This project will develop and test a new classification scheme for security vulnerabilities in existing computer systems and software. A vulnerability exists when a system meets certain conditions, the precise conditions dictating the nature of the vulnerability. The classification scheme will be based upon these conditions. The goal of this research is to: (1) determine whether every vulnerability has a unique, minimally-sized set of such conditions; (2) determine whether vulnerabilities share these conditions; and (3) determine whether, for a large enough set of vulnerabilities, the number of conditions is less than the number of vulnerabilities. The methodology will be to examine vulnerabilities in open source systems and programs, and determine the exact conditions under which a vulnerability can be exploited. The expression of the conditions will be refined iteratively, as more is learned about the conditions needed to exploit vulnerabilities.
The significance of this work is that it will lead to a deeper understanding of why vulnerabilities occur in systems, how to detect them, and how to prevent them. Its broader impact is that, if the hypotheses are true, negating conditions on a system could eliminate vulnerabilities not known at the time. Vendors and security analysts would be able to use the approach we will develop to test systems for vulnerabilities more readily than the current, hit-and-miss methods. Finally, this work would provide a more rigorous basis for developing and teaching methods of writing programs with fewer vulnerabilities than occur now.
