21,536 research outputs found
Towards Smart Hybrid Fuzzing for Smart Contracts
Smart contracts are Turing-complete programs that are executed across a
blockchain network. Unlike traditional programs, once deployed they cannot be
modified. As smart contracts become more popular and carry more value, they
become more of an interesting target for attackers. In recent years, smart
contracts suffered major exploits, costing millions of dollars, due to
programming errors. As a result, a variety of tools for detecting bugs has been
proposed. However, majority of these tools often yield many false positives due
to over-approximation or poor code coverage due to complex path constraints.
Fuzzing or fuzz testing is a popular and effective software testing technique.
However, traditional fuzzers tend to be more effective towards finding shallow
bugs and less effective in finding bugs that lie deeper in the execution. In
this work, we present CONFUZZIUS, a hybrid fuzzer that combines evolutionary
fuzzing with constraint solving in order to execute more code and find more
bugs in smart contracts. Evolutionary fuzzing is used to exercise shallow parts
of a smart contract, while constraint solving is used to generate inputs which
satisfy complex conditions that prevent the evolutionary fuzzing from exploring
deeper paths. Moreover, we use data dependency analysis to efficiently generate
sequences of transactions, that create specific contract states in which bugs
may be hidden. We evaluate the effectiveness of our fuzzing strategy, by
comparing CONFUZZIUS with state-of-the-art symbolic execution tools and
fuzzers. Our evaluation shows that our hybrid fuzzing approach produces
significantly better results than state-of-the-art symbolic execution tools and
fuzzers
Reverse Proxy Framework using Sanitization Technique for Intrusion Prevention in Database
With the increasing importance of the internet in our day to day life, data
security in web application has become very crucial. Ever increasing on line
and real time transaction services have led to manifold rise in the problems
associated with the database security. Attacker uses illegal and unauthorized
approaches to hijack the confidential information like username, password and
other vital details. Hence the real time transaction requires security against
web based attacks. SQL injection and cross site scripting attack are the most
common application layer attack. The SQL injection attacker pass SQL statement
through a web applications input fields, URL or hidden parameters and get
access to the database or update it. The attacker take a benefit from user
provided data in such a way that the users input is handled as a SQL code.
Using this vulnerability an attacker can execute SQL commands directly on the
database. SQL injection attacks are most serious threats which take users input
and integrate it into SQL query. Reverse Proxy is a technique which is used to
sanitize the users inputs that may transform into a database attack. In this
technique a data redirector program redirects the users input to the proxy
server before it is sent to the application server. At the proxy server, data
cleaning algorithm is triggered using a sanitizing application. In this
framework we include detection and sanitization of the tainted information
being sent to the database and innovate a new prototype.Comment: 9 pages, 6 figures, 3 tables; CIIT 2013 International Conference,
Mumba
Towards Vulnerability Discovery Using Staged Program Analysis
Eliminating vulnerabilities from low-level code is vital for securing
software. Static analysis is a promising approach for discovering
vulnerabilities since it can provide developers early feedback on the code they
write. But, it presents multiple challenges not the least of which is
understanding what makes a bug exploitable and conveying this information to
the developer. In this paper, we present the design and implementation of a
practical vulnerability assessment framework, called Melange. Melange performs
data and control flow analysis to diagnose potential security bugs, and outputs
well-formatted bug reports that help developers understand and fix security
bugs. Based on the intuition that real-world vulnerabilities manifest
themselves across multiple parts of a program, Melange performs both local and
global analyses. To scale up to large programs, global analysis is
demand-driven. Our prototype detects multiple vulnerability classes in C and
C++ code including type confusion, and garbage memory reads. We have evaluated
Melange extensively. Our case studies show that Melange scales up to large
codebases such as Chromium, is easy-to-use, and most importantly, capable of
discovering vulnerabilities in real-world code. Our findings indicate that
static analysis is a viable reinforcement to the software testing tool set.Comment: A revised version to appear in the proceedings of the 13th conference
on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA),
July 201
- …