Skip to main content
Conference ProceedingsOPEN ACCESS

Discovering application-level insider attacks using symbolic execution

IFIP Advances in Information and Communication Technology (2009) 297 63-75
DOI: 10.1007/978-3-642-01244-0_6
9Citations
Citations of this article
15Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

This paper presents a technique to systematically discover insider attacks in applications. An attack model where the insider is in the same address space as the process and can corrupt arbitrary data is assumed. A formal technique based on symbolic execution and model-checking is developed to comprehensively enumerate all possible insider attacks corresponding to a given attack goal. The main advantage of the technique is that it operates directly on the program code in assembly language and no manual effort is necessary to translate the program into a formal model. We apply the technique to security-critical segments of the OpenSSH application. © IFIP International Federation for Information Processing 2009.

Cite

CITATION STYLE

APA

Pattabiraman, K., Nakka, N., Kalbarczyk, Z., & Iyer, R. (2009). Discovering application-level insider attacks using symbolic execution. In IFIP Advances in Information and Communication Technology (Vol. 297, pp. 63–75). https://doi.org/10.1007/978-3-642-01244-0_6

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free