Next Seminar on 20.1.2020
Written on 18.01.2021 13:59 by Stella Wohnig
the next seminar(s) take place on 20.1. at 14:00.
Session A 14:00-15:00:
Paul Szymanski - Mara Schulze - Leon Brettschneider
Meeting-ID: 967 8620 5841
Dominik Sautter - Marvin Hoffmann
Meeting-ID: 990 2598 9421
Speaker: Paul Szymanski
Type of talk: Bachelor Intro
Advisor: Cristian-Alexandru Staicu
The goal of this bachelor thesis is to study existing call graph creation algorithms and identify their limitations, i.e. which language constructs are the most difficult to analyse. Additionally, we are interested in identifying code transformation techniques with the highest impact on the performance of static call graph algorithms, both beneficial and detrimental.
Speaker: Mara Schulze
Type of talk: Bachelor Intro Talk
Advisor: Prof. Christian Rossow
Title: Detecting Cryptojacker Malware in Sandnet purely through network indicators
Many cryptocurrencies require great computational work in order to verify their block chain. This is computationally expensive, and as an incentive to participate in the verification process a small reward is being given to the person who solves a mathematical riddle first, thus "mines" the block. Malware authors exploit that by letting the computations run on the victim's computer and then claiming the reward for themselves.
Sandnet is a dynamic analysis environment, belonging to CISPA. It runs Malware for a long time (ca. one hour) and puts out network based indicators like the domains the malware specimen connects to, the packet size, the connection time etc.
I want to detect Cryptojacker malware purely by the statistics that Sandnet is producing.
Speaker: Leon Bettscheider
Type of talk: Master Final
Advisor: Prof. Dr. Andreas Zeller
Title: Concolic Grammar Refinement for Stateful Fuzzing
Fuzz testing is a widely deployed automated software testing technique which has been used to discover many security-critical software bugs.
Fuzzing probes the program under test for faulty behavior by running it repeatedly on automatically generated inputs.
One of the problems with fuzzing is that, to be effective, fuzzers need to generate plausible inputs that reach nontrivial parts of the program.
Effective fuzzing of stateful programs, such as database engines or web servers, is challenging because generated inputs need to be syntactically valid to be accepted by the parser, and semantically valid with respect to the current ephemeral program state in order to reach deep functionality.
While grammar-based fuzzing presents a method to generate syntactically valid inputs at a high rate, such inputs are typically not semantically valid in the case of stateful programs. For example, the validation of inputs may depend on the state of the program in question (such as session IDs), which are hard to produce using random chance.
To overcome this limitation, we propose a novel grammar refinement strategy for stateful programs.
We start with a context-free grammar, and leverage concolic execution of generated inputs to mine state-based constraints that need to be satisfied.
These constraints are then lifted to the grammar, which results in a grammar that automatically fine tunes itself towards inputs that can reach deeper and deeper code paths in the current execution.
We implement our grammar refinement technique on top of a concolic execution engine for the C programming language.
We demonstrate a proof of concept on SQLite that shows the ability of our approach to mine existing table and column names from the database.
In addition, we combine our approach with a state-of-the-art grammar fuzzer and compare it with grammar fuzzing alone in an experiment on SQLite.
Our evaluation suggests that grammar refinement enhances fuzzing if the targeted state information contains a sufficiently high level of entropy.
Speaker: Dominik Sautter
Type of talk: Bachelor Intro
Advisor: Giancarlo Pellegrino
Title: Detecting Client-Side XSS via Code Property Graphs
The automated detection of web vulnerabilities is challenging and, to date, mostly performed by manually inspecting the source code. A promising idea to ease the automated detection of vulnerabilities is using canonical representations for programs via code-property graphs (CPG) and identify vulnerable behaviors via graph traversals.
Speaker: Marvin Hoffmann
Type of talk: Bachelor Final Talk
Advisor: Alfusainey Jallow, Dr.-Ing. Sven Bugiel
Title: Gamified Crowd-Sourcing the Security Classification of Stack Overflow Code Snippets
Abstract:Stack Overflow is the most widely used forum for developers and IT experts to solve programming issues. Since the answers often contain code snippets solving the problem, prior studies have shown that many snippets are copied and pasted into developer codebases without having a detailed look at it. This behavior causes security breaches in many software products because these code snippets often are insecure. For example,the posted solution could be out of date and not address recent security fixes.
To avoid insecure software, we want to provide a security indication of code snippets posted on Stack Overflow. We investigated if we can classify code snippets using a crowdsourcing approach. Therefore, we built to our knowledge the first web-based crowdsourcing platform to gamify code snippets’ security classification. We presented 150 Java code snippets to security-focused users during the test run and let them classify the snippets into secure or insecure by swiping right or left on our web page. Afterward, we evaluated the classification of the five most classified snippets by inspecting them manually again. With this approach, we can offer researchers an alternative way beneath machine learning approaches and experts classifying to categorize code on Stack Overflow and build the basis for helping developers to write more secure code.
No talk this week.