Download presentation
Presentation is loading. Please wait.
Published byMaude Cole Modified over 9 years ago
1
Proactive Software Security R. Sekar Director, Center for Cybersecurity Stony Brook University
2
2 Our Approach & Ongoing Projects u Compile-time n Program analysis t detect security bugs t extract behavior models –For verifying security properties –For enforcing security policies n Program transformation techniques to mask them t Detect all memory errors in C programs t Efficient techniques to prevent exploitation of memory errors Comprehensive treatment of security at every stage of software development & operation
3
3 Our Approach (Contd.) u Link/load time n Binary analysis and transformation techniques u Installation time n Vulnerability analysis of composite systems/configurations u Runtime n Intrusion detection/prevention t Policy/behavior enforcement t Anomaly detection u Post attack n Isolation of untrusted/compromised software t Prevent attacks from compromising security-critical data n Self-healing systems t Reconfigure systems on-the-fly to filter out attacks
4
4 Host-Based Intrusion Detection u Efficient techniques for extracting program behavior models n FSA models of program behavior t Lot of followup work on this n Ability to detect types of attacks that program-based anomaly detectors have been poor at t Race conditions t Some types of omissions n Do formal reasoning on possible behaviors, provide specific guarantees
5
5 Host-based Intrusion Detection u Specification-based intrusion detection n Expressive policy language n Efficient enforcement u Behavior containment n Model-carrying code n Alcatraz tool for confining untrusted code u Program behavior models provide the missing link t Enable policy development
6
6 Network Intrusion Detection u Combine specification-based and anomaly based detection techniques u Simple state-machine models of network protocols n TCP n SMTP u Superimpose machine learning on top of the state machine model u Surprising level of effectiveness u Key components n Efficient aggregation algorithms n Domain-specific language that provides programmer control, but does not require detailed programming
7
7 Further Information u Personal home pages n See http://seclab.cs.sunysb.edu/sekar/http://seclab.cs.sunysb.edu/sekar/ u Laboratory home pages n See http://seclab.cs.sunysb.edu/http://seclab.cs.sunysb.edu/ u Center for Cybersecurity homepage n http://ccs.cs.sunysb.edu/ http://ccs.cs.sunysb.edu/
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.