Trent Jaeger, Associate Professor, Computer Science and Engineering

The Pennsylvania State University

Adversary Accessibility: The Key to Finding and Preventing Vulnerabilities

Wednesday, January 23, 4:00 PM

Packard Lab Room 466

Reception in the lobby of Packard Lab prior to seminar

Abstract: A vulnerability is said to require three elements: a system flaw, adversary access to that flaw, and adversary ability to exploit that flaw. In this talk, I will focus on methods to compute and use adversary access as a means to identify and prevent vulnerabilities. First, I will show that we can compute adversary accessibility to program entrypoints, the set of called its attack surface, from security policies in commodity operating systems. We find that while every program we examined in a Linux distribution interacts with an adversary in some way, the number of entrypoints used to access adversary-controlled data is often small. Second, I will show how such knowledge is useful in finding vulnerabilities. Specifically, I will show how name resolution vulnerabilities can be found reliability from an understanding of adversary access. Third, I will describe a system mechanism for limiting adversary access to individual program entrypoints, called the Process Firewall, which can efficiently prevent a variety of attacks. Finally, I will show how the knowledge of adversary access to entrypoints can be used to retrofit legacy programs with authorization code automatically. By tracking adversary accessibility, I argue that vulnerabilities can be found and prevented in a more proactive manner than we do today.

BIO: Trent Jaeger is an Associate Professor in the Computer Science and Engineering Department at The Pennsylvania State University and the Co-Director of the Systems and Internet Infrastructure Security (SIIS)Lab. Trent's research interests include operating systems security, and the application of programming language techniques to security. He has published over 100 refereed research papers on these subjects and is the author of the book "Operating Systems Security," which examines the principles and designs of secure operating systems. He is active in the security research community, chairing and participating in numerous program committees for security conferences. He is an associate editor with ACM TOIT and has been a guest editor of ACM TISSEC. Trent has a B.S. from the California State Polytechnic University, Pomona in Chemical Engineering in 1985 and M.S. and Ph.D. degrees from the University of Michigan, Ann Arbor in Computer Science and Engineering in 1993 and 1997, respectively. He previously worked at IBM Research Watson from 1996 to 2005, when he joined Penn State.

© 2014-2016 Computer Science and Engineering, P.C. Rossin College of Engineering & Applied Science, Lehigh University, Bethlehem PA 18015.