SBIR Phase I: Automatic Security Audit of Third-Party Software

SBIR第一阶段：第三方软件自动安全审计

• 批准号: 1249029
• 负责人: Jimmy Su
• 金额: $ 15万
• 依托单位: Ensighta Inc
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2013
• 资助国家: 美国
• 起止时间: 2013-01-01 至 2013-06-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1249029&HistoricalAwards=false
• 关键词: SBIR; Phase; Automatic; Security; Audit

The innovation of this Small Business Innovation Research Phase I project is the automatic security audit of third-party software. To demonstrate the capabilities of the technology, this project will build a security audit Cloud service, BitTurner, to automatically discover vulnerabilities and conduct security audits of third-party software. This cloud service will be fully automated; it will apply to programs for which source code is not available such as commercial binaries; and because every vulnerability report it generates will be accompanied by a test case demonstrating the vulnerability, it will have no false positives. This combination of attributes should revolutionize the process of software auditing and make it much faster and more cost effective. This is made possible by a novel combination of state-of-the-art program analysis techniques. The BitTurner Cloud service will incorporate white-box fuzzing using two different symbolic execution engines, black-box fuzzing enhanced with taint-directed fuzzing, and static vulnerability analysis to direct white-box fuzzing. The proposed highly parallel architecture will let us achieve high throughput and low latency while minimizing cost. The team also plans to extend the technology and infrastructure for security audit of mobile apps.The broader/commercial impact of automatic security audit of third-party software addresses an enormous market that has a dire and immediate need for innovative solutions. Security breaches cost businesses billions of dollars every year, and a majority of attacks are due to vulnerabilities in software. However, many barriers stand in the way of taking the steps needed to ensure software security. Manual auditing is prohibitively expensive because of the time and specialized skills required. Techniques based on source code are inapplicable to third-party software in binary form. Existing techniques based on static analysis can report so many false positive warnings that their results overwhelm developers and analysts and waste huge resources to weed out false positives. BitTurner's disruptive Cloud-based security audit technology should change this landscape by allowing fully automatic auditing of third-party software with no false positives, based on low-cost distributed computing. Security auditing as a service is already a large market, but existing commercial offerings are often an inadequate match for customer needs. BitTurner's technology may provide more comprehensive results at a competitive price point, and so both capture existing customers and make auditing available for software where it is currently infeasible.

本次小企业创新研究一期项目的创新点是第三方软件的自动安全审计。 为了展示该技术的能力，该项目将构建安全审计云服务BitTurner，自动发现漏洞并对第三方软件进行安全审计。该云服务将完全自动化；它将适用于无法获得源代码的程序，例如商业二进制文件；而且由于它生成的每个漏洞报告都会附有一个演示该漏洞的测试用例，因此不会出现误报。这种属性的组合应该会彻底改变软件审计的过程，并使其更快、更具成本效益。这是通过最先进的程序分析技术的新颖组合实现的。 BitTurner 云服务将结合使用两种不同符号执行引擎的白盒模糊测试、通过污点定向模糊测试增强的黑盒模糊测试以及指导白盒模糊测试的静态漏洞分析。所提出的高度并行架构将使我们能够实现高吞吐量和低延迟，同时最大限度地降低成本。该团队还计划扩展移动应用程序安全审核的技术和基础设施。第三方软件自动安全审核的更广泛/商业影响满足了一个对创新解决方案迫切需要的巨大市场。安全漏洞每年给企业造成数十亿美元的损失，大多数攻击都是由于软件漏洞造成的。然而，采取必要措施确保软件安全存在许多障碍。由于需要时间和专业技能，手动审核成本高昂。基于源代码的技术不适用于二进制形式的第三方软件。基于静态分析的现有技术可以报告如此多的误报警告，其结果使开发人员和分析师不知所措，并浪费大量资源来消除误报。 BitTurner 颠覆性的基于云的安全审核技术应该会改变这一现状，它允许基于低成本分布式计算对第三方软件进行全自动审核，不会出现误报。安全审计即服务已经是一个很大的市场，但现有的商业产品往往不足以满足客户的需求。 BitTurner 的技术可以以具有竞争力的价格提供更全面的结果，因此既可以吸引现有客户，又可以对目前不可行的软件进行审计。