Presentation is loading. Please wait.

Presentation is loading. Please wait.

Improving Network Applications Security: a New Heuristic to Generate Stress Testing Data Presented by Conrad Pack Del Grosso et al.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Improving Network Applications Security: a New Heuristic to Generate Stress Testing Data Presented by Conrad Pack Del Grosso et al."— Presentation transcript:

1 Improving Network Applications Security: a New Heuristic to Generate Stress Testing Data Presented by Conrad Pack Del Grosso et al

2 Overview Buffer Overflow problem –Network security –Critical systems Testing to identify/remove vulnerabilities –Combined static and dynamic approach –Static slicing –Genetic algorithms (GAs) in dynamic search New heuristic

3 Buffer Overflow Incorrect handling of input Data overwritten

4 Impact of Buffer Overflow Scope –Language variations (C++ vs. Java) –Prevalence of unaudited code Over 50% of vulnerabilities (CERT) Potential harm –Unauthorized access in network/security applications –Serious accidents in critical embedded systems

5 Overview of Approach

6 Static Analysis Tools –RatScan (front end to RATS) –Splint Extracted Information –Potentially vulnerable source statements –Call to potentially unsafe functions/libraries –Estimated buffer sizes

7 Static Slicing Software maintenance technique –“all program code that can in anyway affect the value of a given variable” Inputs and source code relationship –Data dependency –Some inputs not tied to vulnerable statements Tool: CodeSurfer (GrammaTech) Purpose: Search space reduction

8 Test Case Generation Using GA GA aspects –Chromosome (2 dimensional array) –Crossover/mutation operators (whole/creep) –Fitness function (to follow) –Parameters Number of generations (500) Population size (70) Propagation rules (2 best) Probabilities (p cross = 0.7, p mut = 0.01)

9 Fitness GA is an optimization problem Three Approaches –Vulnerable coverage fitness –Nesting fitness –Buffer boundary fitness Correlation to crashes alone not enough –Flat landscape –Random search

10 Vulnerable Coverage Fitness Statement coverage Vulnerable statement coverage Number of vulnerable statement executions Function F(g) = w 1 scov + w 2 log(k) vcov + w 3 crash

11 Nesting Fitness Unconstrained nodes (graph theory) –Control flow graphs –Do not dominate any node –Do not postdominate any node Often correspond with maximum nesting Function F(g) = w 1 scov + w 2 log(k) vcov + w 3 nesting

12 Buffer Boundary Fitness Buffer boundaries in fitness calculation –Often difficult to precisely determine –Intended for future implementation Distance from boundary by size estimate –Compile time (can’t always be determined) Function F(g) = w 1 scov + w 2 log(k) vcov + w 3 nesting + w 4 max i {min j (L i,j – SB i )}

13 Empirical Results Two test programs –White noise generator (scientific application) –FTP client (network application) Random search as a control –Pure random search –GA search with no fitness White noise: fixed initial population FTP: random initial populations

14 White Noise Generator Results

15 FTP Client Results

16 Personal Conclusions Use of Genetic Algorithms in testing is compelling Fitness Heuristic using source code is a valuable concept Useful in large projects Buffer overflow will likely have less importance over time GA assumptions

Download ppt "Improving Network Applications Security: a New Heuristic to Generate Stress Testing Data Presented by Conrad Pack Del Grosso et al."

Similar presentations

P3 / 2004 Register Allocation. Kostis Sagonas 2 Spring 2004 Outline What is register allocation Webs Interference Graphs Graph coloring Spilling Live-Range.

P3 / 2004 Register Allocation. Kostis Sagonas 2 Spring 2004 Outline What is register allocation Webs Interference Graphs Graph coloring Spilling Live-Range.
Introduction to Memory Management. 2 General Structure of Run-Time Memory.

Introduction to Memory Management. 2 General Structure of Run-Time Memory.
DETAILED DESIGN, IMPLEMENTATIONA AND TESTING Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

DETAILED DESIGN, IMPLEMENTATIONA AND TESTING Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Compiler Optimized Dynamic Taint Analysis James Kasten Alex Crowell.

Compiler Optimized Dynamic Taint Analysis James Kasten Alex Crowell.
Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.

Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Online Performance Auditing Using Hot Optimizations Without Getting Burned Jeremy Lau (UCSD, IBM) Matthew Arnold (IBM) Michael Hind (IBM) Brad Calder (UCSD)

Online Performance Auditing Using Hot Optimizations Without Getting Burned Jeremy Lau (UCSD, IBM) Matthew Arnold (IBM) Michael Hind (IBM) Brad Calder (UCSD)
A Comparison of Online and Dynamic Impact Analysis Algorithms Ben Breech Mike Tegtmeyer Lori Pollock University of Delaware.

A Comparison of Online and Dynamic Impact Analysis Algorithms Ben Breech Mike Tegtmeyer Lori Pollock University of Delaware.
Finite State Machine State Assignment for Area and Power Minimization Aiman H. El-Maleh, Sadiq M. Sait and Faisal N. Khan Department of Computer Engineering.

Finite State Machine State Assignment for Area and Power Minimization Aiman H. El-Maleh, Sadiq M. Sait and Faisal N. Khan Department of Computer Engineering.
Genetic algorithms for neural networks An introduction.

Genetic algorithms for neural networks An introduction.
Testing an individual module

Testing an individual module
國立陽明大學生資學程 陳虹瑋. Genetic Algorithm Background Fitness function 010101 ……. population 010101 selection Cross over mutation Fitness values Random cross over.

國立陽明大學生資學程 陳虹瑋. Genetic Algorithm Background Fitness function ……. population selection Cross over mutation Fitness values Random cross over.
Subgoal: conduct an in-depth study of critical representation, operator and other choices used for evolutionary program repair at the source code level.

Subgoal: conduct an in-depth study of critical representation, operator and other choices used for evolutionary program repair at the source code level.
Impact Analysis of Database Schema Changes Andy Maule, Wolfgang Emmerich and David S. Rosenblum London Software Systems Dept. of Computer Science, University.

Impact Analysis of Database Schema Changes Andy Maule, Wolfgang Emmerich and David S. Rosenblum London Software Systems Dept. of Computer Science, University.
©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.
Attention Deficit Hyperactivity Disorder (ADHD) Student Classification Using Genetic Algorithm and Artificial Neural Network S. Yenaeng 1, S. Saelee 2.

Attention Deficit Hyperactivity Disorder (ADHD) Student Classification Using Genetic Algorithm and Artificial Neural Network S. Yenaeng 1, S. Saelee 2.
D Goforth - COSC 4117, fall 20061 Note to 4 th year students  students interested in doing masters degree and those who intend to apply for OGS/NSERC.

D Goforth - COSC 4117, fall Note to 4 th year students  students interested in doing masters degree and those who intend to apply for OGS/NSERC.
Class Specification Implementation Graph By: Njume Njinimbam Chi-Chang Sun.

Class Specification Implementation Graph By: Njume Njinimbam Chi-Chang Sun.
A Genetic Algorithm Approach to Multiple Response Optimization Francisco Ortiz Jr. James R. Simpson Joseph J. Pignatiello, Jr. Alejandro Heredia-Langner.

A Genetic Algorithm Approach to Multiple Response Optimization Francisco Ortiz Jr. James R. Simpson Joseph J. Pignatiello, Jr. Alejandro Heredia-Langner.
1 How to Apply Static and Dynamic Analysis in Practice © Software Quality Week ‘97 How to Apply Static and Dynamic Analysis in Practice - Otto Vinter Manager.

1 How to Apply Static and Dynamic Analysis in Practice © Software Quality Week ‘97 How to Apply Static and Dynamic Analysis in Practice - Otto Vinter Manager.

Similar presentations

Ads by Google