Upload File

metricon 1.0 an attack surface metric pratyusa k. manadhata jeannette m. wing carnegie mellon...

  • Home
  • Documents
  • MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu
15
MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

Upload: ashlynn-singleton

Post on 03-Jan-2016

223 views

Category:

Documents


3 download

Report

TRANSCRIPT

Page 1: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

An Attack Surface Metric

Pratyusa K. Manadhata Jeannette M. Wing

Carnegie Mellon University

{pratyus, wing}@cs.cmu.edu

Page 2: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Motivation and GoalsIs system A more secure than system

B?

Is system A more secure than system

B?

Compare the attack surface measurements of A and B.Prior work [HPW03, MW04] shows that attack surface measurement is a good indicator of security.

Goal: Define a metric to systematically measure a software system’s attack surface.

0

100

200

300

400

500

600

700

Windows NT 4 Windows 2000 Windows Server 2003

RASQ RASQ with IIS enabled RASQ with IIS Lockdown

Page 3: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Intuition Behind Attack Surfaces

system surface

The attack surface of a system is the ways in which an adversary can enter the system and potentially cause damage.

1. Methods

2. Channels

3. Data

Attacks

Entry/Exit Points

Attack Surface Measurement: Identify relevant resources (methods, channels, and data), and estimate the contribution of each such resource.

Page 4: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Attack Surface MeasurementFormal framework to identify a set, M, of entry points and exit points, a set, C, of channels, and a set, I, of untrusted data items.

Estimate a resource’s contribution to the attack surface as a damage potential-effort ratio, der.

Resource Damage Potential Effort

Method Privilege Access Rights

Channel Protocol Access Rights

Data Items Type Access Rights

The measure of the system’s attack surface is the triple, < , , > .

Mm

der(m)Cc

der(c)Id

der(d)

Page 5: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

IMAPD Example

Annotated the source code and analyzed the call graph to identify entry and exit points.Used run time monitoring to identify channels and untrusted data items

To compute der, assumed a total ordering among the values of the attributes and assigned numeric values according to the total order

0

100

200

300

400

500

600

Method Channel Data

AS

Mea

sure

men

ts

Courier 4.0.1

Cyrus 2.2.10

• Courier 4.0.1 (41KLOC), and Cyrus 2.2.10 (50KLOC)

Page 6: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Validation (work-in-progress)

1. Formal Validation: I/O Automata [LW89]

2. Empirical Validation1. Vulnerability report count*

2. Machine Learning (MS Security Bulletins)

3. Honeynet Data

050

100150200250300350400450

AS

Mea

sure

men

ts

ProFTP 1.2.10

Wu-FTP 2.6.2

Database ProFTP Wu-FTP

CERT 0 1

CVE 2 4

SecurityFocus 3 7

*Joint work with Mark Flynn and Miles McQueen, INL.

Page 7: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Backup Slides

Page 8: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

IMAPD Example

• Courier 4.0.1 (41KLOC), and Cyrus 2.2.10 (50KLOC)

Page 9: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Entry Points and Exit Points

Page 10: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Channels and Data Items

Page 11: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Numeric Values

Page 12: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

FTPD Example

• ProFTPD 1.2.10 and Wu-FTPD 2.6.2

Page 13: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Entry Points and Exit Points

Page 14: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Channels and Data Items

Page 15: MetriCon 1.0 An Attack Surface Metric Pratyusa K. Manadhata Jeannette M. Wing Carnegie Mellon University {pratyus, wing}@cs.cmu.edu

MetriCon 1.0

Numeric Values


Wing Trade Study. Wing Process Flowchart CFD (In)Validation

ATTACH LEFT WING HERE - DC Kids left wing here dc comics 2015. left wing right wing flash mask instruction dc comics 2015. left wing right wing flash mask instruction. how to make

RIGHT-WING FLANDERS, LEFT-WING WALLONIA ? IS THIS SO ? …

Modelling wing wake and tail aerodynamics of a flapping-wing … · 2019-04-16 · Flapping-wing micro air vehicle, flapping-wing wake, tail-wing wake interaction, system identification,

Conservation AreaConservation Area Wing Wing Wing

Gold Wing Road Riders AssociationGold Wing Road Riders

Commemorative Air Force - Utah Wing - Utah Wing

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. 37, … · IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, VOL. 37, NO. 3, MAY/JUNE 2011 371. P.K. Manadhata is with Symantec Research Labs,

A-Wing-2sf-papercraft/sf/A-Wing/A-Wing-2.pdf · Title: A-Wing-2 Created Date: 7/13/2018 10:36:11 PM

CORTINA DE AIRE MU-WING MU-WING AIR CURTAIN

Wing Chun Philosophy Wing Tsun Ving Tjun Chung Moves

North Wing Quest GT5 Wing · PDF fileNorth Wing Quest GT5 Wing Manual Version 2.1 Printed: February 1, 2012 Page 1 Manufacturer: North Wing UUM, Inc. 3904 ... About the Quest GT5 Trike

WING A WING D - BGSU

Wing & Son Pianos - Wing Family of America

Aerodynamic Shape Optimization of Wing and Wing-Body Configurations Using Control Theory · 2013-08-30 · Aerodynamic Shape Optimization of Wing and Wing-Body Configurations Using

An Approach to Measuring A System’s Attack Surface · An Approach to Measuring A System’s Attack Surface Pratyusa K. Manadhata Kymie M. C. Tan Roy A. Maxion Jeannette M. Wing

The Wing. B 35 Flying Wing

Chapter 5 Wing design - selection of wing parameters – 2 ... 5_L20(03-10-2013).pdf · Chapter 5 Wing design - selection of wing parameters – 2 ... The wing structure consists

A Formal Model for A System’s Attack Surfacewing/publications/CMU-CS-07-144.pdf · A Formal Model for A System’s Attack Surface Pratyusa K. Manadhata Dilsun K. Kaynar Jeannette

Type/model maiden numbers competition wing sections wing ...aviation.derosaweb.net/dg101/documentation/dg-typen-total-e.pdf · wing sections wing span length wing surface aspect ratio

Wing Embedded Engines For Large Blended Wing Body Aircraft

republicseabee.comrepublicseabee.com/Files/SeaBee_Analysis_1946.pdf · comprising simple spar foundations cov- ... primary wing a wing Brace g. (1) Wing wing, (3) ... and (3) stress

Wing Trawling System for Shrimp Trawlers Draggin Wing

fold Right wing - Paper Toys - Paper Cut-Out Models · 2008-05-28 · Main building © PaperToys.com Page1of3 Main building Left wing Left wing Right wing Right wing fold fold fold

WING ATTACHMENTS FOR MID-WING MODELS · 2016. 2. 27. · the wing tubes and rotating it against the fuselage wing mount plate to make a mark for drilling. Remove the wing and drill

The Wing Grid - MITweb.mit.edu/16.62X/www/Bennett_David_622.pdf · 2.1.2 Superstructure and Wing Sections ... the wing grids’ performance relative to a control rectangular wing

WING ATTACHMENTS FOR MID-WING MODELSMore.pdf · WING ATTACHMENTS FOR MID-WING MODELS ... the main spar and the other, ... then replace the wing in the jig again and test fit the

Text Classification for Data Loss PreventionText Classi cation for Data Loss Prevention Michael Hart 1, Pratyusa Manadhata2, and Rob Johnson 1 Computer Science Department, Stony Brook

Digital Morphing Wing: Active Wing Shaping Concept Using

MAIN WING CONSTRUCTION - RCCD Home Wing Construction...MAIN WING CONSTRUCTION Note: The main wing is a turbular wing design. The forward portion of the wing is not sheeted and left

CONSTRUCTION OF THE WING - Bob Reed's KIS Cruiser · PDF fileWING PAGE WING-1 CONSTRUCTION OF THE WING ... During assembly of the wing to the fuselage you will be required ... WING

Aero Acoustics of Fixed Wing and Rotary Wing Aircraft

ARUNACHAL PRADESH - ITANAGAR · 22_Rengging22_Rengging22_Rengging 18_Mirbuk (North Wing)18_Mirbuk (North Wing) 19_Mirbuk (South Wing)19_Mirbuk (South Wing)19_Mirbuk (South Wing) 1_H.D

A-7 Strut Braced Wing Concept Transonic Wing Design

Wing Chun: Introducing Basic Wing Chun Kung Fu Using