Computer security is an important research subject due to our reliance on computer systems for the execution of our everyday life activities. In the near future, this dependency will tend to increase as more and more tasks will be done with the help of computers and through open networks (e.g., e-commerce, e-government, e-health). These systems, however, are vulnerable, as indicated by the attacks to corporate networks that are reported daily in the news.
An attack to be executed successfully, and to result in an intrusion, has to be able to explore a vulnerability in the computer system. These vulnerabilities might be located in distinct components, ranging from the processor firmware to some library linked to an application. Many causes can explain why these vulnerabilities are inserted, for instance incorrect configuration parameters, ill defined relations between components, or bad programming.
In this project we want to study and analyze software vulnerabilities. Modern software is complex, but it will tend to become even more complicated in the future. For example, the number of lines of code (LOC) in common operating systems has grown steadily over the years, which is a sign of the increasing complexity (Windows 3.1 had roughly 3 million LOC while Windows XP has about 40 million LOC). Estimates indicate that around 5 to 50 bugs per thousand LOC remain after testing. Consequently, the potential number of vulnerabilities that exist in a modern operating system is very large, even if we assume that most bugs can not be exploited.
Therefore, if we want to prevent malicious adversaries from compromising our systems, we need first to get a better understanding about how vulnerabilities are exploited, and then we have to develop tools that will enable us to automatically detect potential software problems.
LASIGE is supported by FCT, project UID/CEC/00408/2013