A functional method for assessing protocol. Implementation security

Licentiate thesis

Rauli Kaksonen

Research output: ThesisLicenciateTheses

Abstract

Serious information security vulnerabilities are discovered daily and reported from already deployed software products. Customers have no feasible means for estimating the security level of the products they purchase. The few generally applicable methods require the source code, which is often not delivered with a product. Many of the reported vulnerabilities are robustness problems. Robustness can be functionally assessed without the source code by injecting anomalies, unexpected input elements, to the tested component. The component passes the tests if it can securely handle the injected anomalies. The methods generally applied for software testing and modelling were found to be too complex and rigid for functional robustness assessment. A new mini-simulation method using attribute grammar to model both input syntax and software behaviour was proposed. Means for the systematic creation of a large number of test cases was presented. The method was used to test the robustness of 49 software products. A total of 41 tested products were found to be vulnerable to denial-of-service problems, and 14 of them were proven to contain vulnerabilities making it possible to execute remotely supplied code on the host system. Applications of the method include quantitative comparisons and the benchmarking of software components, but it has some limitations. The proportion of the flaws found using the method compared to the actual number of flaws is difficult to assess and the tests may favour some components over others. However, if the method can help to eliminate the most obvious vulnerabilities, it would be much more difficult to find serious flaws using unsystematic methods. This could cut down on the number of publicly disclosed vulnerabilities.
Original languageEnglish
QualificationLicentiate Degree
Awarding Institution
  • Aalto University
Supervisors/Advisors
  • Röning, Juha, Supervisor, External person
Place of PublicationEspoo
Publisher
Print ISBNs951-38-5873-1
Electronic ISBNs951-38-5874-X
Publication statusPublished - 2001
MoE publication typeG3 Licentiate thesis

Fingerprint

vulnerability
software
anomaly
protocol
method
thesis
benchmarking
product
test
modeling
simulation
code

Keywords

  • information security
  • automated testing
  • software quality
  • implementation vulnerabilities
  • programming mistakes
  • mini-simulation method

Cite this

Kaksonen, R. (2001). A functional method for assessing protocol. Implementation security: Licentiate thesis. Espoo: VTT Technical Research Centre of Finland.
Kaksonen, Rauli. / A functional method for assessing protocol. Implementation security : Licentiate thesis. Espoo : VTT Technical Research Centre of Finland, 2001. 153 p.
@phdthesis{6cce9ef0bc0944b989dca27353b70297,
title = "A functional method for assessing protocol. Implementation security: Licentiate thesis",
abstract = "Serious information security vulnerabilities are discovered daily and reported from already deployed software products. Customers have no feasible means for estimating the security level of the products they purchase. The few generally applicable methods require the source code, which is often not delivered with a product. Many of the reported vulnerabilities are robustness problems. Robustness can be functionally assessed without the source code by injecting anomalies, unexpected input elements, to the tested component. The component passes the tests if it can securely handle the injected anomalies. The methods generally applied for software testing and modelling were found to be too complex and rigid for functional robustness assessment. A new mini-simulation method using attribute grammar to model both input syntax and software behaviour was proposed. Means for the systematic creation of a large number of test cases was presented. The method was used to test the robustness of 49 software products. A total of 41 tested products were found to be vulnerable to denial-of-service problems, and 14 of them were proven to contain vulnerabilities making it possible to execute remotely supplied code on the host system. Applications of the method include quantitative comparisons and the benchmarking of software components, but it has some limitations. The proportion of the flaws found using the method compared to the actual number of flaws is difficult to assess and the tests may favour some components over others. However, if the method can help to eliminate the most obvious vulnerabilities, it would be much more difficult to find serious flaws using unsystematic methods. This could cut down on the number of publicly disclosed vulnerabilities.",
keywords = "information security, automated testing, software quality, implementation vulnerabilities, programming mistakes, mini-simulation method",
author = "Rauli Kaksonen",
year = "2001",
language = "English",
isbn = "951-38-5873-1",
series = "VTT Publications",
publisher = "VTT Technical Research Centre of Finland",
number = "448",
address = "Finland",
school = "Aalto University",

}

Kaksonen, R 2001, 'A functional method for assessing protocol. Implementation security: Licentiate thesis', Licentiate Degree, Aalto University, Espoo.

A functional method for assessing protocol. Implementation security : Licentiate thesis. / Kaksonen, Rauli.

Espoo : VTT Technical Research Centre of Finland, 2001. 153 p.

Research output: ThesisLicenciateTheses

TY - THES

T1 - A functional method for assessing protocol. Implementation security

T2 - Licentiate thesis

AU - Kaksonen, Rauli

PY - 2001

Y1 - 2001

N2 - Serious information security vulnerabilities are discovered daily and reported from already deployed software products. Customers have no feasible means for estimating the security level of the products they purchase. The few generally applicable methods require the source code, which is often not delivered with a product. Many of the reported vulnerabilities are robustness problems. Robustness can be functionally assessed without the source code by injecting anomalies, unexpected input elements, to the tested component. The component passes the tests if it can securely handle the injected anomalies. The methods generally applied for software testing and modelling were found to be too complex and rigid for functional robustness assessment. A new mini-simulation method using attribute grammar to model both input syntax and software behaviour was proposed. Means for the systematic creation of a large number of test cases was presented. The method was used to test the robustness of 49 software products. A total of 41 tested products were found to be vulnerable to denial-of-service problems, and 14 of them were proven to contain vulnerabilities making it possible to execute remotely supplied code on the host system. Applications of the method include quantitative comparisons and the benchmarking of software components, but it has some limitations. The proportion of the flaws found using the method compared to the actual number of flaws is difficult to assess and the tests may favour some components over others. However, if the method can help to eliminate the most obvious vulnerabilities, it would be much more difficult to find serious flaws using unsystematic methods. This could cut down on the number of publicly disclosed vulnerabilities.

AB - Serious information security vulnerabilities are discovered daily and reported from already deployed software products. Customers have no feasible means for estimating the security level of the products they purchase. The few generally applicable methods require the source code, which is often not delivered with a product. Many of the reported vulnerabilities are robustness problems. Robustness can be functionally assessed without the source code by injecting anomalies, unexpected input elements, to the tested component. The component passes the tests if it can securely handle the injected anomalies. The methods generally applied for software testing and modelling were found to be too complex and rigid for functional robustness assessment. A new mini-simulation method using attribute grammar to model both input syntax and software behaviour was proposed. Means for the systematic creation of a large number of test cases was presented. The method was used to test the robustness of 49 software products. A total of 41 tested products were found to be vulnerable to denial-of-service problems, and 14 of them were proven to contain vulnerabilities making it possible to execute remotely supplied code on the host system. Applications of the method include quantitative comparisons and the benchmarking of software components, but it has some limitations. The proportion of the flaws found using the method compared to the actual number of flaws is difficult to assess and the tests may favour some components over others. However, if the method can help to eliminate the most obvious vulnerabilities, it would be much more difficult to find serious flaws using unsystematic methods. This could cut down on the number of publicly disclosed vulnerabilities.

KW - information security

KW - automated testing

KW - software quality

KW - implementation vulnerabilities

KW - programming mistakes

KW - mini-simulation method

M3 - Licenciate

SN - 951-38-5873-1

T3 - VTT Publications

PB - VTT Technical Research Centre of Finland

CY - Espoo

ER -

Kaksonen R. A functional method for assessing protocol. Implementation security: Licentiate thesis. Espoo: VTT Technical Research Centre of Finland, 2001. 153 p.