TIAN Yu-hong,WANG Ze-bing,FENG Yan

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.24.029

2006-01-01

Abstract:The Java virtual machine(JVM)is used more frequently as the basic engine behind dynamic web services.With the proliferation of network attacks on these network resources,much work are done to provide security for the network environment.Little effort has been placed on securing a Java web server where the attacker has a valid login to the host machine.After describing the vulnerabilities in Java's security mechanisms,an extended security system based on Java 2 security architecture is introduced.It also explains the runtime status of system.The increased assurance of correct system operation and the integrity of Java application server are provided.

Ehsan Firouzi,Ammar Mansuri,Mohammad Ghafari,Maziar Kaveh

DOI: https://doi.org/10.1145/3674805.3695405

2024-09-08

Abstract:Cryptography misuses are prevalent in the wild. Crypto APIs are hard to use for developers, and static analysis tools do not detect every misuse. We developed SafEncrypt, an API that streamlines encryption tasks for Java developers. It is built on top of the native Java Cryptography Architecture, and it shields developers from crypto complexities and erroneous low-level details. Experiments showed that SafEncrypt is suitable for developers with varying levels of experience.

Cryptography and Security,Software Engineering

Jun Zhu,Jing Xie,Heather Richter Lipford,Bill Chu

DOI: https://doi.org/10.1016/j.jare.2013.11.006

IF: 12.822

2014-01-01

Journal of Advanced Research

Abstract:Many security incidents are caused by software developers’ failure to adhere to secure programming practices. Static analysis tools have been used to detect software vulnerabilities. However, their wide usage by developers is limited by the special training required to write rules customized to application-specific logic. Our approach is interactive static analysis, to integrate static analysis into Integrated Development Environment (IDE) and provide in-situ secure programming support to help developers prevent vulnerabilities during code construction. No additional training is required nor are there any assumptions on ways programs are built. Our work is motivated in part by the observation that many vulnerabilities are introduced due to failure to practice secure programming by knowledgeable developers. We implemented a prototype interactive static analysis tool as a plug-in for Java in Eclipse. Our technical evaluation of our prototype detected multiple zero-day vulnerabilities in a large open source project. Our evaluations also suggest that false positives may be limited to a very small class of use cases.

Sharmin Afrose,Ya Xiao,Sazzadur Rahaman,Barton P. Miller,Danfeng Yao,Barton Miller,Danfeng Daphne Yao

DOI: https://doi.org/10.1109/tse.2022.3154717

IF: 7.4

2022-01-01

IEEE Transactions on Software Engineering

Abstract:Several studies showed that misuses of cryptographic APIs are common in real-world code (e.g., Apache projects and Android apps). There exist several open-sourced and commercial security tools that automatically screen Java programs to detect misuses. To compare their accuracy and security guarantees, we develop two comprehensive benchmarks named CryptoAPI-Bench and ApacheCryptoAPI-Bench. CryptoAPI-Bench consists of 181 unit test cases that cover basic cases, as well as complex cases, including interprocedural, field sensitive, multiple class test cases, and path sensitive data flow of misuse cases. The benchmark also includes correct cases for testing false-positive rates. The ApacheCryptoAPI-Bench consists of 121 cryptographic cases from 10 Apache projects. We evaluate four tools, namely, SpotBugs, CryptoGuard, CrySL, and another tool (anonymous) using both benchmarks. We present their performance and comparative analysis. The ApacheCryptoAPI-Bench also examines the scalability of the tools. Our benchmarks are useful for advancing state-of-the-art solutions in the space of misuse detection.

engineering, electrical & electronic,computer science, software engineering

Michael Whitney,Heather Richter Lipford,Bill Chu,Jun Zhu

DOI: https://doi.org/10.1145/2676723.2677280

2015-01-01

Abstract:Many of the security vulnerabilities common in today's software can be prevented with standard secure coding practices. Computer science students who will become the developers of that software need to learn about those practices so they can prevent such vulnerabilities. Many computing programs are addressing this need through additional lectures, elective courses, or more holistic approaches to integrate security across curriculums. We are exploring a complementary approach, integrating secure coding education into the IDE to provide a learning opportunity in the context of writing code. In this paper, we report on two field studies using an IDE tool in an advanced Web programming course. Our results indicate that the tool can increase students' awareness and knowledge of secure programming, but to be most effective, instructors may need to incentivize its use through in-class methods and careful timing of its introduction.

Mohammadreza Hazhirpasand,Mohammad Ghafari,Oscar Nierstrasz

DOI: https://doi.org/10.48550/arXiv.2001.00773

2020-01-03

Abstract:Research has shown that cryptographic APIs are hard to use. Consequently, developers resort to using code examples available in online information sources that are often not secure. We have developed a web platform, named CryptoExplorer, stocked with numerous real-world secure and insecure examples that developers can explore to learn how to use cryptographic APIs properly. This platform currently provides 3,263 secure uses, and 5,897 insecure uses of Java Cryptography Architecture mined from 2,324 Java projects on GitHub. A preliminary study shows that CryptoExplorer provides developers with secure crypto API use examples instantly, developers can save time compared to searching on the internet for such examples, and they learn to avoid using certain algorithms in APIs by studying misused API examples. We have a pipeline to regularly mine more projects, and, on request, we offer our dataset to researchers.

Software Engineering,Cryptography and Security

Na Meng,Stefan Nagy,Daphne Yao,Wenjie Zhuang,Gustavo Arango Argoty

DOI: https://doi.org/10.48550/arXiv.1709.09970

2017-09-28

Abstract:Java platform and third-party libraries provide various security features to facilitate secure coding. However, misusing these features can cost tremendous time and effort of developers or cause security vulnerabilities in software. Prior research was focused on the misuse of cryptography and SSL APIs, but did not explore the key fundamental research question: what are the biggest challenges and vulnerabilities in secure coding practices? In this paper, we conducted a comprehensive empirical study on StackOverflow posts to understand developers' concerns on Java secure coding, their programming obstacles, and potential vulnerabilities in their code. We observed that developers have shifted their effort to the usage of authentication and authorization features provided by Spring security--a third-party framework designed to secure enterprise applications. Multiple programming challenges are related to APIs or libraries, including the complicated cross-language data handling of cryptography APIs, and the complex Java-based or XML-based approaches to configure Spring security. More interestingly, we identified security vulnerabilities in the suggested code of accepted answers. The vulnerabilities included using insecure hash functions such as MD5, breaking SSL/TLS security through bypassing certificate validation, and insecurely disabling the default protection against Cross Site Request Forgery (CSRF) attacks. Our findings reveal the insufficiency of secure coding assistance and education, and the gap between security theory and coding practices.

Cryptography and Security

Jun Zhu,Heather Richter Lipford,Bill Chu

DOI: https://doi.org/10.1145/2445196.2445396

2013-01-01

Abstract:Software flaws are a root cause of many of today's information security vulnerabilities. Current curricula emphasis on traditional information security issues does not address this root cause. We propose educating students on secure programming techniques through interactive tool support in the Integrated Development Environment (IDE). We believe this approach can complement other curricula efforts by teaching and providing continuous reinforcement of practices throughout programming tasks. In this paper, we evaluate our prototype tool, ASIDE, which provides instant security warnings, detailed explanations of vulnerabilities, and code generation. We report the results of an observational study on 20 students from an advanced Web programming course. The results provide early evidence that our tool could potentially help students learn about and practice secure programming in the context of their programming assignments.

Ehsan Firouzi,Mohammad Ghafari

2024-06-10

Abstract:Cryptography is known as a challenging topic for developers. We studied StackOverflow posts to identify the problems that developers encounter when using Java Cryptography Architecture (JCA) for symmetric encryption. We investigated security risks that are disseminated in these posts, and we examined whether ChatGPT helps avoid cryptography issues. We found that developers frequently struggle with key and IV generations, as well as padding. Security is a top concern among developers, but security issues are pervasive in code snippets. ChatGPT can effectively aid developers when they engage with it properly. Nevertheless, it does not substitute human expertise, and developers should remain alert.

Cryptography and Security

Luca Piccolboni,Giuseppe Di Guglielmo,Luca P. Carloni,Simha Sethumadhavan

DOI: https://doi.org/10.1109/SP40001.2021.00010

2020-07-02

Abstract:Cryptographic (crypto) algorithms are the essential ingredients of all secure systems: crypto hash functions and encryption algorithms, for example, can guarantee properties such as integrity and confidentiality. Developers, however, can misuse the application programming interfaces (API) of such algorithms by using constant keys and weak passwords. This paper presents CRYLOGGER, the first open-source tool to detect crypto misuses dynamically. CRYLOGGER logs the parameters that are passed to the crypto APIs during the execution and checks their legitimacy offline by using a list of crypto rules. We compare CRYLOGGER with CryptoGuard, one of the most effective static tools to detect crypto misuses. We show that our tool complements the results of CryptoGuard, making the case for combining static and dynamic approaches. We analyze 1780 popular Android apps downloaded from the Google Play Store to show that CRYLOGGER can detect crypto misuses on thousands of apps dynamically and automatically. We reverse-engineer 28 Android apps and confirm the issues flagged by CRYLOGGER. We also disclose the most critical vulnerabilities to app developers and collect their feedback.

Cryptography and Security,Software Engineering

Amit Seal Ami,Nathan Cooper,Kaushal Kafle,Kevin Moran,Denys Poshyvanyk,Adwait Nadkarni

DOI: https://doi.org/10.1109/SP46214.2022.9833582

2022-07-25

Abstract:The correct use of cryptography is central to ensuring data security in modern software systems. Hence, several academic and commercial static analysis tools have been developed for detecting and mitigating crypto-API misuse. While developers are optimistically adopting these crypto-API misuse detectors (or crypto-detectors) in their software development cycles, this momentum must be accompanied by a rigorous understanding of their effectiveness at finding crypto-API misuse in practice. This paper presents the MASC framework, which enables a systematic and data-driven evaluation of crypto-detectors using mutation testing. We ground MASC in a comprehensive view of the problem space by developing a data-driven taxonomy of existing crypto-API misuse, containing $105$ misuse cases organized among nine semantic clusters. We develop $12$ generalizable usage-based mutation operators and three mutation scopes that can expressively instantiate thousands of compilable variants of the misuse cases for thoroughly evaluating crypto-detectors. Using MASC, we evaluate nine major crypto-detectors and discover $19$ unique, undocumented flaws that severely impact the ability of crypto-detectors to discover misuses in practice. We conclude with a discussion on the diverse perspectives that influence the design of crypto-detectors and future directions towards building security-focused crypto-detectors by design.

Cryptography and Security,Software Engineering

Varun Gadey,Raphael Goetz,Christoph Sendner,Sampo Sovio,Alexandra Dmitrienko

2024-11-19

Abstract:Securing sensitive operations in today's interconnected software landscape is crucial yet challenging. Modern platforms rely on Trusted Execution Environments (TEEs), such as Intel SGX and ARM TrustZone, to isolate security sensitive code from the main system, reducing the Trusted Computing Base (TCB) and providing stronger assurances. However, identifying which code should reside in TEEs is complex and requires specialized expertise, which is not supported by current automated tools. Existing solutions often migrate entire applications to TEEs, leading to suboptimal use and an increased TCB. To address this gap, we propose Code Annotation Logic (CAL), a pioneering tool that automatically identifies security sensitive components for TEE isolation. CAL analyzes codebases, leveraging a graph-based approach with novel feature construction and employing a custom graph neural network model to accurately determine which parts of the code should be isolated. CAL effectively optimizes TCB, reducing the burden of manual analysis and enhancing overall security. Our contributions include the definition of security sensitive code, the construction and labeling of a comprehensive dataset of source files, a feature rich graph based data preparation pipeline, and the CAL model for TEE integration. Evaluation results demonstrate CAL's efficacy in identifying sensitive code with a recall of 86.05%, an F1 score of 81.56%, and an identification rate of 91.59% for security sensitive functions. By enabling efficient code isolation, CAL advances the secure development of applications using TEEs, offering a practical solution for developers to reduce attack vectors.

Cryptography and Security,Machine Learning

Mohammad Hasanzadeh Mofrad,Adam Lee

DOI: https://doi.org/10.48550/arXiv.1705.04706

2018-04-03

Abstract:Enforcing integrity and confidentiality of users' application code and data is a challenging mission that any software developer working on an online production grade service is facing. Since cryptology is not a widely understood subject, people on the cutting edge of research and industry are always seeking for new technologies to naturally expand the security of their programs and systems. Intel Software Guard Extension (Intel SGX) is an Intel technology for developers who are looking to protect their software binaries from plausible attacks using hardware instructions. The Intel SGX puts sensitive code and data into CPU-hardened protected regions called enclaves. In this project we leverage the Intel SGX to produce a secure cryptographic library which keeps the generated keys inside an enclave restricting use and dissemination of confidential cryptographic keys. Using enclaves to store the keys we maintain a small Trusted Computing Base (TCB) where we also perform computation on temporary buffers to and from untrusted application code. As a proof of concept, we implemented hashes and symmetric encryption algorithms inside the enclave where we stored hashes, Initialization Vectors (IVs) and random keys and open sourced the code (<a class="link-external link-https" href="https://github.com/hmofrad/CryptoEnclave" rel="external noopener nofollow">this https URL</a>).

Cryptography and Security

Ju Qian,Lin Chen,BaoWen Xu

DOI: https://doi.org/10.1007/s11432-012-4743-z

2013-01-01

Science China Information Sciences

Abstract:With the keyword synchronized, Java provides a simple but often over-used synchronization mechanism. Many programmers tend to use a big synchronized section to protect a large block of statements even if many of them are unnecessarily synchronized. Such coarse-gained synchronizations may increase lock contention and thereby decrease the performance of a program, especially in a multi-core environment. The decrease in performance may affect the quality of service provided by the software and hence make the software less trustworthy. To ensure trustworthiness, this paper proposes a source-code level refactoring approach to optimize coarse-gained synchronizations. It exploits dependence and escape information to search for shrinkable critical sections and can transform them into smaller ones automatically. The approach can be used to gradually evolve concurrent code for better quality. In the approach, to achieve more optimizations, we develop a new escape analysis, named escape state analysis, which can not only tell us whether an object finally escapes but also determine the escape states of objects at each program site. With such an analysis, more refactoring opportunities can be found. We build a tool and test our refactoring approach on several benchmark programs. The results show that the proposed approach does make effective refactoring suggestions for the users.

Jordan Samhi,Jun Gao,Nadia Daoudi,Pierre Graux,Henri Hoyez,Xiaoyu Sun,Kevin Allix,Tegawendé F. Bissyandé,Jacques Klein

DOI: https://doi.org/10.48550/arXiv.2112.10469

2022-01-23

Abstract:Native code is now commonplace within Android app packages where it co-exists and interacts with Dex bytecode through the Java Native Interface to deliver rich app functionalities. Yet, state-of-the-art static analysis approaches have mostly overlooked the presence of such native code, which, however, may implement some key sensitive, or even malicious, parts of the app behavior. This limitation of the state of the art is a severe threat to validity in a large range of static analyses that do not have a complete view of the executable code in apps. To address this issue, we propose a new advance in the ambitious research direction of building a unified model of all code in Android apps. The JuCify approach presented in this paper is a significant step towards such a model, where we extract and merge call graphs of native code and bytecode to make the final model readily-usable by a common Android analysis framework: in our implementation, JuCify builds on the Soot internal intermediate representation. We performed empirical investigations to highlight how, without the unified model, a significant amount of Java methods called from the native code are "unreachable" in apps' call-graphs, both in goodware and malware. Using JuCify, we were able to enable static analyzers to reveal cases where malware relied on native code to hide invocation of payment library code or of other sensitive code in the Android framework. Additionally, JuCify's model enables state-of-the-art tools to achieve better precision and recall in detecting data leaks through native code. Finally, we show that by using JuCify we can find sensitive data leaks that pass through native code.

Software Engineering

Manas Gaur

DOI: https://doi.org/10.48550/arXiv.1208.3205

2012-08-16

Abstract:The main stretch in the paper is buffer overflow anomaly occurring in major source codes, designed in various programming language. It describes the various as to how to improve your code and increase its strength to withstand security theft occurring at vulnerable areas in the code. The main language used is JAVA, regarded as one of the most object oriented language still create lot of error like stack overflow, illegal/inappropriate method overriding. I used tools confined to JAVA to test as how weak points in the code can be rectified before compiled. The byte code theft is difficult to be conquered, so it's a better to get rid of it in the plain java code itself. The tools used in the research are PMD(Programming mistake detector), it helps to detect line of code that make pop out error in near future like defect in hashcode(memory maps) overriding due to which the java code will not function correctly. Another tool is FindBUGS which provide the tester of the code to analyze the weak points in the code like infinite loop, unsynchronized wait, deadlock situation, null referring and dereferencing. Another tool which provides the base to above tools is JaCoCo code coverage analysis used to detect unreachable part and unused conditions of the code which improves the space complexity and helps in easy clarification of errors. Through this paper, we design an algorithm to prevent the loss of data. The main audience is the white box tester who might leave out essential line of code like, index variables, infinite loop, and inappropriate hashcode in the major source program. This algorithm serves to reduce the damage in case of buffer overflow

Cryptography and Security,Software Engineering

Libin Xia,Jiashuo Zhang,Che Wang,Zezhong Tan,Jianbo Gao,Zhi Guan,Zhong Chen

DOI: https://doi.org/10.1109/saner60148.2024.00105

2024-01-01

Abstract:Cryptographic APIs provided by Ethereum are widely adopted in decentralized applications (DApps) for cryptographic operations. However, developers who lack expertise in cryptography frequently encounter difficulties when working with low-level cryptographic APIs, thereby producing insecure code. To address this issue, we introduce Cryptcoder, an automatic code generator designed to bridge the gap between low-level cryptographic APIs and high-level cryptographic tasks in Ethereum. The fundamental component of Cryptcoder is Cryptlang, a Solidity-compatible domain-specific language (DSL) designed for cryptographic tasks. Developers can utilize Cryptlang for the straightforward and secure implementation of cryptographic tasks, such as signatures and commitments, and employ Cryptcoder for the automatic conversion into Solidity code. The evaluation of Cryptcoder demonstrates both its functionality in generating Solidity code and an acceptable overhead, evidenced by a mere 4% average increase in gas costs compared to the reference code. A demonstration video of Cryptcoder is available at https://youtu.be/AxhCdGiu7dw.

A.O. Babatunde,A. J. Taiwo,E. G. Dada

DOI: https://doi.org/10.48550/arXiv.1803.05593

2018-03-15

Abstract:As the volume of medicinal information stored electronically increase, so do the need to enhance how it is secured. The inaccessibility to patient record at the ideal time can prompt death toll and also well degrade the level of health care services rendered by the medicinal professionals. Criminal assaults in social insurance have expanded by 125% since 2010 and are now the leading cause of medical data breaches. This study therefore presents the combination of 3DES and LSB to improve security measure applied on medical data. Java programming language was used to develop a simulation program for the experiment. The result shows medical data can be stored, shared, and managed in a reliable and secure manner using the combined model.

Cryptography and Security

Feng Xiao,Zhongfu Su,Guangliang Yang,Wenke Lee

DOI: https://doi.org/10.1109/sp54263.2024.00183

2024-01-01

Abstract:Static data flow analysis techniques have been broadly applied in analyzing and detecting security threats in web applications. However, without actual code execution, they often suffer serious precision issues and may even miss serious vulnerabilities, especially when facing modern JavaScript applications characterized by complex operations and semantics. To combat these complex semantics, we propose a novel semantic understanding approach, namely computation-based semantic explanation (CSE). CSE can effectively identify and resolve common failures arising from complex semantics in static data flow analysis, ultimately improving the detection of potential vulnerabilities.We implement a prototype tool of CSE, called Jasmine. By applying Jasmine to more than 10K real-world JavaScript programs, we find complex operations and semantics are prevalent in practice and heavily impede the state-of-art static techniques (e.g., Github’s CodeQL and IBM’s WALA) from regular security validations. Our experiments show Jasmine can effectively resolve complex semantics and lead to the discovery of 22 hidden vulnerabilities, which are not detectable by existing tools. Among these vulnerabilities, 13 ones are previously unknown, i.e., zero-day vulnerabilities. Up to now, nine CVEs have been issued, and five of them have been rated as ‘critical’ with a 9.8 severity score.

Amit Seal Ami,Syed Yusuf Ahmed,Radowan Mahmud Redoy,Nathan Cooper,Kaushal Kafle,Kevin Moran,Denys Poshyvanyk,Adwait Nadkarni

DOI: https://doi.org/10.1145/3611643.3613099

2023-08-13

Abstract:While software engineers are optimistically adopting crypto-API misuse detectors (or crypto-detectors) in their software development cycles, this momentum must be accompanied by a rigorous understanding of crypto-detectors' effectiveness at finding crypto-API misuses in practice. This demo paper presents the technical details and usage scenarios of our tool, namely Mutation Analysis for evaluating Static Crypto-API misuse detectors (MASC). We developed $12$ generalizable, usage based mutation operators and three mutation scopes, namely Main Scope, Similarity Scope, and Exhaustive Scope, which can be used to expressively instantiate compilable variants of the crypto-API misuse cases. Using MASC, we evaluated nine major crypto-detectors, and discovered $19$ unique, undocumented flaws. We designed MASC to be configurable and user-friendly; a user can configure the parameters to change the nature of generated mutations. Furthermore, MASC comes with both Command Line Interface and Web-based front-end, making it practical for users of different levels of expertise.

Cryptography and Security,Software Engineering