TUTCRIS - Tampereen teknillinen yliopisto

TUTCRIS

Triggerflow: Regression Testing by Advanced Execution Path Inspection

Tutkimustuotosvertaisarvioitu

Yksityiskohdat

AlkuperäiskieliEnglanti
OtsikkoDetection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings
ToimittajatClémentine Maurice, Giorgio Giacinto, Roberto Perdisci, Magnus Almgren, Roberto Perdisci
KustantajaSpringer Verlag
Sivut330-350
Sivumäärä21
ISBN (painettu)9783030220372
DOI - pysyväislinkit
TilaJulkaistu - 2019
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaInternational Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Gothenburg, Ruotsi
Kesto: 19 kesäkuuta 201920 kesäkuuta 2019

Julkaisusarja

NimiLecture Notes in Computer Science
Vuosikerta11543
ISSN (painettu)0302-9743
ISSN (elektroninen)1611-3349

Conference

ConferenceInternational Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
MaaRuotsi
KaupunkiGothenburg
Ajanjakso19/06/1920/06/19

Tiivistelmä

Cryptographic libraries often feature multiple implementations of primitives to meet both the security needs of handling private information and the performance requirements of modern services when the handled information is public. OpenSSL, the de-facto standard free and open source cryptographic library, includes mechanisms to differentiate the confidential data and its control flow, including run-time flags, designed for hardening against timing side-channels, but repeatedly accidentally mishandled in the past. To analyze and prevent these accidents, we introduce Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. We validate this approach with case studies demonstrating how adopting our method in the development pipeline would have promptly detected such accidents. We further show-case the value of the tooling by presenting two novel discoveries facilitated by Triggerflow: one leak and one defect.

Tutkimusalat

Julkaisufoorumi-taso