INTERACTIVE PROGRAMMING SUPPORT FOR SECURE SOFTWARE DEVELOPMENT

Software vulnerabilities originating from insecure code are one of the leading causes of security problems people face today. Unfortunately, many software developers have not been adequately trained in writing secure programs that are resistant from attacks violating program confidentiality, integrity, and availability, a style of programming which I refer to as secure programming. Worse, even well-trained developers can still make programming errors, including security ones. This may be either because of their lack of understanding of secure programming practices, and/or their lapses of attention on security. Much work on software security has focused on detecting software vulnerabilities through automated analysis techniques. While they are effective, they are neither sufficient nor optimal. For instance, current tool support for secure programming, both from tool vendors as well as within the research community, focuses on catching security errors after the program is written. Static and dynamic analyzers work in a similar way as early compilers: developers must first run the tool, obtain and analyze results, diagnose programs, and finally fix the code if necessary. Thus, these tools tend to be used to find vulnerabilities at the end of the development lifecycle. However, their popularity does not guarantee utilization; other business priorities may take precedence. Moreover, using such tools often requires some security expertise and can be costly. What is worse, these approaches exclude programmers from the security loop, and therefore, do not discourage them from continuing to write insecure code. In this dissertation, I investigate an approach to increase developer awareness and promoting good practices of secure programming by interactively reminding program- mers of secure programming practices in situ, helping them to either close the secure programming knowledge gap or overcome attention/memory lapses. More specifi- cally, I designed two techniques to help programmers prevent common secure coding errors: interactive code refactoring and interactive code annotation. My thesis is that by providing reminder support in a programming environment, e.g. modern IDE, one can effectively reduce common security vulnerabilities in software systems. I have implemented interactive code refactoring as a proof-of-concept plugin for Eclipse (32) and Java (57). Extensive evaluation results show that this approach can detect and address common web application vulnerabilities and can serve as an effective aid for programmers in writing secure code. My approach can also effectively complement existing software security best practices and significantly increase developer productivity. I have also implemented interactive code annotation, and conducted user studies to investigate its effectiveness and impact on developers’ programming behaviors and awareness towards writing secure code

The Challenges in SDN/ML Based Network Security : A Survey

Machine Learning is gaining popularity in the network security domain as many more network-enabled devices get connected, as malicious activities become stealthier, and as new technologies like Software Defined Networking (SDN) emerge. Sitting at the application layer and communicating with the control layer, machine learning based SDN security models exercise a huge influence on the routing/switching of the entire SDN. Compromising the models is consequently a very desirable goal. Previous surveys have been done on either adversarial machine learning or the general vulnerabilities of SDNs but not both. Through examination of the latest ML-based SDN security applications and a good look at ML/SDN specific vulnerabilities accompanied by common attack methods on ML, this paper serves as a unique survey, making a case for more secure development processes of ML-based SDN security applications.Comment: 8 pages. arXiv admin note: substantial text overlap with arXiv:1705.0056

Smart Intrusion Detection System for DMZ

Prediction of network attacks and machine understandable security vulnerabilities are complex tasks for current available Intrusion Detection System [IDS]. IDS software is important for an enterprise network. It logs security information occurred in the network. In addition, IDSs are useful in recognizing malicious hack attempts, and protecting it without the need for change to client‟s software. Several researches in the field of machine learning have been applied to make these IDSs better a d smarter. In our work, we propose approach for making IDSs more analytical, using semantic technology. We made a useful semantic connection between IDSs and National Vulnerability Databases [NVDs], to make the system semantically analyzed each attack logged, so it can perform prediction about incoming attacks or services that might be in danger. We built our ontology skeleton based on standard network security. Furthermore, we added useful classes and relations that are specific for DMZ network services. In addition, we made an option to mallow the user to update the ontology skeleton automatically according to the network needs. Our work is evaluated and validated using four different methods: we presented a prototype that works over the web. Also, we applied KDDCup99 dataset to the prototype. Furthermore,we modeled our system using queuing model, and simulated it using Anylogic simulator. Validating the system using KDDCup99 benchmark shows good results law false positive attacks prediction. Modeling the system in a queuing model allows us to predict the behavior of the system in a multi-users system for heavy network traffic

Proceedings, MSVSCC 2018

Proceedings of the 12th Annual Modeling, Simulation & Visualization Student Capstone Conference held on April 19, 2018 at VMASC in Suffolk, Virginia. 155 pp

Automatic Input Rectification

We present a novel technique, automatic input rectification, and a prototype implementation called SOAP. SOAP learns a set of constraints characterizing typical inputs that an application is highly likely to process correctly. When given an atypical input that does not satisfy these constraints, SOAP automatically rectifies the input (i.e., changes the input so that is satisfies the learned constraints). The goal is to automatically convert potentially dangerous inputs into typical inputs that the program is highly likely to process correctly. Our experimental results show that, for a set of benchmark applications (namely, Google Picasa, ImageMagick, VLC, Swfdec, and Dillo), this approach effectively converts malicious inputs (which successfully exploit vulnerabilities in the application) into benign inputs that the application processes correctly. Moreover, a manual code analysis shows that, if an input does satisfy the learned constraints, it is incapable of exploiting these vulnerabilities. We also present the results of a user study designed to evaluate the subjective perceptual quality of outputs from benign but atypical inputs that have been automatically rectified by SOAP to conform to the learned constraints. Specifically, we obtained benign inputs that violate learned constraints, used our input rectifier to obtain rectified inputs, then paid Amazon Mechanical Turk users to provide their subjective qualitative perception of the difference between the outputs from the original and rectified inputs. The results indicate that rectification can often preserve much, and in many cases all, of the desirable data in the original input

Usable and Sound Static Analysis through its Integration into Automated and Interactive Workflows

Staatiline analüüs võimaldab tarkvara arendajal tuvastada koodis leiduvaid viguning neid parandada enne, kui see jõuab reaalsesse kasutusse. Hoolimata sellest, et tänaseks päevaks on teada mitmeid häid analüüsimeetodeid, põhjustavad ennetatavad tarkvara vead siiski katkestusi kriitiliste rakenduste töös ning võimaldavad kolmandatel isikutel ligipääsu privaatsetele andmetele. Kuigi arendajad on teadlikud staatilise analüüsi kasutamise eelistest, takistavad mitmed asjaolud siiski selliste vahendite laialdasemat kasutuselevõttu. Üheks peamiseks probleemiks on anaüüsi vahendite keerukas ning tüütukasutatavus. Veelgi suuremat vastuseisu kohtavad korrektse (sound) staatilise anaüüsi vahendid, mis lubaksid potentsiaalselt kontrollida teatud tüüpi vigade puudumist programmis. Nende suureks miinuseks on võimalus vigade (valesti) tuvastamiseks ka osades tegelikult korrektsetes programmides.Käesolevas magistritöös uuritakse, mis viisil kasutatakse staatilise analüüsi vahendeid ettevõtetes ning pakutakse välja, kuidas oleks mõistlik integreerida analüüsi tarkvara arenduskeskkonda (IDE) ning tarkvara ehitust automatiseerivasse töövahendisse (build tool). Interaktiivse analüüsi ja automatiseeritud analüüsi tugev integreeritus võib ollaoluline komponent, mis paneks arendajad neid töövahendeid kasutama.Töö tulemusena valmis ka näidislahendus, mis integreerib lekke analüüsi (taintanalysis) IntelliJ ja Gradle töövahenditesse. Välja pakutud lahendus on sobilik lekke analüüsi jaoks, aga selle üldistamine keerulisemate analüüsimeetodite jaoks jääb lahtiseks probleemiks. Näidislahenduse arendus andis võimaluse uurida erinevaid lähenemisi kasutatavusele ning on kasulikuks esimeseks sammuks suurema lõppeesmärgi poole, milleks on kasutajasõbraliku korrektse staatilise analüüsivahendi loomine.Static analysis allows software developers to detect and fix many types of errors in codebefore it is submitted to a production environment. Despite the availability of sophisticatedanalysis techniques, many preventable bugs still cause security vulnerabilitiesthat allow hackers to steal private information. Studies have shown that even thoughdevelopers recognize the benefits of static analysis there are many practical usabilityproblems preventing higher adoption rates.The challenge is even greater with sound analyzers that could potentially verify thetotal absence of specific types of bugs, but at the cost of rejecting some correct programs.This thesis investigates the current situation of adopting static analyzers in the industryand proposes an approach of integrating an analysis into the IDE and build system. Theseamless integration of both interactive and automated analysis may enable developersto adopt sound analysis tools.A prototype implementation of that static analysis workflow for tainting analysisin IntelliJ and Gradle is presented. The integration proposed works well for taintinganalysis used in the prototype, but many challenges remain to generalize this to morecomplex analyses. The prototype has enabled the exploration of different approachesto usability and is a useful first step in a larger project aimed at building a user-friendlysound static analysis framework