Security Relevancy Analysis on the Registry of Windows NT 4.0 (for Wenliang Du)
Wenliang Du & Mahesh Tripunitara - Purdue CERIAS
Nov 19, 1999Size: 220.6MB
Download: MP4 Video
Watch in your Browser
AbstractMany security breaches are caused by inappropriate inputs crafted by people with malicious intents. To enhance the system security, we need either to ensure that inappropriate inputs are filtered out by the program, or to ensure that only trusted people can access those inputs. In the second approach, we sure do not want to put such constraint on every input, instead, we only want to restrict the access to the security relevant inputs. The goal of this paper is to investigate how to identify which inputs are relevant to system's security.
We have formulated the problem as an security relevancy problem, and deploy static analysis technique to identify security relevant inputs. Our approach are based on dependency analysis technique, it identifies if the behavior of any security critical action depends on certain input. If such a dependency relationship exists, we say that the input is security relevant, otherwise, we say the input is security non-relevant.
We have applied this technique to a security analysis project initiated by Microsoft Windows NT security group. The project is intended to identify security relevant registry keys (a special kind of input) in Windows NT operating system. The results produced from this approach is proved to be useful to enhance Windows NT security. We will report our experience and results from this project in the paper.
Thwarting Denial of Service Attacks against Communication Protocols with Backward Compatible Changes: A Case Study(for Mahesh Tripunitara)
We will discuss a novel approach to building safeguards against denial of service attacks against communication protocols. Our approach involves changes to the relevant communication protocol subject to the following constraint: the protocol that results from the change must be backward compatible with the unchanged protocol. That is, an entity that employs the changed protocol must be able to communicate with an entity that employs the unchanged version.
We will look at a specific problem in this context. The problem involves a class of denial of service attacks against IP. The class is called ARP (Address Resolution Protocol) cache poisoning and involves an attacker introducing a spurious IP to Ethernet mapping in a victim's ARP cache. We will discuss the solution and some implementation aspects of it. Apart from being backward compatible, our solution has two favourable properties: it is implemented as middleware, and is asynchronous
About the SpeakerMahesh Tripunitara is a PhD student of computer science at Purdue, a member of CERIAS and an advisee of Prof. Gene Spafford. At dawn, he commutes 85 miles to campus, during the day, he dreams of graduation, and during the night he snoozes at his desk. He performed part of this work during a 9-month exile at AT&T Labs, 2500 miles away. Portions of this work will be presented at the upcoming Annual Computer Security Applications Conference (ACSAC'99).
Wenliang (Kevin) Du is a PhD student of computer science at Purdue, a member of CERIAS and an advisee of Prof. Gene Spafford. His most recent research involves security testing and security analysis of software, with the focus on COTS software. He got his Bachelor's degree from the University of Science and Technology of China. He got his first industry work experience from Microsoft, where part of this work was performed. Portions of this work will be presented at the upcoming Annual Computer Security Applications Conference (ACSAC'99).
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.