Triggerflow: Regression Testing by Advanced Execution Path Inspection

Iaroslav Gridin; Cesar Pereida García; Nicola Tuveri; Billy Bob Brumley

doi:10.1007/978-3-030-22038-9_16

Triggerflow: Regression Testing by Advanced Execution Path Inspection

Iaroslav Gridin, Cesar Pereida García, Nicola Tuveri, Billy Bob Brumley

Tietotekniikka

Tutkimustuotos: Konferenssiartikkeli › Tieteellinen › vertaisarvioitu

9 Sitaatiot (Scopus)

Abstrakti

Cryptographic libraries often feature multiple implementations of primitives to meet both the security needs of handling private information and the performance requirements of modern services when the handled information is public. OpenSSL, the de-facto standard free and open source cryptographic library, includes mechanisms to differentiate the confidential data and its control flow, including run-time flags, designed for hardening against timing side-channels, but repeatedly accidentally mishandled in the past. To analyze and prevent these accidents, we introduce Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. We validate this approach with case studies demonstrating how adopting our method in the development pipeline would have promptly detected such accidents. We further show-case the value of the tooling by presenting two novel discoveries facilitated by Triggerflow: one leak and one defect.

Alkuperäiskieli	Englanti
Otsikko	Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings
Toimittajat	Clémentine Maurice, Giorgio Giacinto, Roberto Perdisci, Magnus Almgren, Roberto Perdisci
Kustantaja	Springer Verlag
Sivut	330-350
Sivumäärä	21
ISBN (painettu)	9783030220372
DOI - pysyväislinkit	https://doi.org/10.1007/978-3-030-22038-9_16
Tila	Julkaistu - 2019
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisussa
Tapahtuma	International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment - Gothenburg, Ruotsi Kesto: 19 kesäk. 2019 → 20 kesäk. 2019

Julkaisusarja

Nimi	Lecture Notes in Computer Science
Vuosikerta	11543
ISSN (painettu)	0302-9743
ISSN (elektroninen)	1611-3349

Conference

Conference	International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Maa/Alue	Ruotsi
Kaupunki	Gothenburg
Ajanjakso	19/06/19 → 20/06/19

Julkaisufoorumi-taso

Jufo-taso 1

!!ASJC Scopus subject areas

Theoretical Computer Science
Yleinen tietojenkäsittelytiede

Pääsy asiakirjaan

10.1007/978-3-030-22038-9_16

https://eprint.iacr.org/2019/366Lisenssi: Unspecified

Siteeraa tätä

Gridin, I., Pereida García, C., Tuveri, N., & Brumley, B. B. (2019). Triggerflow: Regression Testing by Advanced Execution Path Inspection. teoksessa C. Maurice, G. Giacinto, R. Perdisci, M. Almgren, & R. Perdisci (Toimittajat), Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings (Sivut 330-350). (Lecture Notes in Computer Science; Vuosikerta 11543). Springer Verlag. https://doi.org/10.1007/978-3-030-22038-9_16

Gridin, Iaroslav ; Pereida García, Cesar ; Tuveri, Nicola et al. / Triggerflow : Regression Testing by Advanced Execution Path Inspection. Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings. Toimittaja / Clémentine Maurice ; Giorgio Giacinto ; Roberto Perdisci ; Magnus Almgren ; Roberto Perdisci. Springer Verlag, 2019. Sivut 330-350 (Lecture Notes in Computer Science).

@inproceedings{6159fba6aa6f417682f2beabe30b276e,

title = "Triggerflow: Regression Testing by Advanced Execution Path Inspection",

abstract = "Cryptographic libraries often feature multiple implementations of primitives to meet both the security needs of handling private information and the performance requirements of modern services when the handled information is public. OpenSSL, the de-facto standard free and open source cryptographic library, includes mechanisms to differentiate the confidential data and its control flow, including run-time flags, designed for hardening against timing side-channels, but repeatedly accidentally mishandled in the past. To analyze and prevent these accidents, we introduce Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. We validate this approach with case studies demonstrating how adopting our method in the development pipeline would have promptly detected such accidents. We further show-case the value of the tooling by presenting two novel discoveries facilitated by Triggerflow: one leak and one defect.",

keywords = "Applied cryptography, Continuous integration, Dynamic program analysis, OpenSSL, Regression testing, Side-channel analysis, Software testing",

author = "Iaroslav Gridin and {Pereida Garc{\'i}a}, Cesar and Nicola Tuveri and Brumley, {Billy Bob}",

note = "jufoid=62555; International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment ; Conference date: 19-06-2019 Through 20-06-2019",

year = "2019",

doi = "10.1007/978-3-030-22038-9_16",

language = "English",

isbn = "9783030220372",

series = "Lecture Notes in Computer Science",

publisher = "Springer Verlag",

pages = "330--350",

editor = "Cl{\'e}mentine Maurice and Giorgio Giacinto and Roberto Perdisci and Magnus Almgren and Roberto Perdisci",

booktitle = "Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings",

address = "Germany",

}

Gridin, I, Pereida García, C, Tuveri, N & Brumley, BB 2019, Triggerflow: Regression Testing by Advanced Execution Path Inspection. julkaisussa C Maurice, G Giacinto, R Perdisci, M Almgren & R Perdisci (toim), Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings. Lecture Notes in Computer Science, Vuosikerta 11543, Springer Verlag, Sivut 330-350, International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Gothenburg, Ruotsi, 19/06/19. https://doi.org/10.1007/978-3-030-22038-9_16

Triggerflow: Regression Testing by Advanced Execution Path Inspection. / Gridin, Iaroslav; Pereida García, Cesar; Tuveri, Nicola et al.
Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings. toim. / Clémentine Maurice; Giorgio Giacinto; Roberto Perdisci; Magnus Almgren; Roberto Perdisci. Springer Verlag, 2019. s. 330-350 (Lecture Notes in Computer Science; Vuosikerta 11543).

Tutkimustuotos: Konferenssiartikkeli › Tieteellinen › vertaisarvioitu

TY - GEN

T1 - Triggerflow

T2 - International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment

AU - Gridin, Iaroslav

AU - Pereida García, Cesar

AU - Tuveri, Nicola

AU - Brumley, Billy Bob

N1 - jufoid=62555

PY - 2019

Y1 - 2019

N2 - Cryptographic libraries often feature multiple implementations of primitives to meet both the security needs of handling private information and the performance requirements of modern services when the handled information is public. OpenSSL, the de-facto standard free and open source cryptographic library, includes mechanisms to differentiate the confidential data and its control flow, including run-time flags, designed for hardening against timing side-channels, but repeatedly accidentally mishandled in the past. To analyze and prevent these accidents, we introduce Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. We validate this approach with case studies demonstrating how adopting our method in the development pipeline would have promptly detected such accidents. We further show-case the value of the tooling by presenting two novel discoveries facilitated by Triggerflow: one leak and one defect.

AB - Cryptographic libraries often feature multiple implementations of primitives to meet both the security needs of handling private information and the performance requirements of modern services when the handled information is public. OpenSSL, the de-facto standard free and open source cryptographic library, includes mechanisms to differentiate the confidential data and its control flow, including run-time flags, designed for hardening against timing side-channels, but repeatedly accidentally mishandled in the past. To analyze and prevent these accidents, we introduce Triggerflow, a tool for tracking execution paths that, assisted by source annotations, dynamically analyzes the binary through the debugger. We validate this approach with case studies demonstrating how adopting our method in the development pipeline would have promptly detected such accidents. We further show-case the value of the tooling by presenting two novel discoveries facilitated by Triggerflow: one leak and one defect.

KW - Applied cryptography

KW - Continuous integration

KW - Dynamic program analysis

KW - OpenSSL

KW - Regression testing

KW - Side-channel analysis

KW - Software testing

U2 - 10.1007/978-3-030-22038-9_16

DO - 10.1007/978-3-030-22038-9_16

M3 - Conference contribution

AN - SCOPUS:85067827171

SN - 9783030220372

T3 - Lecture Notes in Computer Science

SP - 330

EP - 350

BT - Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings

A2 - Maurice, Clémentine

A2 - Giacinto, Giorgio

A2 - Perdisci, Roberto

A2 - Almgren, Magnus

A2 - Perdisci, Roberto

PB - Springer Verlag

Y2 - 19 June 2019 through 20 June 2019

ER -

Gridin I, Pereida García C, Tuveri N, Brumley BB. Triggerflow: Regression Testing by Advanced Execution Path Inspection. julkaisussa Maurice C, Giacinto G, Perdisci R, Almgren M, Perdisci R, toimittajat, Detection of Intrusions and Malware, and Vulnerability Assessment - 16th International Conference, DIMVA 2019, Proceedings. Springer Verlag. 2019. s. 330-350. (Lecture Notes in Computer Science). doi: 10.1007/978-3-030-22038-9_16

Triggerflow: Regression Testing by Advanced Execution Path Inspection

Abstrakti

Julkaisusarja

Conference

Julkaisufoorumi-taso

!!ASJC Scopus subject areas

Pääsy asiakirjaan

Sormenjälki

Siteeraa tätä