Runtime Verification of Linux Kernel Security Module

Efremov, Denis; Shchepetkov, Ilya

doi:10.1007/978-3-030-54997-8_12

Cited by 4 publications

(2 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Отдельного упоминания заслуживает линейка инструментов динамического анализа, разрабатываемая и активно развиваемая на протяжении уже долгого времени в Институте системного программирования им. В. П. Иванникова РАН, покрывающая почти все виды динамического анализа [109][110][111]160,161,[224][225][226].…”

Section: заключениеunclassified

Survey of Software Dynamic Analysis Methods

Kuliamin

2023

Proceedings of ISP RAS

View full text Add to dashboard Cite

The article presents a survey of software dynamic analysis methods. The main focus of the survey is on methods supported by tools, targeted on software security verification and applicable to system software. The survey examines in detail fuzzing and dynamic symbolic execution techniques. Dynamic taint data analysis is excluded due to difficulty of gathering technical details of its implementation. Review of fuzzing and dynamic symbolic execution is focused mostly on the techniques used in supporting tools, not on tools themselves, because their number exceeds 100 already. Also, the techniques of fuzzing counteraction are surveyed.

show abstract

Section: заключениеunclassified

Survey of Software Dynamic Analysis Methods

Kuliamin

2023

Proceedings of ISP RAS

View full text Add to dashboard Cite

show abstract

“…The above approaches aim to either check or ensure functional correctness and do not consider security. Runtime security analysis techniques are usually based on runtime monitoring [86], where a monitor is constructed from a system specification to observe and verify the executions at runtime, e.g., in the context of programs (See [279] for a survey on inline security monitors), OS-level [70], system-level [116] etc. The above approaches check whether a specification is satisfied by the current execution or not, while we focus on threat analysis to compute security risks.…”

Section: Runtime (Security) Verification and Adaptive Securitymentioning

confidence: 99%

Design and Analysis of Self-protection: Adaptive Security for Software-Intensive Systems

Skandylas¹

View full text Add to dashboard Cite

Today's software landscape features a high degree of complexity, frequent changes in requirements and stakeholder goals, and uncertainty.Uncertainty and high complexity imply a threat landscape where cybersecurity attacks are a common occurrence while their consequences are often severe. Self-adaptive systems have been proposed to mitigate the complexity and frequent changes by adapting at run-time to deal with situations not known at design time.Self-adaptive systems that aim to identify, analyse and mitigate threats autonomously are called self-protecting systems.This thesis contributes approaches towards developing systems with self-protection capabilities under two perspectives. Under the first perspective, we enhance the security of component-based systems and equip them with self-protection capabilities that reduce the exposedattack surface or provide efficient defenses against identified attacks. We target systems where information about the system components and the adaptationdecisions is available, and control over the adaptation is possible. We employ runtime threat modeling and analysis using quantitative risk analysis and probabilistic verification to rank adaptations to be applied in the system in terms of their security levels. We then introduce modular and incremental verification approaches to tackle the scalability issues of probabilistic verification to be able to analyze larger-scale software systems.To protect against cyberattacks that cannot be mitigated by reducing the exposed attack surface, we propose an approach to analyze the security of different software architectures incorporating countermeasures to decide on the most suitable ones to evolve to. Under the second perspective, we study open decentralized systems where we have limited information about and limited control over the system entities. We employ decentralized information flow control mechanisms to enforce security by controlling the interactions among the system elements.We extend decentralized information flow control by incorporating trust and adding adaptationcapabilities that allow the system to identify security threats and self-organize to maximize trust between the system entities.

show abstract