Presentation is loading. Please wait.

Presentation is loading. Please wait.

Proactive Software Security R. Sekar Director, Center for Cybersecurity Stony Brook University.

Published byMaude Cole Modified over 9 years ago

Similar presentations

Presentation on theme: "Proactive Software Security R. Sekar Director, Center for Cybersecurity Stony Brook University."— Presentation transcript:

1 Proactive Software Security R. Sekar Director, Center for Cybersecurity Stony Brook University

2 2 Our Approach & Ongoing Projects u Compile-time n Program analysis t detect security bugs t extract behavior models –For verifying security properties –For enforcing security policies n Program transformation techniques to mask them t Detect all memory errors in C programs t Efficient techniques to prevent exploitation of memory errors Comprehensive treatment of security at every stage of software development & operation

3 3 Our Approach (Contd.) u Link/load time n Binary analysis and transformation techniques u Installation time n Vulnerability analysis of composite systems/configurations u Runtime n Intrusion detection/prevention t Policy/behavior enforcement t Anomaly detection u Post attack n Isolation of untrusted/compromised software t Prevent attacks from compromising security-critical data n Self-healing systems t Reconfigure systems on-the-fly to filter out attacks

4 4 Host-Based Intrusion Detection u Efficient techniques for extracting program behavior models n FSA models of program behavior t Lot of followup work on this n Ability to detect types of attacks that program-based anomaly detectors have been poor at t Race conditions t Some types of omissions n Do formal reasoning on possible behaviors, provide specific guarantees

5 5 Host-based Intrusion Detection u Specification-based intrusion detection n Expressive policy language n Efficient enforcement u Behavior containment n Model-carrying code n Alcatraz tool for confining untrusted code u Program behavior models provide the missing link t Enable policy development

6 6 Network Intrusion Detection u Combine specification-based and anomaly based detection techniques u Simple state-machine models of network protocols n TCP n SMTP u Superimpose machine learning on top of the state machine model u Surprising level of effectiveness u Key components n Efficient aggregation algorithms n Domain-specific language that provides programmer control, but does not require detailed programming

7 7 Further Information u Personal home pages n See http://seclab.cs.sunysb.edu/sekar/http://seclab.cs.sunysb.edu/sekar/ u Laboratory home pages n See http://seclab.cs.sunysb.edu/http://seclab.cs.sunysb.edu/ u Center for Cybersecurity homepage n http://ccs.cs.sunysb.edu/ http://ccs.cs.sunysb.edu/

Download ppt "Proactive Software Security R. Sekar Director, Center for Cybersecurity Stony Brook University."

Similar presentations

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.

Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.

Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.

Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
EECS 598-2 Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.

EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.
A Platform for WEbS (wireless embedded sensor/actuator) systems David Culler Eric Brewer Dave Wagner.

A Platform for WEbS (wireless embedded sensor/actuator) systems David Culler Eric Brewer Dave Wagner.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.

IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
August 2006Scott Stoller, Stony Brook University1 Research in Formal Methods, Concurrent & Distributed Systems, and Programming Languages at Scott D. Stoller.

August 2006Scott Stoller, Stony Brook University1 Research in Formal Methods, Concurrent & Distributed Systems, and Programming Languages at Scott D. Stoller.
Composing Security Policies on Java Cards Michael McDougall with Rajeev Alur and Carl A. Gunter University of Pennsylvania April 26, 2004.

Composing Security Policies on Java Cards Michael McDougall with Rajeev Alur and Carl A. Gunter University of Pennsylvania April 26, 2004.
CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: 509-359-6908 Office.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
1 Reliable Adaptive Distributed Systems Armando Fox, Michael Jordan, Randy H. Katz, David Patterson, George Necula, Ion Stoica, Doug Tygar.

1 Reliable Adaptive Distributed Systems Armando Fox, Michael Jordan, Randy H. Katz, David Patterson, George Necula, Ion Stoica, Doug Tygar.
1 Towards Anomaly/Intrusion Detection and Mitigation on High-Speed Networks Yan Gao, Zhichun Li, Yan Chen Northwestern Lab for Internet and Security Technology.

1 Towards Anomaly/Intrusion Detection and Mitigation on High-Speed Networks Yan Gao, Zhichun Li, Yan Chen Northwestern Lab for Internet and Security Technology.
1 The Problem o Fluid software cannot be trusted to behave as advertised unknown origin (must be assumed to be malicious) known origin (can be erroneous.

1 The Problem o Fluid software cannot be trusted to behave as advertised unknown origin (must be assumed to be malicious) known origin (can be erroneous.

Similar presentations

Ads by Google