Improving Software Assurance Using Lightweight Static Analysis

Gopalakrishna Rajeev. Ph.D., Purdue University, May, 2006. Improving Software Assurance Using Lightweight Static Analysis. Major Professors: Prof. Eugene H. Spafford and Prof. Jan Vitek. Software assurance is of paramount importance given the increasing impact of software on our lives. This dissertation describes research that explores two techniques to improve software assurance: a runtime approach in the context of host-based misuse detection systems (MDSs) and a compile-time approach to detect unknown software defects. Host-based MDSs attempt to identify attacks by discovering program behaviors that deviate from expected patterns. We focus on automated and conservative misuse detection techniques. We present a static analysis algorithm for constructing a flowand context-sensitive model of a program that allows for efficient real-time detection. Contextsensitivity is essential to reduce the number of impossible control-flow paths accepted by a MDS because such paths provide opportunities for attackers to evade detection. Our inlined automaton model presents an acceptable tradeoff between accuracy and performance in our experiments. Static and dynamic approaches have been proposed over the years to detect security vulnerabilities. These approaches assume that the signature of a defect is known a priori. A greater challenge is detecting defects whose signatures are not known a priori— unknown software defects. We propose a general approach for detection of unknown defects. Software defects are discovered by applying data-mining techniques to pinpoint deviations from common program behavior in the source code and using statistical techniques to assign significance to each such deviation. We discuss the implementation of our tool, FaultMiner, and illustrate the power of the approach by inferring two types of security properties on four widely-used programs.