Juliet Test Suite Overview

Slides:

Advertisements

Similar presentations

CSE 105 Structured Programming Language (C)

Advertisements

Software Assurance Metrics and Tool Evaluation (SAMATE) Michael Kass National Institute of Standards and Technology

CSCI 6962: Server-side Design and Programming Input Validation and Error Handling.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

 2005 Pearson Education, Inc. All rights reserved Introduction.

Data Types in Java Data is the information that a program has to work with. Data is of different types. The type of a piece of data tells Java what can.

Improving Static Analysis Results Accuracy Chris Wysopal CTO & Co-founder, Veracode SATE Summit October 1, 2010.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Chapter 9_3 Following Instructions: Principles of Computer Operation.

Topic R3 – Review for the Final Exam. CISC 105 – Review for the Final Exam Exam Date & Time and Exam Format The final exam is 120-minutes, closed- book,

A452 – Programming project – Mark Scheme

Evaluating Static Analysis Tools Dr. Paul E. Black

Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.

TGDC Meeting, December 2011 Michael Kass National Institute of Standards and Technology Update on SAMATE Automated Source Code Conformance.

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

Operator Precedence First the contents of all parentheses are evaluated beginning with the innermost set of parenthesis. Second all multiplications, divisions,

Security of Open Source Web Applications Maureen Doyle, James Walden Northern Kentucky University Students: Grant Welch, Michael Whelan Acknowledgements:

Introduction to Java CSIS 3701: Advanced Object Oriented Programming.

By Noorez Kassam Welcome to JNI. Why use JNI ? 1. You already have significantly large and tricky code written in another language and you would rather.

COP3530 Data Structures600 Stack Stack is one the most useful ADTs. Like list, it is a collection of data items. Supports “LIFO” (Last In First Out) discipline.

OWASP Top Ten #1 Unvalidated Input. Agenda What is the OWASP Top 10? Where can I find it? What is Unvalidated Input? What environments are effected? How.

SEC835 Runtime integrity and resource control. Application based Denial of Service Application can crash for many reasons and at any time due to programming.

Variables and Functions. Open your Encoder program Let’s begin by opening the “Labyrinth Auto Straight” code. Save this file as Labyrinth with variables.

Property of Jack Wilson, Cerritos College1 CIS Computer Programming Logic Programming Concepts Overview prepared by Jack Wilson Cerritos College.

 Pearson Education, Inc. All rights reserved Introduction to Java Applications.

© 2006 Pearson Education 1 More Operators  To round out our knowledge of Java operators, let's examine a few more  In particular, we will examine the.

CPS4200 Unix Systems Programming Chapter 2. Programs, Processes and Threads A program is a prepared sequence of instructions to accomplish a defined task.

Buffer Overflow Proofing of Code Binaries By Ramya Reguramalingam Graduate Student, Computer Science Advisor: Dr. Gopal Gupta.

Buffer Overflow Attack Proofing of Code Binary Gopal Gupta, Parag Doshi, R. Reghuramalingam, Doug Harris The University of Texas at Dallas.

1 Splint: A Static Memory Leakage tool Presented By: Krishna Balasubramanian.

Sections © Copyright by Pearson Education, Inc. All Rights Reserved.

Chapter 9 1 Chapter 9 – Part 2 l Overview of Streams and File I/O l Text File I/O l Binary File I/O l File Objects and File Names Streams and File I/O.

NIST SAMATE Project and OMG Michael Kass NIST Information Technology Laboratory March 11, 2008.

How to execute Program structure Variables name, keywords, binding, scope, lifetime Data types – type system – primitives, strings, arrays, hashes – pointers/references.

FILES. open() The open() function takes a filename and path as input and returns a file object. file object = open(file_name [, access_mode][, buffering])

Information Security - 2. A Stack Frame. Pushed to stack on function CALL The return address is copied to the CPU Instruction Pointer when the function.

Security Attacks Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 11, 2011.

Lecturer: Nguyen Thi Hien Software Engineering Department Home page: hienngong.wordpress.com Chapter 2: Language C++

MORE POINTERS Plus: Memory Allocation Heap versus Stack.

Announcements You will receive your scores back for Assignment 2 this week. You will have an opportunity to correct your code and resubmit it for partial.

1988 Morris Worm … estimated 10% penetration 2001 Code Red … 300,00 computers breached 2003 Slammer/Sapphire … 75,00 infections in 10 min Zotob …

Beyond Stack Smashing: Recent Advances In Exploiting Buffer Overruns Jonathan Pincus and Brandon Baker Microsoft Researchers IEEE Security and.

Announcements Assignment 2 Out Today Quiz today - so I need to shut up at 4:25 1.

C Programming Day 2. 2 Copyright © 2005, Infosys Technologies Ltd ER/CORP/CRS/LA07/003 Version No. 1.0 Union –mechanism to create user defined data types.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2014.

FILES AND EXCEPTIONS Topics Introduction to File Input and Output Using Loops to Process Files Processing Records Exceptions.

 It is a pure oops language and a high level language.  It was developed at sun microsystems by James Gosling.

Content Coverity Static Analysis Use cases of Coverity Examples

Shellcode COSC 480 Presentation Alison Buben.

Arrays: Checkboxes and Textareas

Introduction to Information Security

Intro to PHP & Variables

Control Structures (Structured Programming) for controlling the procedural aspects of programming CS1110 – Kaminski.

CS 465 Buffer Overflow Slides by Kent Seamons and Tim van der Horst

Topics Introduction to File Input and Output

File I/O in C Lecture 7 Narrator: Lecture 7: File I/O in C.

Patterns to KNOW.

Java External Libraries & Case Study

File Input and Output.

Mid Term II Review.

Introduction to Static Analyzer

Buffer Overflows.

The Java switch Statement

Control Structures (Structured Programming) for controlling the procedural aspects of programming CS1110 – Kaminski.

Topics Introduction to File Input and Output

Exploitation Part 1.

Presentation transcript:

Juliet Test Suite Overview Tim Boland NIST March 29, 2012

Basic Facts Juliet Test Suite contains 59493 test cases in the C/C++ and Java programming languages Each test case is small Most test cases in the test suite are synthetic (created for use) Each test case focuses on one type of flaw, but other incidental flaws may be present

Basic Facts (continued) In addition to the method(s)/function(s) containing the flaw of focus, each test case provides one or more non-flawed method(s)/function(s) that perform a similar task Test case is composed of one or more source code files, as well as auxiliary files providing test case support Test cases were developed/tested on the Windows platform but most work on other platforms

Other Aspects The test cases are based on the Common Weakness Enumeration (CWE) The C/C++ test cases contain examples for 116 different CWEs The Java test cases contain examples for 106 different CWEs Test cases are compilable/analyzable as a whole, by individual CWEs, or by individual test case

Other Aspects (continued) Test case naming format (from left to right): CWE ID, functional variant name, data/control flow indicator, programming language indicator If the test case is a Java servlet, the string “servlet” appears in the functional variant name Weakness classes (13 total) covered include: buffer handling, code quality, injection, information leaks, and pointer/reference handling “Complexities” covered include: loop structure, local control flow, data passing involving functions/methods/classes, data type, container

Test Case Example 1 (summarized) File name: CWE121_Stack_Based_Buffer_Overflow__char_type_overrun_memcpy_01.c Initial stuff.. bad() // bad code – memory overwrite of pointer good() //good code – no memory overwrite of pointer main() //used for building testcase on its own or for building binary

Test Case Example 2 (summarized) File name: CWE78_OS_Command_Injection__char_Environment_execl_01.c initial stuff.. bad() //bad code – non-empty environment variable used as input without validation good() //good code – benign input used main() //used for building testcase on its own or for building binary

Test Case Example 3 (summarized) File name: CWE114_Process_Control__basic_01.java initial stuff.. public class.. bad() //bad code – attempt to load library without full path good() //good code – specify a full path when loading library main() //used for building testcase on its own or for building binary

Final Items Possible use case: identify true positive, false positive, false negative Origin for Name “Juliet” – since these test suites are the tenth major group of tests added to the NIST SAMATE Reference Dataset (SRD), and “J” is the tenth letter of the alphabet, “Juliet” is the International Phonetic Alphabet word for “J” Complete downloads of the full Juliet Test Suites are available from the top of page: http://samate.nist.gov/SRD/testsuite.php