Visible to the public Reasoning about Accidental and Malicious Misuse via Formal MethodsConflict Detection Enabled

Submitted by Saikath on Mon, 06/21/2021 - 4:05pm

PI(s), Co-PI(s), Researchers:

PI: Munindar Singh; Co-PIs: William Enck, Laurie Williams; Researchers: Hui Guo, Samin Yaseer Mahmud, Md Rayhanur Rahman, Vaibhav Garg

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

  • Policy

This project seeks to aid security analysts in identifying and protecting against accidental and malicious actions by users or software through automated reasoning on unified representations of user expectations and software implementations to identify misuses sensitive to usage and machine context.

PUBLICATIONS

None.

KEY HIGHLIGHTS

Each effort should submit one or two specific highlights. Each item should include a paragraph or two along with a citation if available. Write as if for the general reader of IEEE S&P.
The purpose of the highlights is to give our immediate sponsors a body of evidence that the funding they are providing (in the framework of the SoS lablet model) is delivering results that "more than justify" the investment they are making.

  • We continued our analysis of Payment Service Provider (PSP) application programming interfaces (APIs), adapting an existing application-based data flow analysis framework to operate on a PSP library file.

  • We are working on a comparison of studies extracting attack tactics, techniques, and procedures (TTPs) from CTI. In this study, we use the MITRE ATT&CK data as the dataset. We implement three approaches using different machine learning techniques.

  • We enhanced our work on norm extraction from breach reports. Specifically, whereas our previous work leveraged crowdsourcing, we focused on automated extraction of useful actions and descriptive phrases from breach reports. Based on the extracted information, we built a tool for action suggestions based on breach descriptions.

  • We proposed Unexpected-Catch, a framework for identifying mobile apps that enable information access about users and others that violate user expectations. We term such apps UIA-enabling apps. Our framework identified 83 UIA-enabling apps from the seed dataset and found an additional 48 UIA-enabling apps via snowballing. We manually verified that 53 of the initial 83 and 32 of the additional 48 apps are truly UIA-enabling. That is, we obtained a higher percentage of true positives than in the previous study.

COMMUNITY ENGAGEMENTS

None.

EDUCATIONAL ADVANCES:

None.

Groups: