Visible to the public Empirical Models for Vulnerability Exploits - UMD - January 2017Conflict Detection Enabled

Submitted by jkatz on Wed, 01/25/2017 - 7:46am

PI(s): Tudor Dumitras
Researchers: Sanghyun Hong, Octavian Suciu, Soumya Indela, Michael Hicks, Jonathan Katz, Joseph JaJa

HARD PROBLEM(S) ADDRESSED

Security-Metrics-Driven Evaluation, Design, Development, and Deployment

Project synopsis
The security of deployed and actively used systems is influenced by factors not captured in existing security metrics. For example, the count and severity of unpatched vulnerabilities in source code, as well as the corresponding attack surface, are commonly used as measures of a software product's security. But simply estimating the number of vulnerabilities in source code does not account for the fact that some vulnerabilities are never exploited by attackers, perhaps due to reduced attack surfaces or because of other technologies that render exploits less likely to succeed. Conversely, vulnerabilities that have been "patched" can continue to impact security in the real world because some users do not deploy the corresponding software patches. Overall, we currently do not know how to assess the security of real-world systems. In this task, we will conduct empirical studies of security in the real world. Our goals are to derive empirical models of vulnerabilities and attack surfaces exercised in cyber attacks and to understand the deployment-specific factors that influence the security of systems in active use.

PUBLICATIONS

[Onward!'16] S. Indela, M. Kulkarni, K. Nayak and T. Dumitras. 'Helping Johnny Encrypt: Toward Semantic Interfaces for Cryptographic Frameworks.' Accepted to ACM Onward! Conference, Amsterdam, The Netherlands, Oct/Nov 2016.

[SecDev'16] S. Indela, M. Kulkarni, K. Nayak and T. Dumitras. 'Toward Semantic Cryptography APIs.' IEEE Cybersecurity Development Conference, Boston, MA, Nov 2016.

ACCOMPLISHMENTS

Starting from misuse cases of cryptographic APIs documented in prior publications, we infered five developer needs and we showed that a good API would address these needs only partially. Building on this observation, we proposed APIs that are semantically meaningful for developers, showed how these interfaces can be implemented consistently on top of existing frameworks using novel and known design patterns, and proposed build-management hooks for isolating security workarounds needed during the development and test phases [Onward'16, SecDev'16]. Through two case studies, we showed that our APIs can be utilized to implement non-trivial client-server protocols and that they provide a better separation of concerns than existing frameworks. While this represents a first step toward preventing misuses of cryptographic APIs, we also identified several challenges for evaluating our proposal quantitatively.

More information is available at http://www.umiacs.umd.edu/~tdumitra/blog/2016/11/02/toward-semantic-cryptography-apis/

Groups: