Jayaram KR Graduate Student - Computer Science Purdue University

Slides:



Advertisements
Similar presentations
Performance Testing - Kanwalpreet Singh.
Advertisements

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
1 On the Limitations of Finite State Models as Sources of Tests for Access Control and Authentication Aditya Mathur Professor of Computer Science Purdue.
Software Testing and Reliability Testing Real-Time Systems Aditya P. Mathur Purdue University May 19-23, Corporation Minneapolis/St Paul,
Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood, K. Jayaram School of Electrical and Computer Engineering.
Chapter 13 & 14 Software Testing Strategies and Techniques
Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department
© 2012 IBM Corporation Rational Insight | Back to Basis Series Chao Zhang Unit Testing.
CS 501: Software Engineering Fall 1999 Lecture 16 Verification and Validation.
CMSC 345 Fall 2000 Unit Testing. The testing process.
Software Engineering Research paper presentation Ali Ahmad Formal Approaches to Software Testing Hierarchal GUI Test Case Generation Using Automated Planning.
Testing Testing Techniques to Design Tests. Testing:Example Problem: Find a mode and its frequency given an ordered list (array) of with one or more integer.
CS ST0 Software Testing Spring 2011 Review Last updated: April 26, 2011 Aditya P. Mathur Purdue University.
White Box-based Coverage Testing (© 2012 Professor W. Eric Wong, The University of Texas at Dallas) 111 W. Eric Wong Department of Computer Science The.
SSL(HandShake) Protocol By J.STEPHY GRAFF IIM.SC(C.S)
Dynamic Testing.
Software Testing Sudipto Ghosh CS 406 Fall 99 November 23, 1999.
Testing, Monitoring, and Controlling CORBA-based Applications Sudipto Ghosh Priya Govindarajan Aditya P. Mathur Baskar Sridharan Software Engineering Research.
Dynamic White-Box Testing What is code coverage? What are the different types of code coverage? How to derive test cases from control flows?
Software Testing. SE, Testing, Hans van Vliet, © Nasty question  Suppose you are being asked to lead the team to test the software that controls.
CS223: Software Engineering Lecture 26: Software Testing.
1 Testing Implementations Of Access Control Systems (New Proposal) Ammar Masood: Graduate Student Arif Ghafoor (ECE) and Aditya Mathur (CS) Purdue University,
Foundations of Software Testing Slides based on: Draft V1.0 August 17, 2005 Test Adequacy Measurement and Enhancement Using Mutation Last update: October.
1 Testing Implementations of Access Control and Authentication Graduate Students: Ammar Masood K. Jayaram School of Electrical and Computer Engineering.
Tool Support for Testing
TQS - Teste e Qualidade de Software (Software Testing and Quality) Software Testing Concepts João Pascoal Faria
INFORMATION SYSTEMS SECURITY AND CONTROL.
Software Configuration Management
CMSC 345 Defensive Programming Practices from Software Engineering 6th Edition by Ian Sommerville.
Intrusion Tolerant Architectures
Manuel Brugnoli, Elisa Heymann UAB
PREPARED BY G.VIJAYA KUMAR ASST.PROFESSOR
Software Architecture
Software Testing.
Generating Automated Tests from Behavior Models
Chap 20. Vulnerability Analysis
Software Testing.
Testing and Debugging PPT By :Dr. R. Mall.
Software Engineering (CSI 321)
Input Space Partition Testing CS 4501 / 6501 Software Testing
Outline What does the OS protect? Authentication for operating systems
Graph Coverage for Specifications CS 4501 / 6501 Software Testing
Chapter 13 & 14 Software Testing Strategies and Techniques
Outline What does the OS protect? Authentication for operating systems
Types of Testing Visit to more Learning Resources.
Introduction to Software Testing Chapter 5.1 Syntax-based Testing
Testing Internet Services
UNIT-4 BLACKBOX AND WHITEBOX TESTING
High Coverage Detection of Input-Related Security Faults
It is great that we automate our tests, but why are they so bad?
Ch 15 –part 3 -design evaluation
Security in Java Real or Decaf? cs205: engineering software
Verification and Validation Unit Testing
Testing and Management of Distributed Systems
Graph Coverage for Specifications CS 4501 / 6501 Software Testing
Test Case Test case Describes an input Description and an expected output Description. Test case ID Section 1: Before execution Section 2: After execution.
System Testing.
Operating Systems : Overview
CSE403 Software Engineering Autumn 2000 More Testing
Windows API: Network Policy Server Extensions
Introduction to Software Testing Chapter 5.1 Syntax-based Testing
Chinese wall model in the internet Environment
Operating Systems : Overview
Design Yaodong Bi.
CSE 1020:Software Development
Cryptography and Network Security
UNIT-4 BLACKBOX AND WHITEBOX TESTING
Software Testing.
Software Architecture
Chapter 13 & 14 Software Testing Strategies and Techniques 1 Software Engineering: A Practitioner’s Approach, 6th edition by Roger S. Pressman.
Presentation transcript:

Identifying and Testing for Insecure Paths in Authentication protocols : A Model-based Approach Jayaram KR Graduate Student - Computer Science Purdue University jayaram@purdue.edu Aditya P Mathur Professor of Computer Science Purdue University apm@purdue.edu SERC Showcase – Fall 2006 Ball State University, Muncie IN November 15-16, 2006

Research Objective To evaluate the effectiveness of statechart-based test generation techniques in Identifying insecure paths in cryptographic protocol implementations Identify stress points in the protocol which may lead to security vulnerabilities 1/12/2019

Importance Increased use of cryptographic protocols in critical systems and their increased complexity. Software errors are becoming common in protocol implementations leading to serious security flaws. [http://web.mit.edu/Kerberos/advisories/] Verification only ensures correctness of design. Need to understand the effectiveness of model-based testing approaches in security testing. 1/12/2019

Our Approach - Modeling Formalism – Statecharts [A component of UML.] Concurrency – protocols involve multiple concurrent principals. Each principal may have multiple concurrent threads of computation Need to model arbitrary computations at varying levels of abstraction – encryption, certificate validation, etc. Memory – this is critical. The use of variables is unavoidable. Principals remember keys, nonces (a value used only once), etc. Extended FSMs supporting all the above are no different from statecharts! 1/12/2019

Example – TLS Client Handshake [RFC 2246] 1/12/2019

Test Generation [1] Enhanced Wp method [Chow78] Wp method results in state-space explosion in concurrent states (due to product construction) We reduce the number of tests generated by eliminating infeasible paths Consider an example ……. 1/12/2019

Example: Concurrent State CLIENT SERVER Example: Concurrent State Request_cert(s) Request_cert(s) C1 Servcert = getcert() S1 Recv(s,cert)[Isvalid(cert)] send(client,servcert) Pubkey = getkey(cert) C2 clirandom = rand() Mess = encrypt(pubkey,clirandom) S2 recv(client,M) [M==encrypt(pubkey,clirandom)] send(serv,mess) C3 recv(serv,M) [M==encrypt(pubkey, servrandom)] S3 Servrandom = rand() Sesskey = f(clirandom,servrandom) Msg = encrypt(privkey,servrandom) A sample client -server. Client requests server’s certificate, checks whether the received certificate is valid, generates random number and sends it to server. Both client and server compute session key as a function of (clirandom, serverrandom) Sesskey = f(clirandom, servrandom) C4 send(serv,Msg) 1/12/2019

C1;S1 C2;S1 C1;S2 C2;S2 C3;S2 C2;S2 C2;S3 C4;S2 C3;S3 C3;S2 C3;S3 C3;F RED = INFEASIBLE C4;S3 C4,F 1/12/2019

Test Generation [2] Since authentication involves a significant amount of communication, there usually are many infeasible paths that can be eliminated. Use the statechart as a tool to identify malicious inputs and stress points Instantiate test traces using Boundary Value Analysis (with malicious inputs as well) Prune away those traces where variables are not under the control of tester – Try to cover those paths through BVA 1/12/2019

Test Generation [3] For TLS: Client: 13 states (handshake) * 4 states (Transmit) Server: 15 states (Handshake) * 4 states (Transmit) Total: 3120 states in product automaton, at least 1600 paths Most infeasible (because of communication)! After elimination: 32 states, 41 paths, 58 test cases Client Handshake Part 13 states, Transmit Part 4 states; Server Handshake Part 15 states, Transmit Part 4 states. So totally 13*4*15*4 = 3120 states. Most states are infeasible because the way we model, we model all local computation (on client/server) inside a state and all communication as transitions. After elimination 13 + 15 + 4 = 32 states. # of paths is greater than # of states because of error conditions (all of which lead to the final state but inturn create many paths). Test case is obtained by instantiating paths with BVA. 1/12/2019

Test Application [Example] GnuTLS Certificate Authority xinu3.cs.purdue.edu GnuTLS client xinu5.cs.purdue.edu GnuTLS server xinu10.cs.purdue.edu xinu5 & xinu10 share a common file system enabling us to easily collect coverage data Code is instrumented to collect coverage metrics using Bullseye during compilation In this case, client and server obtain certificates from a common certificate authority (CA) 1/12/2019

Sample Condition/Decision coverage We use the GNU Implementation of TLS v 1.4.1(www.gnutls.org) Three sample components Gnutls_handshake - 64% Gnutls_transmit - 73% Gnutls_algorithms - 73% Examples of uncovered code: Error checks for dynamic memory allocation Ptr = malloc(sizeof(cert)); If(ptr == NULL) { gnutls_assert(); Return GNUTLS_MEMORY_ERROR; } AN ERROR IN HANDLING NULL POINTERS MAY LEAD TO DENIAL OF SERVICE - SO TEST ENHANCEMENT BASED ON COVERAGE APPEARS ESSENTIAL 1/12/2019

Examples…contd An error here may lead to compromised sessions being stored on the server and later resumed Ret = _gnutls_handshake_hash_add_recvd(); If(ret <0){ Gnutls_assert(); _gnutls_handshake_header_buffer_clear(session); Return ret; } Tests do not cover low level decisions not explicitly modeled in the statechart Examples are contracts between functions. Function A may call Function B which is expected to return a value or -1(SYSERR). Function A may check for the return of SYSERR. But since this check isn’t modeled in the statechart, it is not guaranteed to be covered Such conditions will be covered if the SYSERR corresponds to an error condition modeled in the statechart. 1/12/2019

Research Plan – Short term Adequacy Assessment Measure adequacy of tests generated using existing metrics based on control flow and data flow Analyze whether uncovered code can lead to security vulnerabilities Adequacy Assessment using Mutation Use existing mutation techniques to assess adequacy Research on techniques to generate “security” mutants. At a high level, security mutants are mutants which nullify specific security requirements or introduce program vulnerabilities like buffer overflows, etc. 1/12/2019

Related Work Kirill Bogdanov, Automated Testing of Harel’s Statecharts, PhD thesis, University of Sheffield, Jan 2000 Simon Burton, Automatic Generation of High Integrity Test Suites from Graphical Specifications, PhD thesis, University of York, March 2002 Jayaram K R and Aditya P. Mathur, Software Engineering for Secure Software – State of the Art: A survey; SERC Tech Report SERC-TR-279; Oct 1, 2005 1/12/2019

Related Work Márcio Eduardo Delamaro, José Carlos Maldonado, Alberto Pasquini, Aditya P. Mathur: Interface Mutation Test Adequacy Criterion: An Empirical Evaluation. Empirical Software Engineering 6(2): 111-142 (2001) Aditya P. Mathur, W. Eric Wong: An Empirical Comparison of Data Flow and Mutation-Based Test Adequacy Criteria. Softw. Test., Verif. Reliab. 4(1): 9-31 (1994) 1/12/2019

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.