posted by Richard Power
The 33rd annual IEEE Symposium on Security and Privacy held at the St. Francis hotel in downtown San Francisco (May 20-May 23, 2012), is one of the respected venues in the field, and once again, numerous papers presented by Carnegie Mellon University CyLab researcher and several sessions chaired by CyLab faculty made for a powerful presence.
Here is the CyLab 2012 IEEE Security and Privacy roster of papers and presenters, with brief excerpts from each paper:
Jiyong Jang talked on ReDeBug: Finding Unpatched Code Clones in Entire OS Distributions, a paper co-authored with Abeer Agrawal, and CyLab faculty David Brumley.
"ReDeBug was designed for scalability to entire OS distributions, the ability to handle real code, and minimizing false detection. ReDeBug found 15,546 unpatched code clones, which likely represent real vulnerabilities, by analyzing 2.1 billion lines of code on a commodity desktop. We demonstrate the practical impact of ReDeBug by conﬁrming 145 real bugs in the latest version of Debian Squeeze packages. We believe ReDeBug can be a realistic solution for regular developers to enhance the security of their code in day-to-day development."
Michael Carl Tschantz presented Formalizing and Enforcing Purpose Restrictions of Privacy Policies, a paper co-authored with Anupam Datta and Jeannette M. Wing.
"Our work makes the following contributions: 1) The ﬁrst semantic formalism of when a sequence of actions is for a purpose; 2) Empirical validation that our formalism closely corresponds to how people understand the word “purpose”; 3) An algorithm employing our formalism and its implementation for auditing; and 4) The characterization of previous policy enforcement methods in our formalism and a comparative study of their expressiveness. The ﬁrst two contributions illustrate that planning can formalize purpose restrictions. The next two illustrate that our formalism may aid automated auditing and analysis."
Xin Zhang, who graduated from Carnegie Mellon University and now works for Google, delivered Secure and Scalable Fault Localization under Dynamic Traffic Patterns, co-authored with CyLab Technical Director Adrian Perrig, and by Chang Lan of Tsinghua University.
"While existing path-based FL protocols aim to identify a speciﬁc faulty link (if any), DynaFL localizes data-plane faults to a coarser-grained 1-hop neighborhood, to achieve four distinct advantages. First, DynaFL does not require any minimum duration time of paths or ﬂows in order to detect data-plane faults as path-based FL protocols do. Thus, DynaFL can fully cope with short-lived ﬂows which are popularly seen in modern networks. Second, in DynaFL, a source node does not need to know the exact outgoing path, unlike path-based FL protocols. Hence, DynaFL can support agile (e.g., packet-level) load balancing such as VL2 routing  for datacenter networks. Third, a DynaFL router only needs around 4MB per-neighbor state based on our classic Sketch implementation, while a router in a path-based FL protocol requires per-path state. Finally, a DynaFL router only maintains a single secret key shared with the AC, while a router in a path-based FL protocol needs to manage 100 to 10000 secret keys in measured ISP topologies."
Sang Kil Cha spoke on Unleashing Mayhem on Binary Code, co-authored with Thanassis Avgerinos, Alexandre Rebert and David Brumley.
"We presented MAYHEM, a tool for automatically finding exploitable bugs in binary (i.e., executable) programs in an efficient and scalable way. To this end, MAYHEM introduces a novel hybrid symbolic execution scheme that combines the beneﬁts of existing symbolic execution techniques (both online and offline) into a single system. We also present index-based memory modeling, a technique that allows MAYHEM to discover more exploitable bugs at the binary-level. We used MAYHEM to analyze 29 applications and automatically identified and demonstrated 29 exploitable vulnerabilities."
Saranga Komanduri talked on Guess again (and again and again): Measuring Password Strength by Simulating Password-cracking Algorithms, co-authored with Patrick Gage Kelley, Michelle L. Mazurek, Richard Shay, Tim Vidas, Lujo Bauer, Nicolas Christin, Lorrie Faith Cranor, and Julio Lopez.
"We introduced a new, efﬁcient technique for evaluating password strength, which can be implemented for a variety of password-guessing algorithms and tuned using a variety of training sets to gain insight into the comparative guess resistance of different sets of passwords. Using this technique, we performed a more comprehensive password analysis than had previously been possible. We found several notable results about the comparative strength of different composition policies. Although NIST considers basic16 and comprehensive8 equivalent, we found that basic16 is superior against large numbers of guesses. Combined with a prior result that basic16 is also easier for users , this suggests basic16 is the better policy choice. We also found that the effectiveness of a dictionary check depends heavily on the choice of dictionary; in particular, a large blacklist created using state-of-the-art password-guessing techniques is much more effective than a standard dictionary at preventing users from choosing easily guessed passwords. Our results also reveal important information about conducting guess-resistance analysis ..."
Hsu-Chun Hsiao presented LAP: Lightweight Anonymity and Privacy, co-authored with Tiffany Hyun-Jin Kim, and Adrian Perrig, along with Akira Yamada (KDDI R&D), Sam Nelson and Marco Gruteser (Rutgers University), and Wei Ming (Tsinghua University).
"In this framework, our approach is simple yet effective: by leveraging encrypted packet-carried forwarding state, ISPs that support our protocol can efﬁciently forward packets towards the destination, where each encrypted ISP-hop further camouflages the source or destination address or its location. Although encrypted packet-carried forwarding state is currently not supported in IP, we design simple extensions to IP that could enable this technology. In particular, our approach is even more relevant in future network architectures, where the design can be readily incorporated. This new point in the design space of anonymity protocols could also be used in concert with other techniques, for example in conjunction with Tor to prevent one Tor node from learning its successor. Despite weaker security properties than Tor, we suspect that LAP contributes a significant benefit towards providing topological anonymity, as LAP is practical to use for all communication.
Zongwei Zhou delivered Building Verifiable Trusted Path on Commodity X86 Computers, co-authored with CyLab Director Virgil Gligor, as well as James Newsome and Jonathan M. McCune.
"Building a general-purpose trusted path mechanism for commodity computers with a signiﬁcant level of assurance requires substantial systems engineering, which has not been completely achieved by prior work. Speciﬁcally, it requires (1) effective countermeasures against I/O attacks enabled by inadequate I/O architectures and potentially compromised operating systems; and (2) small trusted codebases that can be integrated with commodity operating systems. The design presented in this paper shows that, in principle, trusted path can be achieved on commodity computers, and suggests that simple I/O architecture changes would simplify trusted-path design considerably."
See all CyLab Chronicles articles