Files in this item

FilesDescriptionFormat

application/pdf

application/pdf3202072.pdf (3MB)Restricted to U of Illinois
(no description provided)PDF

Description

Title:Design for Security: Measurement, Analysis and Mitigation Techniques
Author(s):Chen, Shuo
Doctoral Committee Chair(s):Iyer, Ravishankar K.
Department / Program:Computer Science
Discipline:Computer Science
Degree Granting Institution:University of Illinois at Urbana-Champaign
Degree:Ph.D.
Genre:Dissertation
Subject(s):Computer Science
Abstract:This dissertation is focused on measurement and analysis of security vulnerability impact and root causes, as well as the design of several techniques for vulnerability mitigation. The research begins with the analysis of the security vulnerabilities published in the Bugtraq list and CERT advisories. An in-depth analysis of vulnerability reports and the corresponding source code of the applications motivate our development of a finite state machine (FSM) model to reason about security vulnerabilities, which provides a more formal way to depict these attacks. Besides the analysis of security vulnerabilities, this work also shows that although most current attacks compromise system security by overwriting control data, a new type of attack, namely non-control-data attack, can be generally applicable to attack real-world software. The notion of pointer taintedness is introduced as the basis for detecting control-data attacks and non-control-data attacks in a unified manner. A pointer is said to be tainted if the pointer value comes directly or indirectly from user input. Pointer taintedness allows the user to arbitrarily specify the target memory address to read, write or transfer control to, which is usually a pathological program behavior due to memory corruption attacks. Based on the notion of pointer taintedness, we developed a theorem proving technique to identify potential security vulnerabilities via static source code analysis, and implemented a processor architecture mechanism for dynamic pointer taintedness detection. The evaluation shows that the proposed techniques offer a better security coverage than existing methods.
Issue Date:2005
Type:Text
Language:English
Description:112 p.
Thesis (Ph.D.)--University of Illinois at Urbana-Champaign, 2005.
URI:http://hdl.handle.net/2142/81704
Other Identifier(s):(MiAaPQ)AAI3202072
Date Available in IDEALS:2015-09-25
Date Deposited:2005


This item appears in the following Collection(s)

Item Statistics