A systematic approach to uncover security flaws in GUI logic

Shuo Chen, José Meseguer, Ralf Sasse, Helen J. Wang, Yi Min Wang

Research output: Chapter in Book/Report/Conference proceedingConference contribution


To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the human-computer interface is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic bugs in GUI design/implementation. Visual spoofing attacks that exploit these flaws can lure even security-conscious users to perform unintended actions. The focus of this paper is to formulate the problem of GUI logic flaws and to develop a methodology for uncovering them in software implementations. Specifically, based on an in-depth study of key subsets of Internet Explorer (IE) browser source code, we have developed a formal model for the browser GUI logic and have applied formal reasoning to uncover new spoofing scenarios, including nine for status bar spoofing and four for address bar spoofing. The IE development team has confirmed all these scenarios and has fixed most of them in their latest build. Through this work, we demonstrate that a crucial subset of visual spoofing vulnerabilities originate from GUI logic flaws, which have a well-defined mathematical meaning allowing a systematic analysis.

Original languageEnglish (US)
Title of host publicationProceedings - S and P 2007
Subtitle of host publication2007 IEEE Symposium on Security and Privacy, SP'07
Number of pages15
StatePublished - 2007
EventS and P 2007: 2007 IEEE Symposium on Security and Privacy, SP'07 - Berkeley, CA, United States
Duration: May 20 2007May 23 2007

Publication series

NameProceedings - IEEE Symposium on Security and Privacy
ISSN (Print)1081-6011


OtherS and P 2007: 2007 IEEE Symposium on Security and Privacy, SP'07
CountryUnited States
CityBerkeley, CA


  • End-to-end security
  • Formal methods
  • GUI logic flaw
  • HTML
  • Visual spoofing

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint Dive into the research topics of 'A systematic approach to uncover security flaws in GUI logic'. Together they form a unique fingerprint.

Cite this