ ΠΊΠ»Π°ΡΠΎΠ²Ρ ΠΌΠ΅ΡΠΎΠ΄ΠΈ ΡΠΈΡ
ΠΏΠ°ΠΊΠ΅ΡΡΠ², Π²ΠΎΠ½Π° ΡΠΌΠΏΠΎΡΡΡΡ ΡΠ΅ΠΌΠ°Π½ΡΠΈΠΊΡ Π²ΠΈΠΊΠ»ΠΈΠΊΡΠ² API Π² Π½Π°Π±Π»ΠΈΠΆΠ΅Π½Π½Ρ ΠΏΠ΅ΡΡΠΎΠ³ΠΎ ΠΏΠΎΡΡΠ΄ΠΊΡ. ΠΠ½Π°Π»ΡΠ·Π°ΡΠΎΡ, Π²ΠΈΠΊΠΎΡΠΈΡΡΠΎΠ²ΡΡΡΠΈ ΡΡ Π½Π°Π±Π»ΠΈΠΆΠ΅Π½Π½Ρ ΡΠΊ ΠΌΠΎΠ΄Π΅Π»Ρ ΡΠ° ΡΡ
ΡΠΎΡΠΌΡΠ»ΠΈ ΠΏΠ΅ΡΡΠΎΠ³ΠΎ ΠΏΠΎΡΡΠ΄ΠΊΡ, Π·Π°Π»ΡΡΠ°Ρ ΠΏΠΎΠ²Π΅Π΄ΡΠ½ΠΊΡ ΡΠΏΠ΅ΡΠΈΡΡΠΊΠ°ΡΡΡ (ΠΉΠΎΠ³ΠΎ Π½Π΅Π³Π°ΡΠΈΠ²Π½ΡΡΡΡ) ΠΎΠΏΠΈΡΠ°Π½ΠΎΡ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΈ. Π ΡΡΠ΅Π½Π½Ρ SMT-LIB ΡΠΎΡΠΌΡΠ» ΡΠΎΠ·Π³Π»ΡΠ΄Π°ΡΡΡΡΡ ΡΠΊ ΠΊΠΎΠΌΠ±ΡΠ½ΠΎΠ²Π°Π½Π° ΡΠΎΡΠΌΡΠ»Π° Π΄Π»Ρ ΡΠΎΠ³ΠΎ, ΡΠΎΠ± ΡΡ
Β«ΠΎΠ±ΠΌΠ΅ΠΆΡΠ²Π°ΡΠΈΒ» ΡΠ° Β«ΡΠΎΠ·Π²βΡΠ·ΡΠ²Π°ΡΠΈΒ». Π€ΠΎΡΠΌΠ° Β«ΡΠΎΠ·Π²βΡΠ·ΠΊΡΒ» ΠΌΠΎΠΆΠ΅ Π²ΠΈΠΊΠΎΡΠΈΡΡΠΎΠ²ΡΠ²Π°ΡΠΈΡΡ Π΄Π»Ρ ΡΠ΄Π΅Π½ΡΠΈΡΡΠΊΠ°ΡΡΡ Π»ΠΎΠ³ΡΡΠ½ΠΈΡ
ΠΏΠΎΠΌΠΈΠ»ΠΎΠΊ (Π±Π΅Π·ΠΏΠ΅ΠΊΠΈ) Java-ΠΏΡΠΎΠ³ΡΠ°ΠΌ Π½Π° Π±Π°Π·Ρ Android. ΠΠ»Π°ΡΡΠΈΠ²ΠΎΡΡΡΠ±Π΅Π·ΠΏΠ΅ΠΊΠΈ Android ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½ΠΎ ΡΠΊ ΠΎΠ±ΠΌΠ΅ΠΆΡΠ²Π°Π»ΡΠ½Ρ Π°Π½Π°Π»ΡΡΠΈΡΠ½Ρ ΡΡΠ»Ρ, ΡΠΎΠ± ΠΏΠΎΠΊΠ°Π·Π°ΡΠΈ Π²Π°ΠΆΠ»ΠΈΠ²ΡΡΡΡ ΡΠΈΡ
ΠΎΠ±ΠΌΠ΅ΠΆΠ΅Π½Ρ.ΠΡΠΎΠ²Π΅Π΄Π΅Π½ΠΎ ΡΠΎΠΏΠΎΡΡΠ°Π²Π»Π΅Π½ΠΈΠ΅ ΠΌΠ΅ΡΠΎΠ΄ΠΎΠ² ΡΡΠ°ΡΠΈΡΠ΅ΡΠΊΠΎΠ³ΠΎ Π°Π½Π°Π»ΠΈΠ·Π° Ρ ΠΌΠΎΠ΄Π΅Π»ΡΡ Π΄Π΅Π΄ΡΠΊΡΠΈΠ²Π½ΠΎΠΉ ΠΏΡΠΎΠ²Π΅ΡΠΊΠΈ ΠΈ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ ΡΠ΅ΡΠ΅Π½ΠΈΠΉ ΡΠ΅ΠΎΡΠΈΠΈ ΡΡΠ°ΡΠΈΡΠ΅ΡΠΊΠΎΠΉ ΠΌΠΎΠ΄Π΅Π»ΠΈ (Π’Π‘Π) Π΄Π»Ρ ΡΠΎΠ·Π΄Π°Π½ΠΈΡ ΠΎΡΠ½ΠΎΠ²Π°Π½ΠΈΡ, ΠΊΠΎΡΠΎΡΠ°Ρ, ΡΡΠΈΡΡΠ²Π°Ρ Π°ΡΠΏΠ΅ΠΊΡ Π°Π½Π°Π»ΠΈΠ·Π° ΠΈΡΡ
ΠΎΠ΄Π½ΠΎΠ³ΠΎ ΠΊΠΎΠ΄Π°, Π°Π²ΡΠΎΠΌΠ°ΡΠΈΡΠ΅ΡΠΊΠΈ ΡΠΎΠ·Π΄Π°Π΅ΡΡΡ Ρ ΠΏΠΎΠΌΠΎΡΡΡ Π°Π½Π°Π»ΠΈΠ·Π°ΡΠΎΡΠ°, Π²ΡΠ²ΠΎΠ΄ΡΡΠ΅Π³ΠΎ ΠΊΠΎΠ½Π΅ΡΠ½ΡΡ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΡ ΠΎΠ± ΡΡΠΎΠΌ Π°ΡΠΏΠ΅ΠΊΡΠ΅. ΠΠ½Π°Π»ΠΈΠ·Π°ΡΠΎΡ Π³Π΅Π½Π΅ΡΠΈΡΡΠ΅ΡΡΡ ΠΏΡΡΠ΅ΠΌ ΠΏΠ΅ΡΠ΅Π²ΠΎΠ΄Π° ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΡ Π΄Π»Ρ ΡΠ±ΠΎΡΠ° ΡΠ΅ΠΌΠ°Π½ΡΠΈΠΊΠΈ Ρ ΡΠ΅Π»ΡΡ ΠΈΠ·Π»ΠΎΠΆΠ΅Π½ΠΈΡ ΡΠΎΡΠΌΡΠ» Π² ΠΏΠ΅ΡΠ²ΠΎΠΌ ΠΏΡΠΈΠ±Π»ΠΈΠΆΠ΅Π½ΠΈΠΈ Π½Π° ΠΎΡΠ½ΠΎΠ²Π°Π½ΠΈΠΈ Π½Π΅ΡΠΊΠΎΠ»ΡΠΊΠΈΡ
ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½Π½ΡΡ
ΡΠ΅ΠΎΡΠΈΠΉ. Π’Π°ΠΊ ΠΊΠ°ΠΊ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ° Π΄Π΅Π»Π°Π΅Ρ ΠΈΠΌΠΏΠΎΡΡ ΠΏΠ°ΠΊΠ΅ΡΠΎΠ² ΠΈ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅Ρ ΠΊΠ»Π°ΡΡΠΎΠ²ΡΠ΅ ΠΌΠ΅ΡΠΎΠ΄Ρ ΡΡΠΈΡ
ΠΏΠ°ΠΊΠ΅ΡΠΎΠ², ΠΎΠ½Π° ΠΈΠΌΠΏΠΎΡΡΠΈΡΡΠ΅Ρ ΡΠ΅ΠΌΠ°Π½ΡΠΈΠΊΡ Π²ΡΠ·ΠΎΠ²ΠΎΠ² API Π² ΠΏΡΠΈΠ±Π»ΠΈΠΆΠ΅Π½ΠΈΠΈ ΠΏΠ΅ΡΠ²ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠ΄ΠΊΠ°. ΠΠ½Π°Π»ΠΈΠ·Π°ΡΠΎΡ, ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΡ ΡΡΠΈ ΠΏΡΠΈΠ±Π»ΠΈΠΆΠ΅Π½ΠΈΡ ΠΊΠ°ΠΊ ΠΌΠΎΠ΄Π΅Π»ΠΈ ΡΠ° ΠΈΡ
ΡΠΎΡΠΌΡΠ»Ρ ΠΏΠ΅ΡΠ²ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠ΄ΠΊΠ°, Π²ΠΊΠ»ΡΡΠ°Π΅Ρ ΠΏΠΎΠ²Π΅Π΄Π΅Π½ΠΈΠ΅ ΡΠΏΠ΅ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ (Π΅Π³ΠΎ ΠΎΡΡΠΈΡΠ°ΡΠ΅Π»ΡΠ½ΠΎΡΡΡ) ΠΎΠΏΠΈΡΠ°Π½Π½ΠΎΠΉ ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΡ. Π Π΅ΡΠ΅Π½ΠΈΡ SMT-LIB ΡΠΎΡΠΌΡΠ» ΡΠ°ΡΡΠΌΠ°ΡΡΠΈΠ²Π°Π΅ΡΡΡ ΠΊΠ°ΠΊ ΡΠΊΠΎΠΌΠ±ΠΈΠ½ΠΈΡΠΎΠ²Π°Π½Π° ΡΠΎΡΠΌΡΠ»Π° Π΄Π»Ρ ΡΠΎΠ³ΠΎ, ΡΡΠΎΠ±Ρ ΠΈΡ
Β«ΠΎΠ³ΡΠ°Π½ΠΈΡΠΈΠ²Π°ΡΡΒ» ΠΈ Β«ΡΠ΅ΡΠ°ΡΡΒ». Π€ΠΎΡΠΌΠ° Β«ΡΠ΅ΡΠ΅Π½ΠΈΡΒ» ΠΌΠΎΠΆΠ΅Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°ΡΡΡΡ Π΄Π»Ρ ΠΈΠ΄Π΅Π½ΡΠΈΡΠΈΠΊΠ°ΡΠΈΠΈ Π»ΠΎΠ³ΠΈΡΠ΅ΡΠΊΠΈΡ
ΠΎΡΠΈΠ±ΠΎΠΊ (Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ) Java-ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌ Π½Π° Π±Π°Π·Π΅ Android. Π‘Π²ΠΎΠΉΡΡΠ²Π° Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΠΈ Android ΠΏΡΠ΅Π΄ΡΡΠ°Π²Π»Π΅Π½Ρ ΠΊΠ°ΠΊ ΠΎΠ³ΡΠ°Π½ΠΈΡΠΈΠ²Π°ΡΡΠΈΠ΅ Π°Π½Π°Π»ΠΈΡΠΈΡΠ΅ΡΠΊΠΈΠ΅ ΡΠ΅Π»ΠΈ, ΡΡΠΎΠ±Ρ ΠΏΠΎΠΊΠ°Π·Π°ΡΡ Π²Π°ΠΆΠ½ΠΎΡΡΡ ΡΡΠΈΡ
ΠΎΠ³ΡΠ°Π½ΠΈΡΠ΅Π½ΠΈΠΉ.A static analysis techniques were combined with model-based deductive verification using solvers of the static model theory (SMT) to create a framework that, given an aspect of analysis of the source code, automatically generated with an analyzer outputting a conclusion information about this aspect. The analyzer is generated by translating of a program collecting semantic to outlined formula in first order over a few multiple submitted theories. The underscore can be looked as some set of holes or contexts corresponding to the uninterpreted APIs invoked in the program. As the program makes an import of the packages and uses classesβ methods of these packages, it is importing the semantics of API invocations in first order assertion. The analyzer is using these assertions as models and their first logic order formula incorporates the specification behavior (its negation) of the described programs. A solver of SMTLIB formula is treated as the combined formula for βconstrainβ and βsolveβ it. The βsolvedβ form can be used forlogic errors (security) identification Android-based Java-programs. The properties of Android security are represented as constraint and analysis aims to show the respecting for these constraints
Toward Intelligent Software Defect Detection
Get PDFSource code level software defect detection has gone from state of the art to a software engineering best practice. Automated code analysis tools streamline many of the aspects of formal code inspections but have the drawback of being difficult to construct and either prone to false positives or severely limited in the set of defects that can be detected. Machine learning technology provides the promise of learning software defects by example, easing construction of detectors and broadening the range of defects that can be found. Pinpointing software defects with the same level of granularity as prominent source code analysis tools distinguishes this research from past efforts, which focused on analyzing software engineering metrics data with granularity limited to that of a particular function rather than a line of code
Survival Techniques for Computer Programs
Get PDFPrograms developed with standard techniques often fail when they encounter any of a variety of internal errors. We present a set of techniques that prevent programs from failing and instead enable them to continue to execute even after they encounter otherwise fatal internal errors. Our results indicate that even though the techniques may take the program outside of its anticipated execution envelope, the continued execution often enables the program to provide acceptable results to their users. These techniques may therefore play an important role in making software systems more resilient and reliable in the face or errors.Singapore-MIT Alliance (SMA
Benchmark and Framework for Encouraging Research on Multi-Threaded Testing Tools
Get PDFA problem that has been getting prominence in testing is that of looking for intermittent bugs. Multi-threaded code is becoming very common, mostly on the server side. As there is no silver bullet solution, research focuses on a variety of partial solutions. In this paper (invited by PADTAD 2003) we outline a proposed project to facilitate research. The project goals are as follows. The first goal is to create a benchmark that can be used to evaluate different solutions. The benchmark, apart from containing programs with documented bugs, will include other artifacts, such as traces, that are useful for evaluating some of the technologies. The second goal is to create a set of tools with open API s that can be used to check ideas without building a large system. For example an instrumentor will be available, that could be used to test temporal noise making heuristics. The third goal is to create a focus for the research in this area around which a community of people who try to solve similar problems with different techniques, could congregate
Investigating Security for Ubiquitous Sensor Networks
Get PDFThe availability of powerful and sensor-enabled mobile and Internet-connected devices have enabled the advent of the ubiquitous sensor network paradigm which is providing various types of solutions to the community and the individual user in various sectors including environmental monitoring, entertainment, transportation, security, and healthcare. We explore and compare the features of wireless sensor networks and ubiquitous sensor networks and based on the differences between these two types of systems, we classify the security-related challenges of ubiquitous sensor networks. We identify and discuss solutions available to address these challenges. Finally, we briefly discuss open challenges that need to be addressed to design more secure ubiquitous sensor networks in the future
A path-precise analysis for property synthesis
Get PDFtechnical reportRecent systems such as SLAM, Metal, and ESP help programmers by automating reasoning about the correctness of temporal program properties. This paper presents a technique called property synthesis, which can be viewed as the inverse of property checking. We show that the code for some program properties, such as proper lock acquisition, can be automatically inserted rather than automatically verified. Whereas property checking analyzes a program to verify that property code was inserted correctly, property synthesis analyzes a program to identify where property code should be inserted. This paper describes a path-sensitive analysis that is precise enough to synthesize property code effectively. Unlike other path-sensitive analyses, our intra-procedural path-precise analysis can describe behavior that occurs in loops without approximations. This precision is achieved by computing analysis results as a set of path machines. Each path machine describes assignment behavior of a boolean variable along all paths precisely. This paper explains how path machines work, are computed, and are used to synthesize code
Event views and graph reductions for understanding system level C code
Get PDFConcurrent processing, runtime bindings and an extensive use of aggregate data structures make system level C codes difficult to understand. We propose event views and graph reductions as techniques to facilitate program comprehension. Starting with some domain knowledge, a user can apply these techniques to quickly identify and analyze exactly those parts of the program that are relevant to a given concern. We have built a tool called CVision to demonstrate applicability of the proposed techniques. CVi-sion is an interactive tool that allows the user to: (a) quickly get to the relevant parts of the code, (b) graphically visualize relationships between program elements, (c) interactively apply different graph reductions to eliminate irrelevant relationships. Using these capabilities, the user can quickly distill a large body of code and extract meaningful views of runtime events that capture the user\u27s concern. The proposed program comprehension techniques are demonstrated through two case studies based on Linux and XINU operating systems
