Showing papers by "Cristina Cifuentes published in 2015"

Understanding caller-sensitive method vulnerabilities: a class of access control vulnerabilities in the Java platform

Abstract: Late 2012 and early 2013 saw a spike of new Java vulnerabilities being reported in 0-day attacks and used in the wild, that allowed bypass of the Java sandbox. These vulnerabilities were of a variety of types: unguarded caller-sensitive methods, unsafe use of doPrivileged, invalid deserialisation, invalid serialisation, and more. Oracle reacted quickly by making available patches and has now increased the scheduled patch update cycle to 4 releases a year. Unlike more traditional vulnerabilities such as buffer overflow and cross-site scripting that have been studied in the literature for many years, these new Java vulnerabilities lack a clear definition of what the corresponding security bug type is, and what rules apply to each bug type. In this paper we give an overview of one type of access control vulnerabilities that affects the Java platform---unguarded caller-sensitive method calls. The aim of the paper is to explain to the practitioner what the vulnerability is, why it happens in the context of the Java security model, and how to fix it. For the program analysis community, the aim is to define the security bug type, to be able to detect this type of vulnerability.

Frappé: Querying the Linux Kernel Dependency Graph

Abstract: Frappe is a developer tool for querying and visualizing the dependencies of large C/C++ software systems to the order of 10s of millions of lines of code in size. It supports developers with a range of code comprehension queries such as Does function X or something it calls write to global variable Y? and How much code could be affected if I change this macro? Results are overlaid on a visualization of the dependency graph data based on a cartographic map metaphor.In this paper, we give a brief overview of Frappe and describe our experiences implementing it on top of the Neo4j graph database. We detail the graph model used by Frappe and outline its key use cases using representative queries and their runtimes with the dependency graph data of the Unbreakable Enterprise Kernel.Finally, we discuss some of the open challenges in supporting source code queries across single and multiple versions of an evolving codebase with current property graph database technologies: performance, efficient storage, and the expressivity of the graph querying language given a graph model.