THE IMPACT OF PROGRAMMING LANGUAGES ON THE SOFTWARE’S SECURITY

Security is usually defined as the ability of a system to protect itself against accidental or deliberate intrusion1. Ensuring integrity, confidentiality, availability, and accountability requirements even in the presence of a determined, malicious opponent is essential for computer security. Sensitive data has to be manipulated and consulted by authorized users only (integrity, confidentiality). Furthermore, the system should resist “denial of service” attacks that attempt to render it unusable (availability). Also the system has to ensure the inability to deny the ownership of prior actions (accountability).security

Automatic Removal of Flaws in Embedded System Software

Tese de mestrado, Segurança Informática, Universidade de Lisboa, Faculdade de Ciências, 2022Currently, embedded systems are present in a myriad of devices, such as Internet of Things, drones, and Cyber-physical Systems. The security of these devices can be critical, depending on the context they are integrated and the role they play (e.g., water plant, car). C is the core language used to develop the software for these devices and is known for missing the bounds of its data types, which leads to vulnerabilities such as buffer overflows. These vulnerabilities, when exploited, cause severe damage and can put human life in danger. Therefore, the software of these devices must be secure. One of the concerns with vulnerable C programs is to correct the code automatically, employing secure code that can remove the existing vulnerabilities and avoid attacks. However, such task faces some challenges after finding the vulnerabilities, namely determining what code is needed to remove them and where to insert that code, maintaining the correct behavior of the application after applying the code correction, and verifying that the generated code correction is secure and effectively removes the vulnerabilities. Another challenge is to accomplish all these elements automatically. This work aims to study diverse types of buffer overflow vulnerabilities in the C programming lan guage, forms to build secure code for invalidating such vulnerabilities, including functions from the C language that can be used to remove flaws. Based on this knowledge, we propose an approach that automatically, after discovering and confirming potential vulnerabilities of an application, applies code correction to fix the vulnerable code of those vulnerabilities verified and validate the new code with fuzzing/attack injection. We implemented our approach and evaluated it with a set of test cases and with real applications. The experimental results showed that the tool detected the intended vulnerabilities and generated corrections capable of removing the vulnerabilities found

ODSS: A Ghidra-based Static Analysis Tool for Detecting Stack-Based Buffer Overflows

To reduce code exploitabilty, techniques for analyzing binaries for potential buffer overflow vulnerabilities are needed. One method is static analysis, which involves inspection of disassembled binaries to identify exploitable weaknesses in the program. Buffer overflows can occur in libc functions. Such functions can be referred to as vulnerable sinks. We present Overflow Detection from Sinks and Sources (ODSS), a script written for the Ghidra API to search for vulnerable sinks in a binary and to find the source of all the parameters used in each sink. We conduct static analysis of ten common libc functions using ODSS, and show that it is possible to both find overflow vulnerabilities associated with functions using stack-allocated strings and to determine the feasibility of a buffer overflow exploitation

Towards Vulnerability Discovery Using Staged Program Analysis

Eliminating vulnerabilities from low-level code is vital for securing software. Static analysis is a promising approach for discovering vulnerabilities since it can provide developers early feedback on the code they write. But, it presents multiple challenges not the least of which is understanding what makes a bug exploitable and conveying this information to the developer. In this paper, we present the design and implementation of a practical vulnerability assessment framework, called Melange. Melange performs data and control flow analysis to diagnose potential security bugs, and outputs well-formatted bug reports that help developers understand and fix security bugs. Based on the intuition that real-world vulnerabilities manifest themselves across multiple parts of a program, Melange performs both local and global analyses. To scale up to large programs, global analysis is demand-driven. Our prototype detects multiple vulnerability classes in C and C++ code including type confusion, and garbage memory reads. We have evaluated Melange extensively. Our case studies show that Melange scales up to large codebases such as Chromium, is easy-to-use, and most importantly, capable of discovering vulnerabilities in real-world code. Our findings indicate that static analysis is a viable reinforcement to the software testing tool set.Comment: A revised version to appear in the proceedings of the 13th conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA), July 201