AJECT

Attack Injection on Software Components

 


Home
Members
Publications

Computer security is an important research subject due to our reliance on computer systems for the execution of our everyday life activities. In the near future, this dependency will tend to increase as more and more tasks will be done with the help of computers and through open networks (e.g., e-commerce, e-government, e-health). These systems, however, are vulnerable, as indicated by the attacks to corporate networks that are reported daily in the news.

An attack to be executed successfully, and to result in an intrusion, has to be able to explore a vulnerability in the computer system. These vulnerabilities might be located in distinct components, ranging from the processor firmware to some library linked to an application. Many causes can explain why these vulnerabilities are inserted, for instance incorrect configuration parameters, ill defined relations between components, or bad programming.

In this project we want to study and analyze software vulnerabilities. Modern software is complex, but it will tend to become even more complicated in the future. For example, the number of lines of code (LOC) in common operating systems has grown steadily over the years, which is a sign of the increasing complexity (Windows 3.1 had roughly 3 million LOC while Windows XP has about 40 million LOC). Estimates indicate that around 5 to 50 bugs per thousand LOC remain after testing. Consequently, the potential number of vulnerabilities that exist in a modern operating system is very large, even if we assume that most bugs can not be exploited.

Therefore, if we want to prevent malicious adversaries from compromising our systems, we need first to get a better understanding about how vulnerabilities are exploited, and then we have to develop tools that will enable us to automatically detect potential software problems.

In this project we want to make contributions in the following important areas:

  • the project will research new techniques that will allow the automatic discovery of vulnerabilities. These techniques will be implemented in tools that will systematically inject attacks against software components. We will start by building injection tools for buffer overflows, since they correspond to the most common type of vulnerability. Then, we will look at more sophisticated vulnerabilities, such as race conditions.
  • the project will utilize the developed tools to evaluate relevant applications.  We will select well known software components (e.g., operating system, browser) and then we will perform injection experiments to determine their behavior under attack.

 

Financing:

Project Name: AJECT - Injecção de Ataques em Componentes de Software

Sponsoring Body : FCT (POSC/EIA/61643/2004)

 

União Europeia – Fundos Estruturais

Governo da República Portuguesa

Back to Top

For problems or questions regarding this web contact nuno@di.fc.ul.pt.
Last updated: April 10, 2008.