MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus,

Slides:

Advertisements

Similar presentations

A First Step Towards Characterizing Stealthy Botnets Justin Leonard, Shouhuai Xu, Ravi Sandhu University of Texas at San Antonio.

Advertisements

Software Fault Tolerance (SWFT) Threat Modeling

Operational Security Risk Metrics: Definitions, Calculations, Visualizations Metricon 2.0 Alain Mayer CTO RedSeal Systems

1 OS II: Dependability & Trust Threat Modeling & Security Metrics Dependable Embedded Systems & SW Group Prof. Neeraj.

This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.

DEEDS Meeting Jan., 16th 2007 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Attack.

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

P REDICTING ZERO - DAY SOFTWARE VULNERABILITIES THROUGH DATA MINING Su Zhang Department of Computing and Information Science Kansas State University 1.

Software Quality Metrics

Software Engineering II - Topic: Software Process Metrics and Project Metrics Instructor: Dr. Jerry Gao San Jose State University

Software metrics Selected key concepts. Introduction Motivation:  Management:  Appraisal  Assurance  Control  Improvement  Research:  Cause-effect.

Simple Source Auditing Tools Roy INSA. Outline FLAWFINDER RATS.

DIDS part II The Return of dIDS 2/12 CIS GrIDS Graph based intrusion detection system for large networks. Analyzes network activity on networks.

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

State coverage: an empirical analysis based on a user study Dries Vanoverberghe, Emma Eyckmans, and Frank Piessens.

1 An Empirical Analysis of Vendor Response to Vulnerability Disclosure Ashish Arora, Ramayya Krishnan, Rahul Telang, Yubao Yang Carnegie Mellon University.

DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.

OWASP Mobile Top 10 Why They Matter and What We Can Do

P REDICTING ZERO - DAY SOFTWARE VULNERABILITIES THROUGH DATA - MINING --T HIRD P RESENTATION Su Zhang 1.

1 Security Risk Analysis of Computer Networks: Techniques and Challenges Anoop Singhal Computer Security Division National Institute of Standards and Technology.

This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Measuring Relative Attack Surfaces Jeannette Wing School of Computer Science Carnegie Mellon University Joint with Mike Howard and Jon Pincus, Microsoft.

Software Assurance Session 15 INFM 603. Bug hunting vs. vulnerability spotting Bugs are your code not behaving as you designed it. Many can be found by.

Preventing SQL Injection Attacks in Stored Procedures Alex Hertz Chris Daiello CAP6135Dr. Cliff Zou University of Central Florida March 19, 2009.

Software Engineering Software Process and Project Metrics.

Software Metrics  The measurement of a particular characteristic of a software program's performance or efficiency. (

COP 4620 / 5625 Programming Language Translation / Compiler Writing Fall 2003 Lecture 10, 10/30/2003 Prof. Roy Levow.

CS480 Computer Science Seminar Introduction to Microsoft Solutions Framework (MSF)

Presents computation Grid Harness the power of Windows, Unix, Linux and Mac OS/X machines.

Terry Alexander Exec Director, Office of Campus Sustainability.

Software Quality Metrics

Copyright © 1994 Carnegie Mellon University Disciplined Software Engineering - Lecture 3 1 Software Size Estimation I Material adapted from: Disciplined.

Author: Monirul Sharif, Wenke Lee, Weidong Cui, Andrea Lanzi Reportor: Chun-Chih Wu Advisor: Hsing-Kuo Pao Select: CCS09’

Measuring Relative Attack Surfaces Michael Howard, Jon Pincus & Jeannette Wing Presented by Bert Bruce.

Disciplined Software Engineering Lecture #3 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department.

Security measures across the software development process Dr. Holger Peine Slide 1 Security vulnerabilities are clearly.

Affected Products –Java SE JDK and JRE 6 update 23 and earlier JDK 5.0 Update 27 and earlier SDK 1.4.2_29 and earlier –JRockit R and earlier (JDK/JRE.

Introduction to Computer Operating Systems

Measuring a System’s Attack Surface Yin Shi. Overview Introduction State Machine Model Definitions and Examples Attack Surface Measurement Method Linux.

This material is approved for public release. Distribution is limited by the Software Engineering Institute to attendees. Sponsored by the U.S. Department.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

Hussein Alhashimi. “If you can’t measure it, you can’t manage it” Tom DeMarco,

Software Measurement Measuring software indicators: metrics and methods Jalote-2002,

Lucent Technologies - Proprietary 1 Interactive Pattern Discovery with Mirage Mirage uses exploratory visualization, intuitive graphical operations to.

Agenda Using FTP What is FTP? How to Use the FTP Program How to transfer files Using FTP.

Carnegie Mellon Computing Services 2/15/2001 v1.2DRAFT1 Systems Development Joseph Jackson Walter Wong.

Writing Security Alerts tbird Last modified 2/25/2016 8:55 PM.

Framework Chapter 1 Panko, Corporate Computer and Network Security Copyright 2002 Prentice-Hall.

Using system security metrics to enhance resiliency Dr. Sara Bitan ENGINEERING RESILIENT & ROBUST SYSTEMS 24-Jan-2011 Bitan: Using system security metrics.

Profile, HAT, Wireless Toolkit’s Profile Sookmyung Women’s Univ. PSLAB Choi yoonjeong.

CPSC 875 John D. McGregor C15 – Variation in architecture.

Tool Support for Testing Classify different types of test tools according to their purpose Explain the benefits of using test tools.

1  Carnegie Mellon University Overview of the CERT/CC and the Survivable Systems Initiative Andrew P. Moore CERT Coordination Center.

보안 취약점 비교 Linux vs. Windows

An Attack Surface Metric

Setting-Up and Securing a Server

HARDENING CLIENT COMPUTERS

James Walden Northern Kentucky University

Secure Software Development: Theory and Practice

Game Theoretic Approaches to Attack Surface Shifting and Reduction

The Basic of Measurement

Cybersecurity Research Challenges

Chapter 27 Security Engineering

Graph-based Security and Privacy Analytics via Collective Classification with Joint Weight Learning and Propagation Binghui Wang, Jinyuan Jia, and Neil.

An Attack Surface Metric

Exploring Complexity Metrics as Indicators of Software Vulnerability

Presentation transcript:

MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus,

MetriCon 1.0 Motivation and Goals Is system A more secure than system B? Compare the attack surface measurements of A and B. Prior work [HPW03, MW04] shows that attack surface measurement is a good indicator of security. Goal: Define a metric to systematically measure a software system’s attack surface Windows NT 4Windows 2000 Windows Server 2003 RASQ RASQ with IIS enabledRASQ with IIS Lockdown

MetriCon 1.0 Intuition Behind Attack Surfaces system surface The attack surface of a system is the ways in which an adversary can enter the system and potentially cause damage. 1. Methods 2. Channels 3. Data Attacks Entry/Exit Points Attack Surface Measurement: Identify relevant resources (methods, channels, and data), and estimate the contribution of each such resource.

MetriCon 1.0 Attack Surface Measurement Formal framework to identify a set, M, of entry points and exit points, a set, C, of channels, and a set, I, of untrusted data items. Estimate a resource’s contribution to the attack surface as a damage potential-effort ratio, der. ResourceDamage PotentialEffort MethodPrivilegeAccess Rights ChannelProtocolAccess Rights Data ItemsTypeAccess Rights The measure of the system’s attack surface is the triple,.

MetriCon 1.0 IMAPD Example Annotated the source code and analyzed the call graph to identify entry and exit points. Used run time monitoring to identify channels and untrusted data items To compute der, assumed a total ordering among the values of the attributes and assigned numeric values according to the total order Courier (41KLOC), and Cyrus (50KLOC)

MetriCon 1.0 Validation (work-in-progress) 1.Formal Validation: I/O Automata [LW89] 2.Empirical Validation 1.Vulnerability report count* 2.Machine Learning (MS Security Bulletins) 3.Honeynet Data DatabaseProFTPWu-FTP CERT01 CVE24 SecurityFocus37 *Joint work with Mark Flynn and Miles McQueen, INL.

MetriCon 1.0 Backup Slides

MetriCon 1.0 IMAPD Example Courier (41KLOC), and Cyrus (50KLOC)

MetriCon 1.0 Entry Points and Exit Points

MetriCon 1.0 Channels and Data Items

MetriCon 1.0 Numeric Values

MetriCon 1.0 FTPD Example ProFTPD and Wu-FTPD 2.6.2

MetriCon 1.0 Entry Points and Exit Points

MetriCon 1.0 Channels and Data Items

MetriCon 1.0 Numeric Values