Visible to the public Automated Reduction of Attack Surface Using Call Graph Enumeration

TitleAutomated Reduction of Attack Surface Using Call Graph Enumeration
Publication TypeConference Paper
Year of Publication2018
AuthorsAndo, Ruo
Conference NameProceedings of the 2018 2Nd International Conference on Management Engineering, Software Engineering and Service Sciences
ISBN Number978-1-4503-5431-8
Keywordsattack surface, Automated reduction, call graph, composability, CVE-2013-4371, edge detection, Metrics, pubcrawl, resilience, Resiliency, Scalability, security, user-after-free, Xen

There have been many research efforts on detecting vulnerability such as model checking and formal method. However, according to Rice's theorem, checking whether a program contains vulnerable code by static checking is undecidable in general. In this paper, we propose a method of attack surface reduction using enumeration of call graph. Proposal system is divided into two steps: enumerating edge E[Function Fi, Function Fi+1] and constructing call graph by recursive search of [E1, E2, En]. Proposed method enables us to find the sum of paths of which leaf node is vulnerable function VF. Also, root node RF of call graph is part of program which is open to attacker. Therefore, call graph [VF, RF] can be eliminated according the situation where the program is running. We apply proposal method to the real programs (Xen) and extracts the attack surface of CVE-2013-4371. These vulnerabilities are classified into two class: use-after-free and assertion failure. Also, numerical result is shown in searching attack surface of Xen with different search depth of constructing call graph.

Citation Keyando_automated_2018