This project focuses on building a test bed that will enable scalable and automated security testing of applications.
Software secure design and security testing techniques are fundamental to the development of secure software. Many of the properties, strengths, and limitations of these techniques, however, can be fully understood only through rigorous, controlled experiments. This project addresses these challenges. The overall objective is to help engineers create dependable secure systems. To do this, this project engages in the following research and development activities:
-Development of test generation tools that consist of three components: a model-based security test sequence generator that generates tests automatically from a secure design considering two design-level models ? security and threat models; an executable test code generator that converts security tests derived from security and threat models to test code that can be executed together with the implementation under test; a test input generator that generates actual inputs to complete test cases using a syntax-based testing approach.
-Development of the testbed that includes various software artifacts and test automation tools to support controlled experiments with security testing.
Several tangible results from this work are expected. The success of this project may open a new avenue to automated testing for security, which can improve security assurance while significantly reducing the overall development costs of secure systems. In particular, this work may make it possible to develop many new strategies for generating security test code in terms of a rich variety of coverage criteria for secure design models. This will lay a foundation for evaluating scalability and cost-effectiveness (e.g., in terms of vulnerability detection capability and testing cost) of various security testing strategies.
This project has several broad impacts: the proposed work will support several graduate and undergraduate students as they work toward their degree goals and provide them with experience with developing tools and empirical studies. Also, this proposal is focused on making the resulting infrastructure available to researchers and educators, enabling them to use tools and perform controlled experiments as well as train students.
North Dakota is an EPSCOR state, thus, support for this project will help meet the goals of the EPSCoR program.
Software security issues have been a major concern to the cyber space community. These issues include denial of service attacks, attacks that corrupt data, and attacks that lead to disclosure of confidential information, such as sensitive financial and medical data. While the importance of trustworthy software systems has been well recognized and tremendous effort has been devoted to enhancing cyber security, companies have still suffered from various cyber crimes. To improve software security, in this research, we developed security testing techniques, constructed a testbed that includes various software artifacts and test automation tools, and performed controlled experiments to evaluate our proposed approach using the testbed. Under support of this grant, we engaged in several activities directed at the grant's objectives and produced the following outcomes. o Intellectual Merit * Developed a test input generation tool for security testing considering valid inputs for functional testing and invalid inputs for testing a system's security vulnerabilities. * Established a source control repository for the testbed, and defined a generic structure for software artifacts so that we can easily manage and extend them as our project proceeds. * Performed empirical studies assessing the effectiveness of the model-based approach for detecting security vulnerabilities. The empirical studies showed the following results: - Our threat model-based security testing approach can be effective in discovering unmitigated threats. - Through the threat tree-based approach from the adversary's perspective, we could identify the threat goals that an attacker wants to realize, and these threat goals are the targets of our security testing. - Different sequences of attack actions have been derived from the threat trees, and these sequences of attack actions represent the ways in which an attacker realizes the threat goals and thus provide a basis for security test sequences. - The results also showed that some threats trees that exposed vulnerabilities in one application could be used to expose vulnerabilities in other application after being slightly modified. o Broader Impacts * Contributions to human resource development: Primary contributions to date have involved training of graduate students Md. Hossain, Aaron Marback, Lijo Thomas, and Satish Ekambaram, and undergraduate students Michael Delaney, Justin Anderson, Nathan Ehresmann, Brett Kaber, Cesar Ramirez, Huheun Lee, Austen Dicken, Daniel Woodraska, Joshua Windsor, and Micahel Kent in topic areas related to software security testing and empirical studies. * Pending patent - The techniques for security test generation from threat nets are included in the US Patent Application #13525824 (Model-based Test Code Generation for Software Testing) filed in June 2012. * We produced several research papers including IEEE international conferences and journals. * We produced the following software tools and software artifacts. - The testbed contains several PHP web applications and associated software artifacts. - Test input generation tool. - Security regression testing tool (PARTE). - Tool for automated generation of security test code - Security mutants of FileZilla FTP Server and Magento - Model-Based Integration and System Test Automation (MISTA) tool
