Security analysis of bytecode interpreters using Alloy

Security analysis of bytecode interpreters using Alloy

Thesis (Ph.D.)--Boston University === PLEASE NOTE: Boston University Libraries did not receive an Authorization To Manage form for this thesis or dissertation. It is therefore not openly accessible, though it may be available by request. If you are the author or principal advisor of this work and wo...

Full description

Bibliographic Details
Main Author: Reynolds, Mark Clifford
Language:en_US
Published: Boston University 2018
Subjects:
Programming languages
Security analysis
Digital security
Online Access:https://hdl.handle.net/2144/32048
id ndltd-bu.edu-oai-open.bu.edu-2144-32048
record_format oai_dc
spelling ndltd-bu.edu-oai-open.bu.edu-2144-320482019-06-14T15:02:30Z Security analysis of bytecode interpreters using Alloy Reynolds, Mark Clifford Programming languages Security analysis Digital security Thesis (Ph.D.)--Boston University PLEASE NOTE: Boston University Libraries did not receive an Authorization To Manage form for this thesis or dissertation. It is therefore not openly accessible, though it may be available by request. If you are the author or principal advisor of this work and would like to request open access for it, please contact us at open-help@bu.edu. Thank you. Security of programming languages, particularly programming languages used for network applications, is a major issue at this time. Despite the best efforts of language designers and implementers, serious security vulnerabilities continue to be discovered at an alarming rate. Thus, development of analysis tools that can be used to uncover insecure or malicious code is an important area of research. This thesis focuses on the use of the lightweight formal method tool Alloy to perform static analysis on binary code, Byte-compiled languages that run on virtual machines are of particular interest because of their relatively small instruction sets, and also because they are well represented on the Internet. This thesis describes a static analysis methodology in which desired security properties of a language are expressed as constraints in Alloy, while the actual bytes being analyzed are expressed as Alloy model initializers. The combination of these two components yields a complete Alloy model in which any model counterexample represents a constraint violation, and hence a security vulnerability. The general method of expressing security requirements as constraints is studied, and results are presented for Java bytecodes running on the Java Virtual Machine, as well as for Adobe Flash SWF files containing ActionScript bytecodes running on the Action Script Virtual Machine. It is demonstrated that many examples of malware are detected by this technique. In addition, analysis of benign software is shown to not produce any counterexamples. This represents a significant departure from standard methods based on signatures or anomaly detection. 2031-01-02 2018-11-07T16:00:17Z 2012 2012 Thesis/Dissertation https://hdl.handle.net/2144/32048 11719032088934 99199899690001161 en_US Boston University
collection NDLTD
language en_US
sources NDLTD
topic Programming languages
Security analysis
Digital security
spellingShingle Programming languages
Security analysis
Digital security
Reynolds, Mark Clifford
Security analysis of bytecode interpreters using Alloy
description Thesis (Ph.D.)--Boston University === PLEASE NOTE: Boston University Libraries did not receive an Authorization To Manage form for this thesis or dissertation. It is therefore not openly accessible, though it may be available by request. If you are the author or principal advisor of this work and would like to request open access for it, please contact us at open-help@bu.edu. Thank you. === Security of programming languages, particularly programming languages used for network applications, is a major issue at this time. Despite the best efforts of language designers and implementers, serious security vulnerabilities continue to be discovered at an alarming rate. Thus, development of analysis tools that can be used to uncover insecure or malicious code is an important area of research. This thesis focuses on the use of the lightweight formal method tool Alloy to perform static analysis on binary code, Byte-compiled languages that run on virtual machines are of particular interest because of their relatively small instruction sets, and also because they are well represented on the Internet. This thesis describes a static analysis methodology in which desired security properties of a language are expressed as constraints in Alloy, while the actual bytes being analyzed are expressed as Alloy model initializers. The combination of these two components yields a complete Alloy model in which any model counterexample represents a constraint violation, and hence a security vulnerability. The general method of expressing security requirements as constraints is studied, and results are presented for Java bytecodes running on the Java Virtual Machine, as well as for Adobe Flash SWF files containing ActionScript bytecodes running on the Action Script Virtual Machine. It is demonstrated that many examples of malware are detected by this technique. In addition, analysis of benign software is shown to not produce any counterexamples. This represents a significant departure from standard methods based on signatures or anomaly detection. === 2031-01-02
author Reynolds, Mark Clifford
author_facet Reynolds, Mark Clifford
author_sort Reynolds, Mark Clifford
title Security analysis of bytecode interpreters using Alloy
title_short Security analysis of bytecode interpreters using Alloy
title_full Security analysis of bytecode interpreters using Alloy
title_fullStr Security analysis of bytecode interpreters using Alloy
title_full_unstemmed Security analysis of bytecode interpreters using Alloy
title_sort security analysis of bytecode interpreters using alloy
publisher Boston University
publishDate 2018
url https://hdl.handle.net/2144/32048
work_keys_str_mv AT reynoldsmarkclifford securityanalysisofbytecodeinterpretersusingalloy
_version_ 1719206381229178880

Similar Items