Top Banner
David Evans (and CS student [email protected] http://www.cs.virginia.edu/~eva A Smorgasbord of Security, a Smattering of Swarm Programming, and Sampling of Static Checking and a Splash of Web Sites University of Virginia Department of Computer Science
35

David Evans (and CS students) [email protected] evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

Mar 28, 2015

Download

Documents

Kaliyah Harbold
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

David Evans (and CS students)[email protected]

http://www.cs.virginia.edu/~evans

A Smorgasbord of Security, a Smattering of Swarm Programming, and Sampling of Static Checking and a Splash of Web Sites

University of VirginiaDepartment of Computer Science

Page 2: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 2

Menu• Security

– Dan Rubin: Online Voting Security

– Phil Varner: Voting analysis

– Jennifer Kahng: User Interfaces for Security

• Web– Julie Vogelman:

Framework for usability experiments

– Felipe Huice: biographical server

• Lightweight Static Analysis– Chris Barker: porting

Win32/Unix

• Programming the Swarm– Ryan Persaud: Swarm

Primitives– Adam Trost: Swarming

defense for RoboCup

Page 3: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 3

Security Projects

• Dan Rubin: on-line voting

• Phil Varner: security analysis of VoteHere.net

• Jennifer Kahng: user interfaces for security

Page 4: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 4

Remote Online Voting Security Daniel Rubin, [email protected]

Does this look familiar?

Page 5: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 5

Remote Online Voting Security

• Could the Internet save our elections?– Should be more convenient– Should be more accurate (no chads!)

• Not so fast!– The Internet is not very secure– Hackers could sabotage an election– Everyone doesn’t have a computer (or

know how to use one)

Dan Rubin

Page 6: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 6

What I’ve learned

• Internet Voting works in theory, not in practice

• Too many risks (e.g. AZ had 60 minute downtime, Studco down 90 minutes)

• Too big of a target for attackers

• Look for it in the future, not in the Fall

Dan Rubin

Page 7: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 7

Project

• Analyze two remote elections

• Arizona Dem. Primary Student Council

Dan Rubin

Page 8: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 8

Vote Early, Vote Often, VoteHere:A Security Analysis of VoteHerePhil Varner

How can we assess the security of an on-line voting system?

“...in the wake of 2000's fiasco, electoral reform bills are on the agenda in nearly every state-Katherine

Harris last week recommended that Florida spend $200 million to adopt E-voting-and Adler's company is a hot

property. Cisco Systems and Compaq together have given VoteHere $10 million.”

Page 9: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 9

Project

• Developed FaSSAMM - Fairly Simple Security Analysis and Modeling Methodology

• Combines several analysis tools - attack trees, attackers, abuse cases

• Used this to analyze VoteHere for security vulnerabilities

• Created an easy to understand, easy extensible description of security problems

Phil Varner

Page 10: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 10

Results

• Found the methodology development was more interesting than the actual analysis

• Found numerous security vulnerabilities (as expected)

• Didn’t find anything revolutionary, but developed a methodology and applied it to a real system

Phil Varner

Page 11: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

Do you want to erase your hard-drive and launch a denial-of-service attack on the NSA?

Page 12: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 12

Does Everyone Always Click Ok?

Jennifer Kahng• Anecdotal Evidence (and preliminary

experiment on CS110 students) that almost everyone always clicks Ok to almost everything

• Can we measure this?

• Can we design dialog boxes that are less prone to auto-clicking?

Page 13: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 13

Project(or How Jen Annoyed People)

• Put fake security messages on the Oracle of Bacon’s Star Links page – 4 different looking messages over 4 days– Messages deviated from “standard”

messages as days progressed– Several hundred visitors saw each

message

Jennifer Kahng

Page 14: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

animated

Jennifer Kahng

31% clicked Continue 37% clicked Continue

31.1% clicked Continue 2% typed in “yes”

Page 15: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 15

Conclusions• People are stupid

Jennifer Kahng

• Getting people to pay attention is difficult unless you really want to make them angry.• Even sysadmins always click “Ok”• Only two people (of > 700) emailed the webmaster about potential security vulnerability.

Page 16: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

Web Projects

Julie Vogelman: Framework for Web Site Analysis

Felipe Huice: Biographical Database Server

Page 17: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 17

Web Site Analysis Framework How should we decide if one web site design is

better than another? Many books written on this topic, but they are

written by artists (subjective and contradictory) Can we answer design questions

quantitatively?• What is the most readable type and size of a

font on a web page? Arial? Times New Roman?• How much white space is needed?• How much is too much bold for text?

Julie Vogelman

Page 18: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 18

Framework

Version 2Version 1

Log Files

Web Analysis Tool

Web Server

Julie Vogelman

Modified apache web server to randomly deliver different versions of site.

Analyze the log files to see how visitors react differently.

Page 19: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 19

Experiments• CS110 “Volunteers”

– Had a directed task– How quickly could they accomplish it? (Did

it depend on the site design.)– Small sample, hard to make conclusions

• Web visitors to LCLint site– Hard to judge what their goals are (is it

better if they click on the wrong link more quickly?)

– Thousands of visitors

Julie Vogelman

Page 20: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 20

Personal Information Database

• Most people (Computer Science Graduate students) are too lazy to make and update personal web pages– Too much work– Not enough benefit

• Can we make it less work and more benefit?– Solution: automatic creation of home pages from

personal information files (.plan files)

Felipe Huice

Page 21: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 21

Design Description

• Scripts populate database from .plan files

• PHP scripts provide search capabilities and displays the home pages

Felipe Huice

Page 22: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 22

Advantages

• Any CS Graduate student can have a home page created in 1 or 2 minutes

• Searches that currently could take hours can be done in a minute

• Anyone with access to the Internet can view the information

Felipe Huice

Page 23: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

Lightweight Static Analysis

Chris Barker: Porting UNIX/Windows

Page 24: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 24

A Gross Oversimplification

Effort RequiredLow Unfathomable

Formal Verifiers

Bug

s D

etec

ted

none

all

Compilers

LCLintLCLint

Page 25: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 25

Shift from UNIX to Windows

• PCs running Microsoft products have grown increasingly popular.

• Software companies are feeling a market demand to offer their products on WIN32 systems.

• Porting software from UNIX to WIN32 often results in bugs in the ported code.

1 9 9 6 1 9 9 7 1 9 9 8 1 9 9 9 2 0 0 0 2 0 0 10

1 0 0 0

2 0 0 0

3 0 0 0

4 0 0 0

5 0 0 0

1 9 9 6 1 9 9 7 1 9 9 8 1 9 9 9 2 0 0 0 2 0 0 1

U N IX

P e r s o n a l W o r k s ta tio n s

Year

Wor

ksta

tion

Uni

ts (

000)

Workstation Market Trend

Chris Barker

Page 26: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 26

The Search for the Bugs • Researched past ports to create a list of

porting issues– Priority values mean opposite things– Treatment of files and sockets, unsafe calls, etc.

• Created annotations in LCLint to find these bugs using– Warn on Use– Variable States– Global States

• Verified that LCLint could find these issues in a real application

Chris Barker

Page 27: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

Programming the Swarm

Ryan Persaud: Swarm Primitives

Adam Trost: Swarming Defense

Page 28: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 28

Programming the Swarm: Long-Range Goal

Cement10 GFlop

Page 29: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 29

What’s Changing• Execution Platforms

– Not computers (98% of processors sold this year) – Small and cheap

• Execution environment– Interact with physical world– Unpredictable, dynamic

• Programs– Old style of programming won’t work– Is there a new paradigm?

Page 30: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 30

Swarm Programming• Primitives describe group behaviors

– What are the primitives?– How are they specified?

• Important to understand both functional (how the state changes) and non-functional (power use, robustness, efficiency, etc.) properties

• Construct complex behaviors by composing primitives– Predict behavior of result– Pick the right primitives based on description of

desired non-functional properties

Page 31: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 31

Swarm PrimitivesRyan Persaud

Initial, Clumped Configuration Final, Dispersed Configuration

Ryan Persaud

Each bug looks only at its immediate neighbors.Moves randomly if they are too close.

How long will it take?How much does communication help?

Page 32: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 32

Experiments

 

Number ofBugs Random Local Aware One Sq Two Sq Hybrid N-Square N=1200 2655 1270 68 * 99 31400 1754 916 332 * 283 112800 755 396 3083 * 3679 4961000 695 321 24445 * 23001 10631600 291 191 1198791* * * *

Number of MovesCluster Disperse

Ryan Persaud

Page 33: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 33

Swarming DefenseAdam Trost

• Simulate Soccer Defense as a Swarm Program:– Defensive tactics describe desired global

properties (e.g., defend the middle in from of the goal well)

– Different global properties interact to produce emergent behavior

– Synthesize individual player behaviors based on the desired global properties

Page 34: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 34

RoboCup 2001

• Playing simulated soccer games is “serious academic stuff” - international conference focuses on cooperation between autonomous agents in dynamic multiagent environments

• Soccer Simulation League – Server acting as the field is a dynamic environment– 11 players are the swarm devices

• Hint: to qualify for RoboCup 2002/Japan, we probably need offense also!

Page 35: David Evans (and CS students) evans@cs.virginia.edu evans A Smorgasbord of Security, a Smattering of Swarm Programming, and.

4 June 2000 CS 390 35

Summary• Your thesis should be your own project

– Better to do “all” of a “small” project, than a little piece of a “big” project

– Start with a question, not something to implement

– Alan Kay’s Third Law: “If you have an idea, and it’s not a good idea, take a nap instead of implementing it.”

• I’ll supervise (almost) anything if you can convince me it is interesting

• When in doubt, click “Ok”