• Home

  • Documents

  • Mango: Performance and Vulnerability Detection Potential
22
Mango: Performance and Vulnerability Detection Potential Frank Rimlinger Information Assurance Directorate National Security Agency http://babelfish.arc.nasa.gov/trac/jpf/wiki/ projects/jpf-mango

Mango: Performance and Vulnerability Detection Potential

  • Upload
    pavel

  • View
    46

  • Download
    0

Tags:

Embed Size (px)

DESCRIPTION

Mango: Performance and Vulnerability Detection Potential. Frank Rimlinger Information Assurance Directorate National Security Agency http:// babelfish.arc.nasa.gov / trac / jpf /wiki/projects/ jpf -mango. Summary. Mango formal models for 5 Android apps - PowerPoint PPT Presentation

Citation preview

Page 1: Mango: Performance and Vulnerability Detection Potential

Mango: Performance and Vulnerability Detection Potential

Frank RimlingerInformation Assurance Directorate

National Security Agencyhttp://babelfish.arc.nasa.gov/trac/jpf/wiki/projects/jpf-mango

Page 2: Mango: Performance and Vulnerability Detection Potential

Summary• Mango formal models for 5 Android apps• Eclipse package explorer, Mango preferences• Project, Auto and Approx • Mango model build performance data.• Case exhaustion• Testing• Anatomy of the “resource not closed”

vulnerability• All dressed up, nowhere to go.

Page 3: Mango: Performance and Vulnerability Detection Potential

Side-markers show Mango model

Page 4: Mango: Performance and Vulnerability Detection Potential

Loop side-markers are grey

Page 5: Mango: Performance and Vulnerability Detection Potential

Formal model artifacts

Page 6: Mango: Performance and Vulnerability Detection Potential

Artifact: piece of a giant puzzleFit together, make useful inferences

Page 7: Mango: Performance and Vulnerability Detection Potential

Package Explorer and preferences

Page 8: Mango: Performance and Vulnerability Detection Potential

Package explorer and preferences

• Project X, say SampleSyncAdapter.• XAuto: SampleSyncAdapterAuto-contains Java

declarations for non-source, like android.jar code.

• XApprox: contains user generated declarations for “hidden code”.

• XApprox: contains user generated code approximations

Page 9: Mango: Performance and Vulnerability Detection Potential

The “admin user” has already created approximations for system level code

Page 10: Mango: Performance and Vulnerability Detection Potential

Elaborate mechanism for resolving references, with possible user assist

Page 11: Mango: Performance and Vulnerability Detection Potential

Auto-generated native source declarationstype only model

Page 12: Mango: Performance and Vulnerability Detection Potential

Case study: user intervention to avoid “formal heap blow-out”

Page 13: Mango: Performance and Vulnerability Detection Potential

The user generated approximation

Page 14: Mango: Performance and Vulnerability Detection Potential

Mango by the numbers LOC LINK SPECIFY

Native #Methods Min

Auto UserBluetoothHDP 534 70 0 86

4JetBoy 868 59 4(2) 72

8*NotePad 968 117 11(4) 79

9RandomMusicPlayer 988 89 0 112

12SampleSyncAdapter 1786 151 3(2) 170

19FirstYearCode 2700 2 0 163

104**

Total 7844 682156

(Mango) 198000

*requires abstraction of source code constructor:com.example.android.jetboy$JetBoyThread(SurfaceHolder surfaceHolder, Context context, Handler handler);due to excessive load on heap.**Most of this time is to handle deeply nested loops in test.firstYearCode.tictactoe

Page 15: Mango: Performance and Vulnerability Detection Potential

Case Exhaust

Page 16: Mango: Performance and Vulnerability Detection Potential

Outcome

Page 17: Mango: Performance and Vulnerability Detection Potential

Forcing the close method through a bottle-neck

Page 18: Mango: Performance and Vulnerability Detection Potential

Code to tell Mango to check the garbage for “closed” flag.

Page 19: Mango: Performance and Vulnerability Detection Potential

“Good” test, should not fire vulnerability

Page 20: Mango: Performance and Vulnerability Detection Potential

“Bad” test should fire vulnerability

Page 21: Mango: Performance and Vulnerability Detection Potential

Vulnerability Hit

Page 22: Mango: Performance and Vulnerability Detection Potential

Summary

• Mango can build a formal model for a small (<10k loc) Eclipse project with minimal user assistance.

• To detect a vulnerability, user must devise a strategy based on known, quantifiable properties (e.g. the “closed” flag).

• Mango supports strategy implementation and vulnerability test fielding via symbolic simulation.


VULNERABILITY DETECTION AND EXPLOITATION OF WEB

VULNERABILITY DETECTION AND EXPLOITATION OF WEB

Documents
ecs236 Winter 2006: Intrusion Detection #2: Vulnerability Analysis

ecs236 Winter 2006: Intrusion Detection #2: Vulnerability Analysis

Documents
SymVuls: Software vulnerability detection with symbolic

SymVuls: Software vulnerability detection with symbolic

Documents
Detection and Analysis of Web-based Malware and Vulnerability · Detection and Analysis of Web-based Malware and Vulnerability by Wang Junjie Doctor of Philosophy School of Computer

Detection and Analysis of Web-based Malware and Vulnerability · Detection and Analysis of Web-based Malware and Vulnerability by Wang Junjie Doctor of Philosophy School of Computer

Documents
Static analysis for exploitable vulnerability detection

Static analysis for exploitable vulnerability detection

Documents
QSC19 Dubai Real-Time Vulnerability Management · Qualys Security Conference Dubai Real-Time Vulnerability Management Operationalizing the VM process from detection to ... Server

QSC19 Dubai Real-Time Vulnerability Management · Qualys Security Conference Dubai Real-Time Vulnerability Management Operationalizing the VM process from detection to ... Server

Documents
Towards Vulnerability-Based Intrusion Detection with Event Processing

Towards Vulnerability-Based Intrusion Detection with Event Processing

Documents
2020 LAS Collaborators’ Week...Vulnerability Detection Symbolic Execution without Source Code Malware Evolution and Triage Polymorphic vs Metamorphic Obfuscation & Detection Techniques

2020 LAS Collaborators’ Week...Vulnerability Detection Symbolic Execution without Source Code Malware Evolution and Triage Polymorphic vs Metamorphic Obfuscation & Detection Techniques

Documents
Advanced Vulnerability Analysis and Intrusion Detection

Advanced Vulnerability Analysis and Intrusion Detection

Documents
Vulnerability Management Detection & Response (VMDR)€¦ · Normalize Inventory data by common attributes Categorize by vendor, version, type. Vulnerability Management Detect vulnerabilities

Vulnerability Management Detection & Response (VMDR)€¦ · Normalize Inventory data by common attributes Categorize by vendor, version, type. Vulnerability Management Detect vulnerabilities

Documents
CloudPro™ Sample Vulnerability Assessment Report v1...2021-1-20 · security knowledge base, and security vulnerability assessment methodology for the detection of security issues

CloudPro™ Sample Vulnerability Assessment Report v1...2021-1-20 · security knowledge base, and security vulnerability assessment methodology for the detection of security issues

Documents
Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack … · 2009. 1. 16. · Nessus reveals no Mail Server vulnerability. Further, the attack graph shows

Advanced Vulnerability Analysis and Intrusion Detection Through Predictive Attack … · 2009. 1. 16. · Nessus reveals no Mail Server vulnerability. Further, the attack graph shows

Documents
Vulnerability management and threat detection by the numbers

Vulnerability management and threat detection by the numbers

Internet
Introducing Mango: A Formal Eclipse plugin for Java Vulnerability Detection

Introducing Mango: A Formal Eclipse plugin for Java Vulnerability Detection

Documents
1 An Introduction to Intrusion Detection/Prevention, Vulnerability Assessment and related Technologies Network Security

1 An Introduction to Intrusion Detection/Prevention, Vulnerability Assessment and related Technologies Network Security

Documents
Nessus Professional Vulnerability Scanner - E-SPIN Group · Nessus Professional Vulnerability Scanner ... con˛gu ration, system hardening, malware detection, web application scanning

Nessus Professional Vulnerability Scanner - E-SPIN Group · Nessus Professional Vulnerability Scanner ... con˛gu ration, system hardening, malware detection, web application scanning

Documents
Change Detection Analysis for Assessing the Vulnerability

Change Detection Analysis for Assessing the Vulnerability

Documents
Postharvest Handling of Mango. Cultivar Differences Tommy Atkins Mango Kent MangoKeitt Mango Haden Mango Ataulfo Mango

Postharvest Handling of Mango. Cultivar Differences Tommy Atkins Mango Kent MangoKeitt Mango Haden Mango Ataulfo Mango

Documents
SmartSiren: Virus Detection and Alert for Smartphones · SmartSiren: Virus Detection and Alert for Smartphones ... viruses on Windows Mobile have conflrmed the vulnerability

SmartSiren: Virus Detection and Alert for Smartphones · SmartSiren: Virus Detection and Alert for Smartphones ... viruses on Windows Mobile have conflrmed the vulnerability

Documents
Introducing Qualys · Introducing Qualys Bringing the #1 Vulnerability Management solution to the next level All-in-One Vulnerability Management, Detection and Response . Discover,

Introducing Qualys · Introducing Qualys Bringing the #1 Vulnerability Management solution to the next level All-in-One Vulnerability Management, Detection and Response . Discover,

Documents
Correlating Event Data Vulnerability Detection Remediation 34845

Correlating Event Data Vulnerability Detection Remediation 34845

Documents
Vulnerability Detection Mechanism Based on Open API for Multi …networking.khu.ac.kr/layouts/net/publications/data/ICOIN... · 2015-12-31 · Vulnerability Detection Mechanism Based

Vulnerability Detection Mechanism Based on Open API for Multi …networking.khu.ac.kr/layouts/net/publications/data/ICOIN... · 2015-12-31 · Vulnerability Detection Mechanism Based

Documents
LAND USE/COVER CHANGE DETECTION AND …ceur-ws.org/Vol-1638/Paper32.pdf · LAND USE/COVER CHANGE DETECTION AND VULNERABILITY ASSESSMENT IN ... Land use/cover change detection and

LAND USE/COVER CHANGE DETECTION AND …ceur-ws.org/Vol-1638/Paper32.pdf · LAND USE/COVER CHANGE DETECTION AND VULNERABILITY ASSESSMENT IN ... Land use/cover change detection and

Documents
SQL Injection Vulnerability Detection Using Deep Learning

SQL Injection Vulnerability Detection Using Deep Learning

Documents
Intrusion Detection Host Vulnerability and Exploits, Common Attacks on Hosts

Intrusion Detection Host Vulnerability and Exploits, Common Attacks on Hosts

Documents
Search-driven String Constraint Solving for Vulnerability Detection

Search-driven String Constraint Solving for Vulnerability Detection

Software
Automated Vulnerability Detection System Based on Commit

Automated Vulnerability Detection System Based on Commit

Documents
Vulnerability Exploitation Training (focusing on Linux) · Vulnerability Exploitation Training (focusing on Linux) ... remote denial of service attack, ... (or they do) to avoid detection

Vulnerability Exploitation Training (focusing on Linux) · Vulnerability Exploitation Training (focusing on Linux) ... remote denial of service attack, ... (or they do) to avoid detection

Documents
Configuration Fuzzing for Software Vulnerability Detection

Configuration Fuzzing for Software Vulnerability Detection

Documents
FooCodeChu Services for software analysis, malware detection, and vulnerability research Silvio Cesare

FooCodeChu Services for software analysis, malware detection, and vulnerability research Silvio Cesare

Documents