Publications

Abstract not provided.

Vulnerability analysts protecting software lack adequate tools for understanding data flow in binaries. We present a case study in which we used human factors methods to develop a taxonomy for understanding data flow and the visual representations needed to support decision making for binary vulnerability analysis. Using an iterative process, we refined and evaluated the taxonomy by generating three different data flow visualizations for small binaries, trained an analyst to use these visualizations, and tested the utility of the visualizations for answering data flow questions. Throughout the process and with minimal training, analysts were able to use the visualizations to understand data flow related to security assessment. Our results indicate that the data flow taxonomy is promising as a mechanism for improving analyst understanding of data flow in binaries and for supporting efficient decision making during analysis.

Adversary sophistication in the cyber domain is a constantly growing threat. As more systems become accessible from the Internet, the risk of breach, exploitation, and malice grows. To thwart reconnaissance and exploitation, Moving Target Defense (MTD) has been researched and deployed in various systems to modify the threat surface of a system. Tools are necessary to analyze the security, reliability, and resilience of their information systems against cyber-Attack and measure the effectiveness of the MTD technologies. Today's security analyses utilize (1) real systems such as computers, network routers, and other network equipment; (2) computer emulations (e.g., virtual machines); and (3) simulation models separately. In this paper, we describe the progress made in developing and utilizing hybrid Live, Virtual, Constructive (LVC) environments for the evaluation of a set of MTD technologies. The LVC methodology has been most rooted in the Modeling Simulation (MS) work of the Department of Defense. With the recent advances in virtualization and software-defined networking, Sandia has taken the blueprint for LVC and extended it by crafting hybrid environments of simulation, emulation, and human-in-The-loop. Furthermore, we discuss the empirical analysis of MTD technologies and approaches with LVC-based experimentation, incorporating aspects that may impact an operational deployment of the MTD under evaluation.

Adversary sophistication in the cyber domain is a constantly growing threat. As more systems become accessible from the Internet, the risk of breach, exploitation, and malice grows. To thwart reconnaissance and exploitation, Moving Target Defense (MTD) has been researched and deployed in various systems to modify the threat surface of a system. Tools are necessary to analyze the security, reliability, and resilience of their information systems against cyber-Attack and measure the effectiveness of the MTD technologies. Today's security analyses utilize (1) real systems such as computers, network routers, and other network equipment; (2) computer emulations (e.g., virtual machines); and (3) simulation models separately. In this paper, we describe the progress made in developing and utilizing hybrid Live, Virtual, Constructive (LVC) environments for the evaluation of a set of MTD technologies. The LVC methodology has been most rooted in the Modeling Simulation (MS) work of the Department of Defense. With the recent advances in virtualization and software-defined networking, Sandia has taken the blueprint for LVC and extended it by crafting hybrid environments of simulation, emulation, and human-in-The-loop. Furthermore, we discuss the empirical analysis of MTD technologies and approaches with LVC-based experimentation, incorporating aspects that may impact an operational deployment of the MTD under evaluation.

National security missions require understanding third-party software binaries, a key element of which is reasoning about how data flows through a program. However, vulnerability analysts protecting software lack adequate tools for understanding data flow in binaries. To reduce the human time burden for these analysts, we used human factors methods in a rolling discovery process to derive user-centric visual representation requirements. We encountered three main challenges: analysis projects span weeks, analysis goals significantly affect approaches and required knowledge, and analyst tools, techniques, conventions, and prioritization are based on personal preference. To address these challenges, we initially focused our human factors methods on an attack surface characterization task. We generalized our results using a two-stage modified sorting task, creating requirements for a data flow visualization. We implemented these requirements partially in manual static visualizations, which we informally evaluated, and partially in automatically generated interactive visualizations, which have yet to be integrated into workflows for evaluation. Our observations and results indicate that 1) this data flow visualization has the potential to enable novel code navigation, information presentation, and information sharing, and 2) it is an excellent time to pursue research applying human factors methods to binary analysis workflows.

Abstract not provided.

Abstract not provided.