| LDR | | 00000nam u2200205 4500 |
| 001 | | 000000434856 |
| 005 | | 20200227110406 |
| 008 | | 200131s2019 ||||||||||||||||| ||eng d |
| 020 | |
▼a 9781085669221 |
| 035 | |
▼a (MiAaPQ)AAI27536535 |
| 035 | |
▼a (MiAaPQ)umichrackham002332 |
| 040 | |
▼a MiAaPQ
▼c MiAaPQ
▼d 247004 |
| 082 | 0 |
▼a 004 |
| 100 | 1 |
▼a Shao, Yuru. |
| 245 | 10 |
▼a Preventing Capability Abuse through Systematic Analysis of Exposed Interfaces. |
| 260 | |
▼a [S.l.]:
▼b University of Michigan.,
▼c 2019. |
| 260 | 1 |
▼a Ann Arbor:
▼b ProQuest Dissertations & Theses,
▼c 2019. |
| 300 | |
▼a 160 p. |
| 500 | |
▼a Source: Dissertations Abstracts International, Volume: 81-02, Section: B. |
| 500 | |
▼a Advisor: Mao, Z. Morley. |
| 502 | 1 |
▼a Thesis (Ph.D.)--University of Michigan, 2019. |
| 506 | |
▼a This item must not be sold to any third party vendors. |
| 506 | |
▼a This item must not be added to any third party search indexes. |
| 520 | |
▼a Connectivity and interoperability are becoming more and more critical in today's software and cyber-physical systems. Different components of the system can better collaborate, enabling new innovation opportunities. However, to support connectivity and interoperability, systems and applications have to expose certain capabilities, which inevitably expands their attack surfaces and increases the risk of being abused. Due to the complexity of software systems and the heterogeneity of cyber-physical systems, it is challenging to secure their exposed interfaces and completely prevent abuses. To address the problems in a proactive manner, in this dissertation, we demonstrate that systematic studies of exposed interfaces and their usage in the real world, leveraging techniques such as program analysis, can reveal design-level, implementation-level, as well as configuration-level security issues, which can help with the development of defense solutions that effectively prevent capability abuse.This dissertation solves four problems in this space. First, we detect inconsistent security policy enforcement, a common implementation flaw. Focusing on the Android framework, we design and build a tool that compares permissions enforced on different code paths and identifies the paths enforcing weaker permissions. Second, we propose the Application Lifecycle Graph (ALG), a novel modeling approach to describing system-wide app lifecycle, to assist the detection of diehard behaviors that abuse lifecycle interfaces. We develop a lightweight runtime framework that utilizes ALG to realize fine-grained app lifecycle control. Third, we study real-world programmable logic controller programs for identifying insecure configurations that can be abused by adversaries to cause safety violations.Lastly, we conduct the first systematic security study on the usage of Unix domain sockets on Android, which reveals both implementation flaws and configuration weaknesses. |
| 590 | |
▼a School code: 0127. |
| 650 | 4 |
▼a Computer science. |
| 690 | |
▼a 0984 |
| 710 | 20 |
▼a University of Michigan.
▼b Computer Science & Engineering. |
| 773 | 0 |
▼t Dissertations Abstracts International
▼g 81-02B. |
| 773 | |
▼t Dissertation Abstract International |
| 790 | |
▼a 0127 |
| 791 | |
▼a Ph.D. |
| 792 | |
▼a 2019 |
| 793 | |
▼a English |
| 856 | 40 |
▼u http://www.riss.kr/pdu/ddodLink.do?id=T15494280
▼n KERIS
▼z 이 자료의 원문은 한국교육학술정보원에서 제공합니다. |
| 980 | |
▼a 202002
▼f 2020 |
| 990 | |
▼a ***1008102 |
| 991 | |
▼a E-BOOK |