The Dark Side of the Code

The literature is rife with examples of attackers exploiting unexpected system behaviours that arise from program bugs. This problem is particularly widespread in contemporary application programs, owing to the complexity of their many interconnected parts. We consider this problem, and consider how runtime verification could be used to check an executing program against a model of expected behaviour generated during unit testing.

[1]  Simon N. Foley,et al.  A nonfunctional approach to system integrity , 2003, IEEE J. Sel. Areas Commun..

[2]  Joachim M. Buhmann,et al.  On the definition of role mining , 2010, SACMAT '10.

[3]  Roy T. Fielding,et al.  Uniform Resource Identifiers (URI): Generic Syntax , 1998, RFC.

[4]  Paul V. Mockapetris,et al.  Domain names: Concepts and facilities , 1983, RFC.

[5]  Martin Kuhlmann,et al.  Role mining - revealing business roles for security administration using data mining technology , 2003, SACMAT '03.

[6]  Yanyan Zhuang,et al.  It's the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer's blind spots , 2014, ACSAC.

[7]  Dan Boneh,et al.  Protecting browsers from DNS rebinding attacks , 2009, ACM Trans. Web.

[8]  Roy T. Fielding,et al.  Hypertext Transfer Protocol - HTTP/1.0 , 1996, RFC.

[9]  Koushik Sen,et al.  Rule-Based Runtime Verification , 2004, VMCAI.

[10]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[11]  Don Davis Compliance Defects in Public Key Cryptography , 1996, USENIX Security Symposium.

[12]  Stephanie Forrest,et al.  A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[13]  Roy T. Fielding,et al.  Uniform Resource Identifier (URI): Generic Syntax , 2005, RFC.

[14]  Dimitrios Gunopulos,et al.  Mining Process Models from Workflow Logs , 1998, EDBT.

[15]  Haifeng Chen,et al.  Multi-resolution Abnormal Trace Detection Using Varied-length N-grams and Automata , 2005, ICAC.

[16]  Simon N. Foley,et al.  Discovering emergent norms in security logs , 2013, 2013 IEEE Conference on Communications and Network Security (CNS).

[17]  Peter Y. A. Ryan,et al.  Mathematical Models of Computer Security , 2000, FOSAD.

[18]  Paul V. Mockapetris,et al.  Domain names - concepts and facilities , 1987, RFC.

[19]  Grigore Rosu,et al.  JavaMOP: Efficient parametric runtime monitoring framework , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[20]  Simon N. Foley,et al.  Collaborating as Normal: Detecting Systemic Anomalies in Your Partner , 2014, Security Protocols Workshop.

[21]  Rafael Accorsi,et al.  Automated Privacy Audits Based on Pruning of Log Data , 2008, 2008 12th Enterprise Distributed Object Computing Conference Workshops.

[22]  Dieter Gollmann Software Security - The Dangers of Abstraction , 2008, FIDIS.

[23]  Adam Barth,et al.  The Web Origin Concept , 2011, RFC.