static analysis of security properties by abstract
play

Static Analysis of Security Properties by Abstract Interpretation - PowerPoint PPT Presentation

Sep 21, 2023 •539 likes •839 views

Static Analysis of Security Properties by Abstract Interpretation cole normale suprieure, quipe Abstraction Mehdi Bouaziz Friday, May 11 2012 Static Analysis of Security Properties by Abstract Interpretation Mehdi Bouaziz, cole normale

  1. Static Analysis of Security Properties by Abstract Interpretation École normale supérieure, équipe Abstraction Mehdi Bouaziz Friday, May 11 2012

  2. Static Analysis of Security Properties by Abstract Interpretation Mehdi Bouaziz, École normale supérieure 2/13 Static Analysis of Security Properties by Abstract Interpretation

  3. Static Analysis by Abstract Interpretation → course MPRI 2-6: − Abstract Interpretation: application to verification and static analysis Mehdi Bouaziz, École normale supérieure 2/13 Static Analysis of Security Properties by Abstract Interpretation

  4. Security Properties → ? − Mehdi Bouaziz, École normale supérieure 2/13 Static Analysis of Security Properties by Abstract Interpretation

  5. Security? Mehdi Bouaziz, École normale supérieure 3/13 Introduction to Security

  6. Security? Information Security? Mehdi Bouaziz, École normale supérieure 3/13 Introduction to Security

  7. Security? Phishing Access Control Deadlock Policy Accountability Earthquake Attack Encryption Possession Authenticity Fire Randomization Authorization Firewall Reference Monitor Availability Flooding Risk Runtime Check Buffer Overflow Format String Sandbox Bug Implicit Flow SQL Injection Classification Information-Flow Stack Inspection Confidentiality Input Validation Stack Overflow Control-Flow Integrity Symlink Race Covert Channels Isolation Tainting Cross-Site Scripting Language-Based Theft Cryptanalysis Least Privilege Threat Cryptography Malicious Code Type Safety Cryptology Memory Safety Utility Dangling Pointer Non-Interference Vulnerability Data Race Non-Repudiation Wild Jump Declassification Obfuscation Mehdi Bouaziz, École normale supérieure 3/13 Introduction to Security

  8. Key Concepts Ipub Opub Ipriv Opriv Mehdi Bouaziz, École normale supérieure 4/13 Introduction to Security

  9. Key Concepts ◮ Confidentiality Opub Ipriv Mehdi Bouaziz, École normale supérieure 4/13 Introduction to Security

  10. Key Concepts ◮ Confidentiality ◮ Integrity Ipub Opriv Mehdi Bouaziz, École normale supérieure 4/13 Introduction to Security

  11. Key Concepts ◮ Confidentiality ◮ Integrity ◮ Disponibility Mehdi Bouaziz, École normale supérieure 4/13 Introduction to Security

  12. Key Concepts ◮ Confidentiality ◮ Integrity ◮ Disponibility ◮ Authenticity ◮ Accountability ◮ Possession ◮ Non-repudiation ◮ Utility Mehdi Bouaziz, École normale supérieure 4/13 Introduction to Security

  13. Security Policy A statement that partition the states of the system into a set of authorized (secure) states and a set of unauthorized (nonsecure) states. Mehdi Bouaziz, École normale supérieure 5/13 Introduction to Security

  14. Security Policy A statement that partition the states of the system into a set of authorized (secure) states and a set of unauthorized (nonsecure) states. Specify who can read/write what data, execute what command, under which condition. Mehdi Bouaziz, École normale supérieure 5/13 Introduction to Security

  15. Security Policy A statement that partition the states of the system into a set of authorized (secure) states and a set of unauthorized (nonsecure) states. Specify who can read/write what data, execute what command, under which condition. ◮ Natural language (law, documentation) ◮ Encoded text ( 755 root root /bin ) Mehdi Bouaziz, École normale supérieure 5/13 Introduction to Security

  16. Security Policy A statement that partition the states of the system into a set of authorized (secure) states and a set of unauthorized (nonsecure) states. Specify who can read/write what data, execute what command, under which condition. ◮ Natural language (law, documentation) ◮ Encoded text ( 755 root root /bin ) ◮ Code ( if (x.isPrivate()) exit(1); //avoid leak ) Mehdi Bouaziz, École normale supérieure 5/13 Introduction to Security

  17. Security Policy A statement that partition the states of the system into a set of authorized (secure) states and a set of unauthorized (nonsecure) states. Specify who can read/write what data, execute what command, under which condition. ◮ Natural language (law, documentation) ◮ Encoded text ( 755 root root /bin ) ◮ Code ( if (x.isPrivate()) exit(1); //avoid leak ) ◮ ∅ Mehdi Bouaziz, École normale supérieure 5/13 Introduction to Security

  18. Information Security Controls ◮ Access Control ◮ Information-Flow Control ◮ Control-Flow Integrity ◮ Encryption Mehdi Bouaziz, École normale supérieure 6/13 Introduction to Security

  19. Information Security Controls ◮ Access Control ◮ Information-Flow Control ◮ Control-Flow Integrity ◮ Encryption Mehdi Bouaziz, École normale supérieure 6/13 Introduction to Security

  20. Information Security Controls ◮ Access Control ◮ Information-Flow Control ◮ Control-Flow Integrity ◮ Encryption Mehdi Bouaziz, École normale supérieure 6/13 Introduction to Security

  21. Information Security Controls ◮ Access Control ◮ Information-Flow Control ◮ Control-Flow Integrity ◮ Encryption → courses − MPRI 1-13: Initiation to cryptology MPRI 2-12-1: Cryptanalysis MPRI 2-12-2: Arithmetic algorithms for cryptology MPRI 2-13-2: Error correcting codes and applications to cryptography MPRI 2-30: Cryptographic protocols: computational and symbolic proofs Mehdi Bouaziz, École normale supérieure 6/13 Introduction to Security

  22. Threats ◮ Physical: Earthquake, Fire, Flooding, Theft ◮ In the code: ◮ Memory Safety: ◮ Buffer Overruns ◮ Stack Overflow ◮ Dangling pointers ◮ Concurrency: ◮ Deadlocks ◮ Data races ◮ Symlink races ◮ Input Validation: ◮ SQL injection ◮ Cross-Site Scripting (XSS) ◮ Format String ◮ Control/Data-Flow: ◮ Type Safety ◮ Wild Jumps ◮ Self Modifying Code Mehdi Bouaziz, École normale supérieure 7/13 Introduction to Security

  23. Language-Based Mechanisms ◮ Runtime Checks: Reference Monitor (OS, Interpreter, Firewall), Inlined Reference Monitor ◮ Programming Languages: Type-Safe Languages, Typed Assembly Language (TAL) ◮ Executing Model: Isolation, Sandboxing, Stack Inspection ◮ Static Analysis: Information-Flow Typing, Abstract Interpretation ◮ Exotic: Obfuscation, Randomization Mehdi Bouaziz, École normale supérieure 8/13 Introduction to Security

  24. Security Policy (2) ◮ Authorization ◮ History-Based ◮ Control-Flow ◮ Information-Flow ◮ Classification (private/public) ◮ Declassification (when, where, by who and what private information can be considered public) Mehdi Bouaziz, École normale supérieure 9/13 Introduction to Security

  25. Information-Flow Security Non-Interference: No two executions are observably different if they differ solely by confidential inputs. Explicit Flows: from assignments Implicit Flows: from Indirect Flows and Covert Channels: ◮ Termination Channel ◮ Timing Channel ◮ Probabilistic Channel ◮ Resource Exhaustion Channel ◮ Power Channel Mehdi Bouaziz, École normale supérieure 10/13 Introduction to Security

  26. Information-Flow Security Type System h / ∈ V ars ( exp ) ⊢ exp : high ⊢ exp : low ⊢ exp : low [ pc ] ⊢ skip [ pc ] ⊢ h := exp [ low ] ⊢ l := exp [ pc ] ⊢ C 1 [ pc ] ⊢ C 2 ⊢ exp : pc [ pc ] ⊢ C [ pc ] ⊢ C 1 ; C 2 [ pc ] ⊢ while exp do C ⊢ exp : pc [ pc ] ⊢ C 1 [ pc ] ⊢ C 2 [ high ] ⊢ C [ pc ] ⊢ if exp then C 1 else C 2 [ low ] ⊢ C Mehdi Bouaziz, École normale supérieure 11/13 Introduction to Security

  27. Issues Non-interference is too restrictive. Most real-world programs need exceptions to non-interference: declassification. Examples? Mehdi Bouaziz, École normale supérieure 12/13 Introduction to Security

  28. Issues Non-interference is too restrictive. Most real-world programs need exceptions to non-interference: declassification. Examples? Other issues: ◮ Expressiveness: first-class functions, exceptions, objects ◮ Concurrency: threads, nondeterminism, distribution ◮ Covert channels: termination, timing, probability ◮ Security policies: declassification, quantitative security, dynamic policies ◮ Certification: proven compilers, proof-carrying codes Mehdi Bouaziz, École normale supérieure 12/13 Introduction to Security

  29. Thank you for listening Questions are welcome Mehdi Bouaziz, École normale supérieure 13/13 Introduction to Security

Recommend

Static Analysis by Abstract Interpretation of Functional Properties of Device Drivers in TinyOS

Static Analysis by Abstract Interpretation of Functional Properties of Device Drivers in TinyOS

Static Analysis by Abstract Interpretation of Functional Properties of Device Drivers in TinyOS Abdelraouf Ouadjaout, Antoine Min, Noureddine Lasla, Nadjib Badache ENS & UPMC, Paris CERIST & USTHB, Algiers Workshop on Static

1.08k views • 42 slides
Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview

Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview

Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview TDDC90: Software Security Syntactic Analysis Ahmed Rezine Abstract Interpretation IDA, Linkpings Universitet Hsttermin 2014 Static Program

75 views • 7 slides
Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation TDDC90: Software

Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation TDDC90: Software

Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation TDDC90: Software Security Ahmed Rezine IDA, Linkpings Universitet Hsttermin 2019 Outline Overview Syntactic Analysis Abstract Interpretation Outline Overview

323 views • 28 slides
Abstract a unified lattice model for static analysis of programs by construction or approximation

Abstract a unified lattice model for static analysis of programs by construction or approximation

Abstract a unified lattice model for static analysis of programs by construction or approximation of fixpoints Interpretation Patrick Cousot and Radhia Cousot, 1977 Motivation (for static analysis) Say youve written code that you really

619 views • 25 slides
Abstract Interpretation with Applications to Semantics and Static Analysis 1. The

Abstract Interpretation with Applications to Semantics and Static Analysis 1. The

Abstract Interpretation with Applications to Semantics and Static Analysis 1. The Problem: The Design of Safe and Secure Computer- Patrick Cousot cole normale suprieure Based Systems 45 rue dUlm, 75230 Paris cedex 05, France

288 views • 27 slides
Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer,

Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer,

Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer, Jan Reineke Advanced Lecture, Winter 2014/15 Abstract Interpretation Semantics-based approach to program analysis Framework to develop

487 views • 33 slides
Static analysis by abstract interpretation of run-time errors in synchronous and multithreaded

Static analysis by abstract interpretation of run-time errors in synchronous and multithreaded

Static analysis by abstract interpretation of run-time errors in synchronous and multithreaded embedded critical C programs Antoine Min e CNRS & Ecole normale sup erieure Paris, France MOVEP CIRM, Marseille 4 December 2012

1.26k views • 90 slides
Semantic Analysis Chapter 5 Semantic Analysis Determine static properties of programs

Semantic Analysis Chapter 5 Semantic Analysis Determine static properties of programs

Semantic Analysis Chapter 5 Semantic Analysis Determine static properties of programs association between definitions and applied occurrences of variables and other names scope and visibility of names, escaping names types

661 views • 20 slides
Program analysis for security Two main classes Static: Operates on source or binary at

Program analysis for security Two main classes Static: Operates on source or binary at

Program analysis for security Two main classes Static: Operates on source or binary at rest Dynamic: Operates at runtime Also hybrids of the two Static: Examples Code review Grep Taint analysis Symbolic

726 views • 49 slides
Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting insights at compile time Full branch coverage Terminates Doesnt rely on a test suite Types are static analysis. Lets talk about

784 views • 39 slides
What is static analysis by abstract interpretation? Example of static analysis (input)

What is static analysis by abstract interpretation? Example of static analysis (input)

What is static analysis by abstract interpretation? Example of static analysis (input) {n0>=0} n := n0; {n0=n,n0>=0} i := n; {n0=i,n0=n,n0>=0} while (i <> 0 ) do {n0=n,i>=1,n0>=i} j := 0; {n0=n,j=0,i>=1,n0>=i}

1.82k views • 163 slides
Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer,

Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer,

Static Program Analysis Foundations of Abstract Interpretation Sebastian Hack, Christian Hammer, Jan Reineke Advanced Lecture, Winter 2014/15 Overview: Numerical Abstractions fi from above Refinemen y f : : : ; h 19; 77i ; : : : ; h 20;

586 views • 40 slides
Abstract interpretation based Analysis [FPCA 95], Predicate Abstraction [Mannas festschrift

Abstract interpretation based Analysis [FPCA 95], Predicate Abstraction [Mannas festschrift

Abstract interpretation The Verification Grand Challenge - Abstract interpretation is a mathematical theory of - - and Abstract Interpretation sound approximation of properties of formal sys- tems (including program specifications, semantics,

422 views • 10 slides
Static Analysis Gang Tan Penn State University Spring 2019 CMPSC 447, Software Security * Some

Static Analysis Gang Tan Penn State University Spring 2019 CMPSC 447, Software Security * Some

Static Analysis Gang Tan Penn State University Spring 2019 CMPSC 447, Software Security * Some slides adapted from those by Trent Jaeger Prevention: Program Analysis Any automated analysis at compile or dynamic time to find potential bugs

798 views • 61 slides
Numerical Invariants via Abstract Machines Compositional Recurrence Analysis (CRA) Azadeh Farzan,

Numerical Invariants via Abstract Machines Compositional Recurrence Analysis (CRA) Azadeh Farzan,

Princeton University Zachary Kincaid Static Analysis Symposium August 31, 2018 Numerical Invariants via Abstract Machines Compositional Recurrence Analysis (CRA) Azadeh Farzan, Thomas Reps. Todays agenda: A recipe for building abstract

1.16k views • 78 slides
CO444H Pointer analysis Ben Livshits 1 Approaches to Finding Reliability and Security Bugs

CO444H Pointer analysis Ben Livshits 1 Approaches to Finding Reliability and Security Bugs

Datalog CO444H Pointer analysis Ben Livshits 1 Approaches to Finding Reliability and Security Bugs Static Analysis Tools Black-box Testing/Fuzzing 2 Coverity: a Static Analysis Company 3 Bug Report From Coverity Actual bug Path

701 views • 59 slides
Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code

Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code

Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code Analyzer for Security Static Code Analyzer for Security (HP Fortify SCA) C/C++ Java Vulnerabilities LLVM Language independent Services C/C++ Swift

325 views • 31 slides
Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ?

Static Analysis for Secure Development Introduction Static analysis : What , and why ? Basic analysis ! Example : Flow analysis ! Increasing precision ! Context -, flow -, and path sensitivity Scaling it up !

527 views • 27 slides
1 Analysis Information Where Do Facts Hold? How much information depends on the client

1 Analysis Information Where Do Facts Hold? How much information depends on the client

711? CS711 Advanced Programming Languages Topics in Program Analysis Radu Rugina Fall 2005 CS711 Overview 2 Program Analysis Static vs. Dynamic Static analysis: inspect programs at compile-time Static analysis: Work done at

282 views • 4 slides
Automated capability analysis in Wordpress plugins Using static and dynamic analysis SNE RP2

Automated capability analysis in Wordpress plugins Using static and dynamic analysis SNE RP2

Automated capability analysis in Wordpress plugins Using static and dynamic analysis SNE RP2 Frank Uijtewaal Collab: DongIT (dongit.nl) Initial project goal Find a new and interesting type of security analysis for web applications

480 views • 35 slides
Static Analysis Basics II Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab

Static Analysis Basics II Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Static Analysis Basics II Trent Jaeger Systems and Internet

742 views • 48 slides
Static Program Analysis Xiangyu Zhang The slides are compiled from Alex Aikens Michael D.

Static Program Analysis Xiangyu Zhang The slides are compiled from Alex Aikens Michael D.

Static Program Analysis Xiangyu Zhang The slides are compiled from Alex Aikens Michael D. Ernsts Sorin Lerners A Scary Outline Type-based analysis Data-flow analysis Abstract interpretation Theorem proving

1.11k views • 97 slides
Toward General Diagnosis of Static Errors Danfeng Zhang and Andrew C. Myers Cornell University

Toward General Diagnosis of Static Errors Danfeng Zhang and Andrew C. Myers Cornell University

Toward General Diagnosis of Static Errors Danfeng Zhang and Andrew C. Myers Cornell University POPL 2014 Static Program Analysis Many flavors Type system Dataflow analysis Information-flow analysis Useful properties Type

429 views • 28 slides
A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical

A Brief Introduction to Static Analysis Sam Blackshear March 13, 2012 Outline A theoretical problem and how to ignore it An example static analysis What is static analysis used for? Commercial successes Free static analysis tools you should

490 views • 37 slides

More recommend