An Attack Surface Metric

Authors:
Pratyusa K. Manadhata;Jeannette M. Wing
Affiliations:
Symantec Research Labs, Culver City;Carnegie Mellon University, Pittsburgh and US National Science Foundation, Arlington
Venue:
IEEE Transactions on Software Engineering
Year:
2011

Citing 0
Cited 10

Distilling critical attack graph surface iteratively through minimum-cost SAT solving

Proceedings of the 27th Annual Computer Security Applications Conference
Towards a theory of trust in networks of humans and computers

SP'11 Proceedings of the 19th international conference on Security Protocols
Supporting automated vulnerability analysis using formalized vulnerability signatures

Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Automatically securing permission-based software by reducing the attack surface: an application to Android

Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering
Comparing and applying attack surface metrics

Proceedings of the 4th international workshop on Security measurements and metrics
Taxonomy of quality metrics for assessing assurance of security correctness

Software Quality Control
Automated software architecture security risk analysis using formalized signatures

Proceedings of the 2013 International Conference on Software Engineering
Go with the flow: toward workflow-oriented security assessment

Proceedings of the 2013 workshop on New security paradigms workshop
Automatic exploit generation

Communications of the ACM
Aggregating vulnerability metrics in enterprise networks using attack graphs

Journal of Computer Security

Quantified Score

Hi-index	0.02

Visualization

Abstract

Measurement of software security is a long-standing challenge to the research community. At the same time, practical security metrics and measurements are essential for secure software development. Hence, the need for metrics is more pressing now due to a growing demand for secure software. In this paper, we propose using a software system's attack surface measurement as an indicator of the system's security. We formalize the notion of a system's attack surface and introduce an attack surface metric to measure the attack surface in a systematic manner. Our measurement method is agnostic to a software system's implementation language and is applicable to systems of all sizes; we demonstrate our method by measuring the attack surfaces of small desktop applications and large enterprise systems implemented in C and Java. We conducted three exploratory empirical studies to validate our method. Software developers can mitigate their software's security risk by measuring and reducing their software's attack surfaces. Our attack surface reduction approach complements the software industry's traditional code quality improvement approach for security risk mitigation and is useful in multiple phases of the software development lifecycle. Our collaboration with SAP demonstrates the use of our metric in the software development process.