Evaluating the security threat of firewall data corruption caused by instruction transient errors

Shuo Chen; Jun Xu; Ravishankar K Iyer; Keith Whisnant

Evaluating the security threat of firewall data corruption caused by instruction transient errors

Shuo Chen, Jun Xu, Ravishankar K Iyer, Keith Whisnant

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations of two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a SAN model. The error injection experiments show that about 2% of errors injected into the firewall code segment cause security vulnerabilities. Two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error/day during a 1-year period in a networked system protected by 20 firewalls, 2 machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threats to a highly secure system.

Original language	English (US)
Title of host publication	Proceedings of the 2002 International Conference on Dependable Systems and Networks
Pages	495-504
Number of pages	10
State	Published - Dec 1 2002
Event	Proceedings of the 2002 International Conference on Dependable Systems and Networks DNS 2002 - Washington, DC, United States Duration: Jun 23 2002 → Jun 26 2002

Publication series

Name	Proceedings of the 2002 International Conference on Dependable Systems and Networks

Other

Other	Proceedings of the 2002 International Conference on Dependable Systems and Networks DNS 2002
Country/Territory	United States
City	Washington, DC
Period	6/23/02 → 6/26/02

ASJC Scopus subject areas

Engineering(all)

Cite this

Evaluating the security threat of firewall data corruption caused by instruction transient errors. / Chen, Shuo; Xu, Jun; Iyer, Ravishankar K; Whisnant, Keith.

Proceedings of the 2002 International Conference on Dependable Systems and Networks. 2002. p. 495-504 (Proceedings of the 2002 International Conference on Dependable Systems and Networks).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Chen, S, Xu, J, Iyer, RK & Whisnant, K 2002, Evaluating the security threat of firewall data corruption caused by instruction transient errors. in Proceedings of the 2002 International Conference on Dependable Systems and Networks. Proceedings of the 2002 International Conference on Dependable Systems and Networks, pp. 495-504, Proceedings of the 2002 International Conference on Dependable Systems and Networks DNS 2002, Washington, DC, United States, 6/23/02.

@inproceedings{f9b61c9bf67f4f01aba16cd388c8099f,

title = "Evaluating the security threat of firewall data corruption caused by instruction transient errors",

abstract = "This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations of two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a SAN model. The error injection experiments show that about 2% of errors injected into the firewall code segment cause security vulnerabilities. Two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error/day during a 1-year period in a networked system protected by 20 firewalls, 2 machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threats to a highly secure system.",

author = "Shuo Chen and Jun Xu and Iyer, {Ravishankar K} and Keith Whisnant",

year = "2002",

month = dec,

day = "1",

language = "English (US)",

isbn = "0769515975",

series = "Proceedings of the 2002 International Conference on Dependable Systems and Networks",

pages = "495--504",

booktitle = "Proceedings of the 2002 International Conference on Dependable Systems and Networks",

note = "Proceedings of the 2002 International Conference on Dependable Systems and Networks DNS 2002 ; Conference date: 23-06-2002 Through 26-06-2002",

}

TY - GEN

T1 - Evaluating the security threat of firewall data corruption caused by instruction transient errors

AU - Chen, Shuo

AU - Xu, Jun

AU - Iyer, Ravishankar K

AU - Whisnant, Keith

PY - 2002/12/1

Y1 - 2002/12/1

N2 - This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations of two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a SAN model. The error injection experiments show that about 2% of errors injected into the firewall code segment cause security vulnerabilities. Two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error/day during a 1-year period in a networked system protected by 20 firewalls, 2 machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threats to a highly secure system.

AB - This paper experimentally evaluates and models the error-caused security vulnerabilities and the resulting security violations of two Linux kernel firewalls: IPChains and Netfilter. There are two major aspects to this work: to conduct extensive error injection experiments on the Linux kernel and to quantify the possibility of error-caused security violations using a SAN model. The error injection experiments show that about 2% of errors injected into the firewall code segment cause security vulnerabilities. Two types of error-caused security vulnerabilities are distinguished: temporary, which disappear when the error disappears, and permanent, which persist even after the error is removed, as long as the system is not rebooted. Results from simulating the SAN model indicate that under an error rate of 0.1 error/day during a 1-year period in a networked system protected by 20 firewalls, 2 machines (on the average) will experience security violations. This indicates that error-caused security vulnerabilities can be a non-negligible source of a security threats to a highly secure system.

UR - http://www.scopus.com/inward/record.url?scp=0036931376&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=0036931376&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:0036931376

SN - 0769515975

T3 - Proceedings of the 2002 International Conference on Dependable Systems and Networks

SP - 495

EP - 504

BT - Proceedings of the 2002 International Conference on Dependable Systems and Networks

T2 - Proceedings of the 2002 International Conference on Dependable Systems and Networks DNS 2002

Y2 - 23 June 2002 through 26 June 2002

ER -

Evaluating the security threat of firewall data corruption caused by instruction transient errors

Abstract

Publication series

Other

ASJC Scopus subject areas

Other links

Fingerprint

Cite this