Pratyusa Manadhata
Jeannette Wing
ABSTRACT
Software consumers often need to choose between different software that provide the same functionality. Today, security is a quality that many consumers, especially system administrators, care about and will use in choosing one soft- ware system over another. An attack surface metric is a security metric for comparing the relative security of similar software systems [7]. The measure of a system's attack surface is an indicator of the system's security: given two systems, we compare their attack surface measurements to decide whether one is more secure than another along each of the following three dimensions: methods, channels, and data. In this paper, we use the attack surface metric to measure the attack surfaces of two open source FTP daemons: ProFTPD 1.2.10 and Wu-FTPD 2.6.2. Our measurements show that ProFTPD is more secure along the method dimension, ProFTPD is as secure as Wu-FTPD along the channel dimension, and Wu-FTPD is more secure along the data dimension. We also demonstrate how software consumers can use the attack surface metric in making a choice between the two FTP daemons.
- CERT. Cert advisories. http://www.cert.org/.Google Scholar
- GNU cflow. http://www.gnu.org/software/cflow.Google Scholar
- D. DaCosta, C. Dahn, S. Mancoridis, and V. Prevelakis. Characterizing the security vulnerability likelihood of software functions. In Proc. of International Conference on Software Maintenance, 2003. Google ScholarDigital Library
- M. Howard. Fending off future attacks by reducing attack surface. http://msdn.microsoft.com/library/default.asp url=/library/enus/dncode%/html/secure02132003.asp, 2003.Google Scholar
- M. Howard, J. Pincus, and J.M. Wing. Measuring relative attack surfaces,. In Proc. of Workshop on Advanced Developments in Software and Systems Security, 2003.Google Scholar
- P. Manadhata and J. M. Wing. Measuring a system's attack surface. In Technical Report CMU-CS-04-102, 2004.Google ScholarCross Ref
- P. Manadhata and J. M. Wing. An attack surface metric. In Technical Report CMU-CS-05-155, 2005.Google ScholarCross Ref
- MITRE. Common vulnerabilities and exposures. http://cve.mitre.org/.Google Scholar
- The ProFTPD Project. http://www.proftpd.org/.Google Scholar
- The ProFTPD Project. Project goals. http://www.proftpd.org/goals.html.Google Scholar
- SecurityFocus. Securityfocus vulnerabilities. http://www.securityfocus.com/vulnerabilities.Google Scholar
Index Terms
- Measuring the attack surfaces of two FTP daemons
Recommendations
Beyond the Attack Surface: Assessing Security Risk with Random Walks on Call Graphs
SPRO '16: Proceedings of the 2016 ACM Workshop on Software PROtectionWhen reasoning about software security, researchers and practitioners use the phrase ``attack surface'' as a metaphor for risk. Enumerate and minimize the ways attackers can break in then risk is reduced and the system is better protected, the metaphor ...
Comparing and applying attack surface metrics
MetriSec '12: Proceedings of the 4th international workshop on Security measurements and metricsA software system's attack surface metric measures the freedom of a potential attacker to influence the system's execution, potentially exploiting a security vulnerability. Existing attack surface metrics aim to measure the security impact associated ...
Graph similarity metrics for assessing temporal changes in attack surface of dynamic networks
Measuring temporal variation in network attack surface is a key problem in dynamic networks.We propose to use graph distance metrics based on the Maximum Common Subgraph (MCS) and Graph Edit Distance (GED).We show test results on a set of 3 different ...
Comments