Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Web Design

A Smorgasbord of Security, a Smattering of Swarm Programming, and Sampling

advertisement 
A Smorgasbord of Security, a
Smattering of Swarm
Programming, and Sampling
of Static Checking and a
Splash of Web Sites
David Evans (and CS students)
evans@cs.virginia.edu
http://www.cs.virginia.edu/~evans
University of Virginia
Department of Computer Science
Menu
• Security
– Dan Rubin: Online Voting • Lightweight Static
Analysis
Security
– Chris Barker: porting
– Phil Varner: Voting
Win32/Unix
analysis
– Jennifer Kahng: User
• Programming the
Interfaces for Security
Swarm
• Web
– Julie Vogelman:
Framework for usability
experiments
– Felipe Huice: biographical
server
4 June 2000
CS 390
– Ryan Persaud: Swarm
Primitives
– Adam Trost: Swarming
defense for RoboCup
2
Security Projects
• Dan Rubin: on-line voting
• Phil Varner: security analysis of
VoteHere.net
• Jennifer Kahng: user interfaces for
security
4 June 2000
CS 390
3
Remote Online Voting Security
Daniel Rubin, rubin@virginia.edu
Does this look familiar?
4 June 2000
CS 390
4
Dan Rubin
Remote Online Voting Security
• Could the Internet save our elections?
– Should be more convenient
– Should be more accurate (no chads!)
• Not so fast!
– The Internet is not very secure
– Hackers could sabotage an election
– Everyone doesn’t have a computer (or
know how to use one)
4 June 2000
CS 390
5
Dan Rubin
What I’ve learned
• Internet Voting works in theory, not in
practice
• Too many risks (e.g. AZ had 60 minute
downtime, Studco down 90 minutes)
• Too big of a target for attackers
• Look for it in the future, not in the Fall
4 June 2000
CS 390
6
Dan Rubin
Project
• Analyze two remote elections
• Arizona Dem. Primary Student Council
4 June 2000
CS 390
7
Vote Early, Vote Often, VoteHere:
A Security Analysis of VoteHere
Phil Varner
“...in the wake of 2000's fiasco, electoral reform bills
are on the agenda in nearly every state-Katherine
Harris last week recommended that Florida spend
$200 million to adopt E-voting-and Adler's company is
a hot property. Cisco Systems and Compaq together
have given VoteHere $10 million.”
How can we assess the security
of an on-line voting system?
4 June 2000
CS 390
8
Phil Varner
Project
• Developed FaSSAMM - Fairly Simple
Security Analysis and Modeling Methodology
• Combines several analysis tools - attack
trees, attackers, abuse cases
• Used this to analyze VoteHere for security
vulnerabilities
• Created an easy to understand, easy
extensible description of security problems
4 June 2000
CS 390
9
Phil Varner
Results
• Found the methodology development
was more interesting than the actual
analysis
• Found numerous security vulnerabilities
(as expected)
• Didn’t find anything revolutionary, but
developed a methodology and applied it
to a real system
4 June 2000
CS 390
10
Do you want to erase your hard-drive and
launch a denial-of-service attack on the NSA?
Does Everyone Always Click Ok?
Jennifer Kahng
• Anecdotal Evidence (and preliminary
experiment on CS110 students) that
almost everyone always clicks Ok to
almost everything
• Can we measure this?
• Can we design dialog boxes that are
less prone to auto-clicking?
4 June 2000
CS 390
12
Jennifer Kahng
Project
(or How Jen Annoyed People)
• Put fake security messages on the
Oracle of Bacon’s Star Links page
– 4 different looking messages over 4 days
– Messages deviated from “standard”
messages as days progressed
– Several hundred visitors saw each
message
4 June 2000
CS 390
13
Jennifer Kahng
animated
31% clicked Continue
31.1% clicked Continue
37% clicked Continue
2% typed in “yes”
Jennifer Kahng
Conclusions
• People are stupid
• Getting people to pay attention is
difficult unless you really want to
make them angry.
• Even sysadmins always click “Ok”
• Only two people (of > 700) emailed
the webmaster about potential
security vulnerability. 
4 June 2000
CS 390
15
Web Projects
Julie Vogelman: Framework for Web Site
Analysis
Felipe Huice: Biographical Database
Server
Julie Vogelman
Web Site Analysis Framework



How should we decide if one web site design is
better than another?
Many books written on this topic, but they are
written by artists (subjective and contradictory)
Can we answer design questions
quantitatively?
• What is the most readable type and size of a
font on a web page? Arial? Times New Roman?
• How much white space is needed?
• How much is too much bold for text?
4 June 2000
CS 390
17
Framework
Web Server
Julie Vogelman
Modified apache web
server to randomly deliver
different versions of site.
Version 2
Version 1
Log Files
Web Analysis Tool
4 June 2000
Analyze the log files to
see how visitors react
differently.
CS 390
18
Julie Vogelman
Experiments
• CS110 “Volunteers”
– Had a directed task
– How quickly could they accomplish it? (Did
it depend on the site design.)
– Small sample, hard to make conclusions
• Web visitors to LCLint site
– Hard to judge what their goals are (is it
better if they click on the wrong link more
quickly?)
– Thousands of visitors
4 June 2000
CS 390
19
Felipe Huice
Personal Information Database
• Most people (Computer Science Graduate
students) are too lazy to make and update
personal web pages
– Too much work
– Not enough benefit
• Can we make it less work and more benefit?
– Solution: automatic creation of home pages from
personal information files (.plan files)
4 June 2000
CS 390
20
Felipe Huice
Design Description
• Scripts populate
database from .plan
files
• PHP scripts provide
search capabilities
and displays the
home pages
4 June 2000
CS 390
21
Felipe Huice
Advantages
• Any CS Graduate student can have a
home page created in 1 or 2 minutes
• Searches that currently could take
hours can be done in a minute
• Anyone with access to the Internet can
view the information
4 June 2000
CS 390
22
Lightweight Static Analysis
Chris Barker: Porting UNIX/Windows
A Gross Oversimplification
all
Bugs Detected
Formal Verifiers
Compilers
none
Low
4 June 2000
Effort Required
CS 390
Unfathomable
24
Chris Barker
• PCs running Microsoft
products have grown
increasingly popular.
• Software companies
are feeling a market
demand to offer their
products on WIN32
systems.
• Porting software from
UNIX to WIN32 often
results in bugs in the
ported code.
Workstation Units (000)
Shift from UNIX to Windows
4 June 2000
CS 390
Workstation Market Trend
5000
U N IX
4000
P e r s o n a l W o r k s ta tio n s
3000
2000
1000
0
1996
1997
1998
1999
2000
2001
Year
25
Chris Barker
The Search for the Bugs
• Researched past ports to create a list of
porting issues
– Priority values mean opposite things
– Treatment of files and sockets, unsafe calls, etc.
• Created annotations in LCLint to find these
bugs using
– Warn on Use
– Variable States
– Global States
• Verified that LCLint could find these issues in
a real application
4 June 2000
CS 390
26
Programming the Swarm
Ryan Persaud: Swarm Primitives
Adam Trost: Swarming Defense
Programming the Swarm:
Long-Range Goal
Cement
10 GFlop
4 June 2000
CS 390
28
What’s Changing
• Execution Platforms
– Not computers (98% of processors sold this year)
– Small and cheap
• Execution environment
– Interact with physical world
– Unpredictable, dynamic
• Programs
– Old style of programming won’t work
– Is there a new paradigm?
4 June 2000
CS 390
29
Swarm Programming
• Primitives describe group behaviors
– What are the primitives?
– How are they specified?
• Important to understand both functional (how the
state changes) and non-functional (power use,
robustness, efficiency, etc.) properties
• Construct complex behaviors by composing
primitives
– Predict behavior of result
– Pick the right primitives based on description of
desired non-functional properties
4 June 2000
CS 390
30
Ryan Persaud
Swarm Primitives
Ryan Persaud
Initial, Clumped Configuration
Final, Dispersed Configuration
Each bug looks only at its immediate neighbors.
Moves randomly if they are too close.
How long will it take?
How much does communication help?
4 June 2000
CS 390
31
Ryan Persaud
Experiments
Number of
Bugs
200
400
800
1000
1600
4 June 2000
Number of Moves
Cluster
Disperse
Random Local Aware One Sq
Two Sq
2655
1270
68
*
1754
916
332
*
755
396
3083
*
695
321
24445
*
291
191
1198791*
*
CS 390
Hybrid N-Square N=1
99
31
283
112
3679
496
23001
1063
*
*
32
Swarming Defense
Adam Trost
• Simulate Soccer Defense as a Swarm
Program:
– Defensive tactics describe desired global
properties (e.g., defend the middle in from
of the goal well)
– Different global properties interact to
produce emergent behavior
– Synthesize individual player behaviors
based on the desired global properties
4 June 2000
CS 390
33
RoboCup 2001
• Playing simulated soccer games is “serious
academic stuff” - international conference
focuses on cooperation between autonomous
agents in dynamic multiagent environments
• Soccer Simulation League
– Server acting as the field is a dynamic environment
– 11 players are the swarm devices
• Hint: to qualify for RoboCup 2002/Japan, we
probably need offense also!
4 June 2000
CS 390
34
Summary
• Your thesis should be your own project
– Better to do “all” of a “small” project, than a
little piece of a “big” project
– Start with a question, not something to
implement
– Alan Kay’s Third Law: “If you have an idea,
and it’s not a good idea, take a nap instead of
implementing it.”
• I’ll supervise (almost) anything if you can
convince me it is interesting
• When in doubt, click “Ok”
4 June 2000
CS 390
35
Related documents
Collective Nouns(Flying Together)
Collective Nouns(Flying Together)
Coolfarming How to unlock the Power of your Collaborative Innovation Networks (COINs)
Coolfarming How to unlock the Power of your Collaborative Innovation Networks (COINs)
Swarm Intelligence
Swarm Intelligence
Difficult Decisions - Mile High Chapter of AITP
Difficult Decisions - Mile High Chapter of AITP
Stop still! Cover eyes with hands
Stop still! Cover eyes with hands
Download
advertisement