Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Behavior-based spyware detection
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Protecting browsers from dns rebinding attacks
Proceedings of the 14th ACM conference on Computer and communications security
Predicting vulnerable software components
Proceedings of the 14th ACM conference on Computer and communications security
SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Secure Web Browsing with the OP Web Browser
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Robust defenses for cross-site request forgery
Proceedings of the 15th ACM conference on Computer and communications security
Securing frame communication in browsers
Communications of the ACM - One Laptop Per Child: Vision vs. Reality
Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Analyzing Information Flow in JavaScript-Based Browser Extensions
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Cross-origin javascript capability leaks: detection, exploitation, and defense
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
The multi-principal OS construction of the gazelle web browser
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Trust and protection in the Illinois browser operating system
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
VEX: vetting browser extensions for security vulnerabilities
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Verified Security for Browser Extensions
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Hi-index | 0.00 |
Software is commonly built from reusable components that provide desired functionalities. Although component reuse significantly improves software productivity, insecure component usage can lead to security vulnerabilities in client applications. For example, we noticed that widely-used IE-based browsers, such as IE Tab, do not enable important security features that IE enables by default, even though they all use the same browser components. This insecure usage renders these IE-based browsers vulnerable to the attacks blocked by IE. To our knowledge, this important security aspect of component reuse has largely been unexplored. This paper presents the first practical framework for detecting and analyzing vulnerabilities of insecure component usage. Its goal is to enforce and support secure component reuse. Our core approach is based on differential testing and works as follows. Suppose that component C maintains a security policy configuration to block certain malicious behavior. If two clients of component C, say a reference and a test subject, handle the malicious behavior inconsistently, the test subject uses C insecurely. In particular, we model component usage related to a policy based on 1) accesses to the configuration state inside the component and 2) the conditional jumps affected by the data read from the state. We utilize this model to detect inconsistent policy evaluations, which can lead to insecure component usage. We have implemented our technique for Windows applications and used it to detect and analyze insecure usage of popular software components. Our evaluation results show that 1) insecure component usage is a general concern and frequently occurs in widely-used software, and 2) our detection framework is practical and effective at detecting and analyzing insecure component usage. In particular, it detected several serious, new vulnerabilities and helped perform detailed analysis of insecure component usage. We have reported these to the affected software vendors, some of whom have already acknowledged our findings and are actively addressing them.