Title :
Monitoring the Security Health of Software Systems
Author :
Aggarwal, Ashish ; Jalote, Pankaj
Author_Institution :
Comput. Sci. & Eng., Indian Inst. of Technol.
Abstract :
Detecting security bugs during the development cycle of a software is extremely difficult as effective testing approaches for such bugs do not exist. Applications are often deployed without being tested for security vulnerabilities even though the application domain demands highly secure software. Hence there is a need to develop systems which can monitor such applications for security violations and take immediate actions if any violation occurs. In this paper we describe an approach for monitoring the security health of a software system. Our methodology involves an agent based approach which communicates with the health monitoring system running as an independent process. We make this agent a part of the application (binary) and modify the binary at appropriate locations to transfer the control to the agent attached. The agent sends critical information regarding the execution to the monitoring system. The monitoring system analyzes the data and takes suitable actions. Currently our system monitors the following security bugs uffer overflow, race conditions (time of check to time to use vulnerability), random number vulnerability and can be extended for other vulnerabilities also
Keywords :
program debugging; security of data; software agents; system monitoring; agent based approach; buffer overflow; random number vulnerability; security bug detection; security health monitoring; security violations; security vulnerability; software development; software systems; Application software; Computer bugs; Computer science; Computer security; Computerized monitoring; Data analysis; Data security; Information security; Software systems; Software testing;
Conference_Titel :
Software Reliability Engineering, 2006. ISSRE '06. 17th International Symposium on
Conference_Location :
Raleigh, NC
Print_ISBN :
0-7695-2684-5
DOI :
10.1109/ISSRE.2006.32
