TY - GEN
T1 - Security relevancy analysis on the registry of windows NT 4.0
AU - Du, Wenliang
AU - Garg, Praerit
AU - Mathur, Aditya P.
N1 - Publisher Copyright:
© 1999 IEEE.
PY - 1999
Y1 - 1999
N2 - Many security breaches are caused by inappropriate inputs crafted by people with malicious intents. To enhance the system security, we need either to ensure that inappropriate inputs are filtered out by the program, or to ensure that only trusted people can access those inputs. In the second approach, we sure do not want to put such constraint on every input, instead, we only want to restrict the access to the security relevant inputs. The goal of this paper is to investigate how to identify which inputs are relevant to system security. We formulate the problem as an security relevancy problem, and deploy static analysis technique to identify security relevant inputs. Our approach is based on dependency analysis technique; it identifies if the behavior of any security critical action depends on certain input. If such a dependency relationship exists, we say that the input is security relevant, otherwise, we say the input is security non-relevant. This technique is applied to a security analysis project initiated by Microsoft Windows NT security group. The project is intended to identify security relevant registry keys in the Windows NT operating system. The results from this approach is proved useful to enhancing Windows NT security. Our experiences and results from this project are presented in the paper.
AB - Many security breaches are caused by inappropriate inputs crafted by people with malicious intents. To enhance the system security, we need either to ensure that inappropriate inputs are filtered out by the program, or to ensure that only trusted people can access those inputs. In the second approach, we sure do not want to put such constraint on every input, instead, we only want to restrict the access to the security relevant inputs. The goal of this paper is to investigate how to identify which inputs are relevant to system security. We formulate the problem as an security relevancy problem, and deploy static analysis technique to identify security relevant inputs. Our approach is based on dependency analysis technique; it identifies if the behavior of any security critical action depends on certain input. If such a dependency relationship exists, we say that the input is security relevant, otherwise, we say the input is security non-relevant. This technique is applied to a security analysis project initiated by Microsoft Windows NT security group. The project is intended to identify security relevant registry keys in the Windows NT operating system. The results from this approach is proved useful to enhancing Windows NT security. Our experiences and results from this project are presented in the paper.
UR - http://www.scopus.com/inward/record.url?scp=56749087331&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=56749087331&partnerID=8YFLogxK
U2 - 10.1109/CSAC.1999.816044
DO - 10.1109/CSAC.1999.816044
M3 - Conference contribution
AN - SCOPUS:56749087331
SN - 0769503462
T3 - Proceedings - Annual Computer Security Applications Conference, ACSAC
SP - 331
EP - 338
BT - Proceedings - 15th Annual Computer Security Applications Conference, ACSAC 1999
PB - Association for Computing Machinery
T2 - 15th Annual Computer Security Applications Conference, ACSAC 1999
Y2 - 6 December 1999 through 10 December 1999
ER -