CERIAS Weekly Security Seminar - Purdue University artwork

Wenliang Du & Mahesh Tripunitara, "Security Relevancy Analysis on the Registry of Windows NT 4.0 (for Wenliang Du)"

CERIAS Weekly Security Seminar - Purdue University

English - November 19, 1999 21:30 - 220 MB Video - ★★★★ - 6 ratings
Technology Education Courses infosec security video seminar cerias purdue information sfs research education Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Mahesh Tripunitara, "Thwarting Denial of Service Attacks against Communication Protocols with Backward Compatible Changes: A Case Study"
Next Episode: Gene Kim, "Open Source Issues and Opportunities for Tripwire"

Many security breaches are caused by inappropriate inputs crafted
by people with malicious intents. To enhance the system security,
we need either to ensure that inappropriate inputs are filtered out
by the program, or to ensure that only trusted people can access
those inputs. In the second approach, we sure do not want to put
such constraint on every input, instead, we only want to restrict
the access to the security relevant inputs. The goal of this paper
is to investigate how to identify which inputs are relevant to
system's security. We have formulated the problem as an security
relevancy problem, and deploy static analysis technique to identify
security relevant inputs. Our approach are based on dependency
analysis technique, it identifies if the behavior of any security
critical action depends on certain input. If such a dependency
relationship exists, we say that the input is security relevant,
otherwise, we say the input is security non-relevant. We have
applied this technique to a security analysis project initiated by
Microsoft Windows NT security group. The project is intended to
identify security relevant registry keys (a special kind of input)
in Windows NT operating system. The results produced from this
approach is proved to be useful to enhance Windows NT security. We
will report our experience and results from this project in the
paper. Thwarting Denial of Service Attacks against Communication
Protocols with Backward Compatible Changes: A Case Study(for Mahesh
Tripunitara) We will discuss a novel approach to building
safeguards against denial of service attacks against communication
protocols. Our approach involves changes to the relevant
communication protocol subject to the following constraint: the
protocol that results from the change must be backward compatible
with the unchanged protocol. That is, an entity that employs the
changed protocol must be able to communicate with an entity that
employs the unchanged version. We will look at a specific problem
in this context. The problem involves a class of denial of service
attacks against IP. The class is called ARP (Address Resolution
Protocol) cache poisoning and involves an attacker introducing a
spurious IP to Ethernet mapping in a victim's ARP cache. We will
discuss the solution and some implementation aspects of it. Apart
from being backward compatible, our solution has two favourable
properties: it is implemented as middleware, and is asynchronous