Extending Dynamic Invariant Detection with Explicit Abstraction

Keith, Daniel, Keith, Daniel

January 2012

Dynamic invariant detection is a software analysis technique that uses traces of function entry and exit from executing programs and infers partial specifications that characterize the observed behavior. The specifications are reported as logical precondition and postcondition expressions (invariants) that relate arguments, instance variables, and results. Detectors typically generate large collections of invariants, among which most are true but few are interesting or useful. Refining this flood of invariants into a useful subset often requires manual tuning through configuration options and modification of the program under analysis. Our research asks whether we can improve dynamic invariant detection by enabling explicit abstractions to be declared and applied to a program under analysis and whether this is practical; this dissertation shows that it is indeed practical and useful. Given a concrete program we can synthesize a model program composed of functions and modules that are abstractions of selected concrete modules. When we execute the model program in parallel with its underlying concrete program and apply dynamic invariant detection, we obtain abstracted invariants that can reveal the behavior of the underlying concrete program. We developed the Alembic system to support and experiment with the above technique, enabling a practical method for steering the invariant detection process and shaping the analysis to produce more refined results than obtainable via traditional means. Alembic provides a simple language for defining abstractions and managing detection experiments; the system generates the necessary instrumentation, representation classes, and functions, freeing the analyst to focus on the expression of abstractions and detection experiments. Alembic currently leverages the invariant detection capability of Daikon, a powerful first-generation detector, to analyze synthetic traces on abstractions. However, the principles we demonstrate apply to any detector and language that observes function entry and exit. We present some applications of this technique to example problems and then evaluate Alembic on production code such as the Guava class library. Our research suggests new uses for existing detectors and enables the design and evaluation of features to inform the next generation of dynamic invariant detection systems. This dissertation includes previously unpublished co-authored material.

Abstraction

Alembic

Daikon

Detection

Dynamic

Invariant

Integrity Verification of Applications on RADIUM Architecture

Tarigopula, Mohan Krishna

08 1900

Trusted Computing capability has become ubiquitous these days, and it is being widely deployed into consumer devices as well as enterprise platforms. As the number of threats is increasing at an exponential rate, it is becoming a daunting task to secure the systems against them. In this context, the software integrity measurement at runtime with the support of trusted platforms can be a better security strategy. Trusted Computing devices like TPM secure the evidence of a breach or an attack. These devices remain tamper proof if the hardware platform is physically secured. This type of trusted security is crucial for forensic analysis in the aftermath of a breach. The advantages of trusted platforms can be further leveraged if they can be used wisely. RADIUM (Race-free on-demand Integrity Measurement Architecture) is one such architecture, which is built on the strength of TPM. RADIUM provides an asynchronous root of trust to overcome the TOC condition of DRTM. Even though the underlying architecture is trusted, attacks can still compromise applications during runtime by exploiting their vulnerabilities. I propose an application-level integrity measurement solution that fits into RADIUM, to expand the trusted computing capability to the application layer. This is based on the concept of program invariants that can be used to learn the correct behavior of an application. I used Daikon, a tool to obtain dynamic likely invariants, and developed a method of observing these properties at runtime to verify the integrity. The integrity measurement component was implemented as a Python module on top of Volatility, a virtual machine introspection tool. My approach is a first step towards integrity attestation, using hypervisor-based introspection on RADIUM and a proof of concept of application-level measurement capability.

Application integrity

trusted computing

daikon invariants

RADIUM

TPM

Computer architecture.

Computer security.

System design.

Generating high confidence contracts without user input using Daikon and ESC/Java2

Rayakota, Balaji

January 1900

Master of Science / Department of Computing and Information Science / Torben Amtoft / Invariants are properties which are asserted to be true at certain program points. Invariants are of paramount importance when proving program correctness and program properties. Method, constructor, and class invariants can serve as contracts which specify program behavior and can lead to more accurate reuse of code; more accurate than comments because contracts are less error prone and they may be proved without testing. Dynamic invariant generation techniques run the program under inspection and observe the values that are computed at each program point and report a list of invariants that were observed to be possibly true. Static checkers observe program code and try to prove the correctness of annotated invariants by generating proofs for them. This project attempts to get strong invariants for a subset of classes in Java; there are two phases first we use Daikon, a tool that suggests invariants using dynamic invariant generation techniques, and next we get the invariants checked using ESC/Java2, which is a static checker for Java. In the first phase an ‘Instrumenter’ program inspects Java classes and generates code such that sufficient information is supplied to Daikon to generate strong invariants. All of this is achieved without any user input. The aim is to be able to understand the behavior of a program using already existing tools.

Software Contracts

Automatic Invariant Generation

Daikon

ESC/Java2

Computer Science (0984)

Maintaining Web Applications Integrity Running on RADIUM

Ur-Rehman, Wasi

08 1900

Computer security attacks take place due to the presence of vulnerabilities and bugs in software applications. Bugs and vulnerabilities are the result of weak software architecture and lack of standard software development practices. Despite the fact that software companies are investing millions of dollars in the research and development of software designs security risks are still at large. In some cases software applications are found to carry vulnerabilities for many years before being identified. A recent such example is the popular Heart Bleed Bug in the Open SSL/TSL. In today’s world, where new software application are continuously being developed for a varied community of users; it’s highly unlikely to have software applications running without flaws. Attackers on computer system securities exploit these vulnerabilities and bugs and cause threat to privacy without leaving any trace. The most critical vulnerabilities are those which are related to the integrity of the software applications. Because integrity is directly linked to the credibility of software application and data it contains. Here I am giving solution of maintaining web applications integrity running on RADIUM by using daikon. Daikon generates invariants, these invariants are used to maintain the integrity of the web application and also check the correct behavior of web application at run time on RADIUM architecture in case of any attack or malware. I used data invariants and program flow invariants in my solution to maintain the integrity of web-application against such attack or malware. I check the behavior of my proposed invariants at run-time using Lib-VMI/Volatility memory introspection tool. This is a novel approach and proof of concept toward maintaining web application integrity on RADIUM.

Web application integrity

RADIUM

software bugs

daikon

Computer security.

Web applications -- Security measuers.

Computer networks -- Security measures.