STING: Finding name resolution vulnerabilities in programs

Hayawardh Vijayakumar, Joshua Schiffman, Trent Jaeger

Research output: Contribution to conferencePaper

Abstract

The process of name resolution, where names are resolved into resource references, is fundamental to computer science, but its use has resulted in several classes of vulnerabilities. These vulnerabilities are difficult for programmers to eliminate because their cause is external to the program: the adversary changes namespace bindings in the system to redirect victim programs to a resource of the adversary’s choosing. Researchers have also found that these attacks are very difficult to prevent systematically. Any successful defense must have both knowledge about the system namespace and the program intent to eradicate such attacks. As a result, finding and fixing program vulnerabilities to such as attacks is our best defense. In this paper, we propose the STING test engine, which finds name resolution vulnerabilities in programs by performing a dynamic analysis of name resolution processing to produce directed test cases whenever an attack may be possible. The key insight is that such name resolution attacks are possible whenever an adversary has write access to a directory shared with the victim, so STING automatically identifies when such directories will be accessed in name resolution to produce test cases that are likely to indicate a true vulnerability if undefended. Using STING, we found 21 previously-unknown vulnerabilities in a variety of Linux programs on Ubuntu and Fedora systems, demonstrating that comprehensive testing for name resolution vulnerabilities is practical.

Original languageEnglish (US)
Pages585-599
Number of pages15
StatePublished - Jan 1 2012
Event21st USENIX Security Symposium - Bellevue, United States
Duration: Aug 8 2012Aug 10 2012

Conference

Conference21st USENIX Security Symposium
CountryUnited States
CityBellevue
Period8/8/128/10/12

    Fingerprint

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Cite this

Vijayakumar, H., Schiffman, J., & Jaeger, T. (2012). STING: Finding name resolution vulnerabilities in programs. 585-599. Paper presented at 21st USENIX Security Symposium, Bellevue, United States.