Automatic Discovery of API-Level Vulnerabilities

Ganapathy, Vinod; Seshia, Sanjit A.; Jha, Somesh; Reps, Thomas W.; Bryant, Randal E.

File(s)

TR1512.pdf (3.329Mb)

Date

2004

Author

Ganapathy, Vinod

Seshia, Sanjit A.

Jha, Somesh

Reps, Thomas W.

Bryant, Randal E.

Publisher

University of Wisconsin-Madison Department of Computer Sciences

Metadata

Show full item record

Abstract

A system is vulnerable to an API-level attack if its security can be compromised by invoking an allowed sequence of operations from its API. We present a formal framework to model and analyze APIs, and develop an automatic technique based upon bounded model checking to discover API-level vulnerabilities. If a vulnerability exists, our technique produces a trace of API operations demonstrating an attack. Two case studies show the efficacy of our technique. In the first study we present a novel way to analyze print f-family format-string attacks as MI-level attacks, and implement a tool to discover them automatically. In the second study, we model a subset of the IBM Common Cryptographic Architecture MI, a popular cryptographic key-management API, and automatically detect a previously known vulnerability.

Permanent Link

http://digital.library.wisc.edu/1793/60412

Citation

TR1512

Part of

CS Technical Reports