Joomla 3.2 Template by Justhost Complaints

MSc1: Code Coverage Analysis to Improve Vulnerability Detection Tests

Published: Saturday, 05 April 2014

Title: Code Coverage Analysis to Improve Vulnerability Detection Tests

 

Advisors: 

  • Regina Moraes (UNICAMP), Nuno Antunes (UC)

 

Abstract:

Automated vulnerability detection tools are used by developers to disclose security vulnerabilities. Testing tools are widely used as they automate what would be the very hard task of executing thousands of tests manually. The problem is that these tools are limited in terms of effectiveness, both by reporting false positives and leaving vulnerabilities undetected.

Although some strides have been made to improve the state of the art with innovative techniques that allow improved effectiveness, the vulnerability detection coverage of the tools is limited by the quality of the inputs used during the tests performed. Recent work in collaboration between UNICAMP and UC shows that the analysis of code coverage during tests can be very useful to evaluate the quality of the tests performed and thus, to estimate the success of the testing process. However, it will be more useful if such analysis can be used to improve the generation of tests and improve execution coverage.

The goal of this work is to use the code coverage analysis to improve techniques for detection of injection vulnerabilities. Although there are some works that try to generate or select tests with better code coverage, the goal here is to develop a runtime feedback loop that feeds the tool that is trying to detect injection vulnerabilities based on issuing injection attacks. Nowadays, the tests are generated based on a pre-configuration of the service operation domains. In this context, a tentative methodology to attack this problem would be:

  • Study the paths of the code that are not covered;
  • Understand which inputs would allow the tests to cover those paths;
  • Adjust the domains of the operation parameter;
  • Finally, feed the tool with this information;

 

Bibliography:

  • Yang, Q., Li, J. J., & Weiss, D. M. (2009). A Survey of Coverage-Based Testing Tools. The Computer Journal, 52(5), 589–597. doi:10.1093/comjnl/bxm021
  • McCabe Software, Inc. (2009). Combining McCabe IQ with Fuzz Testing. McCabe Software, Inc. Retrieved from http://www.mccabe.com/pdf/McCabeIQ-FuzzTesting.pdf
  • Antunes, N., Laranjeiro, N., Vieira, M., & Madeira, H. (2009). Effective Detection of SQL/XPath Injection Vulnerabilities in Web Services. In 2009 IEEE International Conference on Services Computing (SCC 2009) (pp. 260–267). Bangalore, India. doi:10.1109/SCC.2009.23
  • Antunes, N., & Vieira, M. (2011). Enhancing Penetration Testing with Attack Signatures and Interface Monitoring for the Detection of Injection Vulnerabilities in Web Services. In 2011 IEEE International Conference on Services Computing (SCC) (pp. 104–111). IEEE. doi:10.1109/SCC.2011.67

 

 

This page corresponds to a MSc proposal that will be Co-Advised by experienced researchers of at least two of the partners of the project. If you are interested in pursuing one of these proposals, please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.