Guarded models for intrusion detection

PLAS'07 - Proceedings of the 2007 ACM SIGPLAN Workshop on Programming Languages and Analysis for Security

Volumn , Issue , 2007, Pages 85-94

  Saidi, Hassen ^a  

^a SRI INTERNATIONAL   (United States)

Author keywords

Dynamic analysis; Intrusion detection; Invariant generation; Static analysis

Indexed keywords

GUARDED MODELS; HOST-BASED INTRUSION DETECTION SYSTEMS; INVARIANT GENERATION;

ALARM SYSTEMS; DATA FLOW ANALYSIS; INVARIANCE; MATHEMATICAL MODELS; STATIC ANALYSIS;

INTRUSION DETECTION;

EID: 36448930873     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1255329.1255345     Document Type: Conference Paper

References (39)

1. Build-Interceptor. Website, 2007. http://freshmeat.net/ projects/build-interceptor/.
2. Elsa. Website, 2007. http://www.cs.berkeley.edu/~smcpeak/ elkhound/sources/elsa/.
3. Oink. Website, 2007. http://freshmeat.net/projects/oink/.
4. Alex Aiken, Jeffrey Foster, John Kodumal, and Tachio Terauchi. Checking and inferring local, non-aliasing. In Proc. of the Conference on Programming Language Design and Implementation, 2003.
5. David P. Anderson. BOINC: A system for public-resource computing and storage. In Proc. of the Fifth IEEE/ACM International. Workshop on Grid Computing (GRID), 2004.
6. Dzintars Avots, Michael Dalton, Benjamin Livshits, and Monica Lam. Improving software security a C pointer analysis. In Proc. of the 27th International. Conference on Software Engineering, 2005.
7. Pete Broadwell, Matt Harren, and Naveen Sastry. Scrash: A system for generating secure crash, information. In Proc. of the 12th USENIX Security Symposium, pages 273-284, August 2003.
8. William R. Bush, Jonathan D. Pincus, and David J. Sielaff. A static analyzer for finding dynamic programming errors. Software Practice and Experience, 30(7):775-802, 2000.
9. Hao Chen, Drew Dean, and David Wagner. Model checking one million lines of c code. In Proc. of the 11th Annual Network and Distributed System Security Symposium (NDSS), 2004.
10. Crispin Cowan, Matt Barringer, Steve Beattie, Greg Kroah-Hartman, Mike Frantzen, and Jamie Lokier. FormatGuard: Automatic protection from printf format string vulnerabilities. In Proc. of the 10th USENIX Security Symposium., pages 191-200, 2001.
11. Alan DeKok. PScan: A limited problem scanner for C. Website, 2000. http://packages.debian.org/pscan.
12. Jeff Dike. User-mode Linux. In Proc. of the 5th Annual Linux Showcase & Conference (ALS). Usenix, November 2001.
13. David Evans and David Larochelle. Improving security using extensible lightweight static analysis. IEEE Software, 19(1), 2002.
14. Jeffrey S. Foster. Type Qualifiers: Lightweight Specifications to Improve Software Quality. PhD thesis, University of California, Berkeley, December 2002.
15. Jeffrey S. Foster, Manuel Fahndrich, and Alexander Aiken. A theory of type qualifiers. In Proc. of the SIGPLAN Conference on Pmgramming Language Design and Implementation (PLDI), 1999.
16. Jeffrey S. Foster, Robert T. Johnson, John Kodumal, and Alex Aiken. Flow-insensitive type qualifiers. ACM Transactions on Programming Languages and Systems, pages 1035-1086, November 2006.
17. Jeffrey S. Foster, Tachio Terauchi, and Alex Aiken. Flow-sensitive type qualifiers. In Proc. of the SIGPLAN 2002 Conference, on Programming language design and implementation (PLDI), 2002.
18. David Gay and Alex Aiken. Memory management with, explicit regions. In Proc. of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI'98), 1998.
19. David Greenfieldboyce and Jeffrey S. Foster. Type qualifiers for Java. Technical report, University of Maryland, August 2007. http://www.cs.umd.edu/ projects/PL/jqual/.
20. Samuel Guyer, Emery Berger, and Calvin Lin. Detecting errors with configurable whole-program dataflow analysis. Technical report, University of Texas at Austin, 2002. ftp://ftp.cs.utexas.edu/ pub/emery/papers/detecting- errors.pdf.
21. Seth Hallein, Benjamin Chelf, Yichen Xie, and Dawson Engler. A system and language for building system-specific, static analyses. In Proc. of the SIGPLAN 2002 Conference on Programming Language Design and Implementation (PLDI), 2002.
22. Rob T. Johnson and David Wagner. Finding User/Kernel pointer bugs with type inference. In Proc. of the 13th USENIX Security Symposium, 2004.
23. Robert T. Johnson. Verifying Security Properties using Type-Qualifier Inference. PhD thesis, EECS Department, University of California, Berkeley, 2007.
24. Nenad Jovanovic, Christopher Krügel, and Engin Kirda. Pixy: A static analysis tool for detecting web application vulnerabilities (short paper). In IEEE Symposium on Security and Privacy (Oakland 2006), pages 258-263. IEEE Computer Society, 2006.
25. Ben Liblit. Cooperative Bug Isolation. PhD thesis, University of California, Berkeley, 2005.
26. V. Livshits and M. Lam. Finding security vulnerabilities in Java applications with static analysis. In Proc. of the 14th USENIXSecurity Symposium, 2005.
27. Scott McPeak and George C. Necula. Elkhound: A fast, practical GLR parser generator. In Proc. of the 13th International Conference on Compiler Constructor (CC), 2004.
28. A. Nguyen-Tuong, S. Guarnieri, D. Greene, J. Shirley, and D. Evans. Automatically hardening web applications using precise tainting. In 20th IFIP International Information Security Conference, 2005.
29. Michael F. Ringenburg and Dan Grossman. Preventing format-string attacks via automatic and efficient dynamic checking. In Proc. of the 12th Conference on Computer and Communications Security, 2005.
30. Tim Robbins. Libformat, 2000. http://archives.neohapsis. com/archives/linux/lsap/2000-q3/0444.html.
31. Umesh Shankar, Kunal Talwar, Jeffrey S. Foster, and David Wagner. Detecting format string vulnerabilities with type qualifiers. In Proc. of the 10th USENLX Security Symposium, 2001.
32. Saurabh Srivastava, Michael Hicks, and Jeffrey S. Foster. Modular information hiding and type-safe linking for C. In Proc. of the 2007 SIGPLAN International Workshop on Types in Languages Design and Implementation. (TLDI), pages 3-14. ACM Press, 2007.
33. Timothy Tsai and Navjot Singh. Libsafe 2.0: Detection of format string vulnerability exploits. Technical report, Avaya Labs, February 2001. http://pubs.research.avayalabs.com/pdfs/ ALR-2001-018-whpaper.pdf.
34. John. Viega, J. T. Bloch, Tadayoshi Kohno, and Gary McGraw. ITS4: A static vulnerability scanner for C and C++ code. ACM Transactions on Information and System Security, 5(2), 2002.
35. Common Vulnerabilities and Exposures. Format string vulnerabilities. Website, 2007. http://www.cve.mitre.org/cgi-bin/ cvekey.cgi?keyword= format+string.
36. David Wagner, Jeffrey S. Foster, Eric A. Brewer, and Alexander Aiken. A first step towards automated detection of buffer overrun vulnerabilities. In Proc. of the 7th Network and Distributed System Security Symposium (NDSS), 2000.
37. Yichen Xie and Alex Aiken. Static detection of security vulnerabilities in scripting languages. In Proc. of the 15th USENIX Security Symposium, 2006.
38. Junfeng Yang, Ted Kremenek, Yichen Xie, and Dawson Engler. MECA: an extensible, expressive system and language for statically checking security properties. In Proc. of the 10th ACM Conference on Computer and Communications Security (CCS), 2003.
39. Misha Zitser, Richard Lippmann, and Tim. Leek. Testing static analysis tools using exploitable buffer overflows from open source code. In Proc. of the 12th ACM SIGSOFT Twelfth International Symposium on Foundations of Software Engineering, 2004.