Abstract

This paper combines an analysis of data on security vulnerabilities (published in Bugtraq database) and a focused source-code examination to develop a finite state machine (FSM) model to depict and reason about security vulnerabilities. An in-depth analysis of the vulnerability reports and the corresponding source code of the applications leads to three observations: (i) exploits must pass through multiple elementary activities, (ii) multiple vulnerable operations on several objects are involved in exploiting a vulnerability, and (Hi) the vulnerability data and corresponding code inspections allow us to derive a predicate for each elementary activity. Each predicate is represented as a primitive FSM (pFSM). Multiple pFSMs are then combined to create an FSM model of vulnerable operations and possible exploits. The proposed FSM methodology is exemplified by analyzing several types of vulnerabilities reported in the data: stack buffer overflow, integer overflow, heap overflow, input validation vulnerabilities, and format string vulnerabilities. For the studied vulnerabilities, we identify three types of pFSMs, which can be used to analyze operations involved in exploiting vulnerabilities and to identify the security checks to be performed at the elementary activity level. A demonstration of the practical usefulness of the FSM modeling approach was the discovery of a new heap overflow vulnerability now published in Bugtraq.

Original languageEnglish (US)
Pages605-614
Number of pages10
StatePublished - Dec 1 2003
Event2003 International Conference on Dependable Systems and Networks - San Francisco, CA, United States
Duration: Jun 22 2003Jun 25 2003

Other

Other2003 International Conference on Dependable Systems and Networks
CountryUnited States
CitySan Francisco, CA
Period6/22/036/25/03

Fingerprint

Finite automata
Demonstrations
Inspection

Keywords

  • Data analysis
  • Finite state machine modeling
  • Security vulnerabilities

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Cite this

Chen, S., Kalbarczyk, Z., Xu, J., & Iyer, R. K. (2003). A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities. 605-614. Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States.

A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities. / Chen, Shuo; Kalbarczyk, Zbigniew; Xu, Jun; Iyer, Ravishankar K.

2003. 605-614 Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States.

Research output: Contribution to conferencePaper

Chen, S, Kalbarczyk, Z, Xu, J & Iyer, RK 2003, 'A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities' Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States, 6/22/03 - 6/25/03, pp. 605-614.
Chen S, Kalbarczyk Z, Xu J, Iyer RK. A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities. 2003. Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States.
Chen, Shuo ; Kalbarczyk, Zbigniew ; Xu, Jun ; Iyer, Ravishankar K. / A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities. Paper presented at 2003 International Conference on Dependable Systems and Networks, San Francisco, CA, United States.10 p.
@conference{920d839f10a34f819019dabc8b99becd,
title = "A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities",
abstract = "This paper combines an analysis of data on security vulnerabilities (published in Bugtraq database) and a focused source-code examination to develop a finite state machine (FSM) model to depict and reason about security vulnerabilities. An in-depth analysis of the vulnerability reports and the corresponding source code of the applications leads to three observations: (i) exploits must pass through multiple elementary activities, (ii) multiple vulnerable operations on several objects are involved in exploiting a vulnerability, and (Hi) the vulnerability data and corresponding code inspections allow us to derive a predicate for each elementary activity. Each predicate is represented as a primitive FSM (pFSM). Multiple pFSMs are then combined to create an FSM model of vulnerable operations and possible exploits. The proposed FSM methodology is exemplified by analyzing several types of vulnerabilities reported in the data: stack buffer overflow, integer overflow, heap overflow, input validation vulnerabilities, and format string vulnerabilities. For the studied vulnerabilities, we identify three types of pFSMs, which can be used to analyze operations involved in exploiting vulnerabilities and to identify the security checks to be performed at the elementary activity level. A demonstration of the practical usefulness of the FSM modeling approach was the discovery of a new heap overflow vulnerability now published in Bugtraq.",
keywords = "Data analysis, Finite state machine modeling, Security vulnerabilities",
author = "Shuo Chen and Zbigniew Kalbarczyk and Jun Xu and Iyer, {Ravishankar K.}",
year = "2003",
month = "12",
day = "1",
language = "English (US)",
pages = "605--614",
note = "2003 International Conference on Dependable Systems and Networks ; Conference date: 22-06-2003 Through 25-06-2003",

}

TY - CONF

T1 - A Data-Driven Finite State Machine Model for Analyzing Security Vulnerabilities

AU - Chen, Shuo

AU - Kalbarczyk, Zbigniew

AU - Xu, Jun

AU - Iyer, Ravishankar K.

PY - 2003/12/1

Y1 - 2003/12/1

N2 - This paper combines an analysis of data on security vulnerabilities (published in Bugtraq database) and a focused source-code examination to develop a finite state machine (FSM) model to depict and reason about security vulnerabilities. An in-depth analysis of the vulnerability reports and the corresponding source code of the applications leads to three observations: (i) exploits must pass through multiple elementary activities, (ii) multiple vulnerable operations on several objects are involved in exploiting a vulnerability, and (Hi) the vulnerability data and corresponding code inspections allow us to derive a predicate for each elementary activity. Each predicate is represented as a primitive FSM (pFSM). Multiple pFSMs are then combined to create an FSM model of vulnerable operations and possible exploits. The proposed FSM methodology is exemplified by analyzing several types of vulnerabilities reported in the data: stack buffer overflow, integer overflow, heap overflow, input validation vulnerabilities, and format string vulnerabilities. For the studied vulnerabilities, we identify three types of pFSMs, which can be used to analyze operations involved in exploiting vulnerabilities and to identify the security checks to be performed at the elementary activity level. A demonstration of the practical usefulness of the FSM modeling approach was the discovery of a new heap overflow vulnerability now published in Bugtraq.

AB - This paper combines an analysis of data on security vulnerabilities (published in Bugtraq database) and a focused source-code examination to develop a finite state machine (FSM) model to depict and reason about security vulnerabilities. An in-depth analysis of the vulnerability reports and the corresponding source code of the applications leads to three observations: (i) exploits must pass through multiple elementary activities, (ii) multiple vulnerable operations on several objects are involved in exploiting a vulnerability, and (Hi) the vulnerability data and corresponding code inspections allow us to derive a predicate for each elementary activity. Each predicate is represented as a primitive FSM (pFSM). Multiple pFSMs are then combined to create an FSM model of vulnerable operations and possible exploits. The proposed FSM methodology is exemplified by analyzing several types of vulnerabilities reported in the data: stack buffer overflow, integer overflow, heap overflow, input validation vulnerabilities, and format string vulnerabilities. For the studied vulnerabilities, we identify three types of pFSMs, which can be used to analyze operations involved in exploiting vulnerabilities and to identify the security checks to be performed at the elementary activity level. A demonstration of the practical usefulness of the FSM modeling approach was the discovery of a new heap overflow vulnerability now published in Bugtraq.

KW - Data analysis

KW - Finite state machine modeling

KW - Security vulnerabilities

UR - http://www.scopus.com/inward/record.url?scp=1542359967&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=1542359967&partnerID=8YFLogxK

M3 - Paper

AN - SCOPUS:1542359967

SP - 605

EP - 614

ER -