TWC: Medium: Collaborative: Developer Crowdsourcing: Capturing, Understanding, and Addressing Security-related Blind Spots in APIs

TWC：媒介：协作：开发者众包：捕获、理解和解决 API 中与安全相关的盲点

• 批准号: 1513457
• 负责人: Justin Cappos
• 金额: $ 39.43万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2019-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1513457&HistoricalAwards=false
• 关键词: TWC; Medium; Collaborative; Developer; Crowdsourcing

Despite an emphasis the security community places on the importance of producing secure software, the number of new security vulnerabilities in software increases every year. This research is based on the assumption that software vulnerabilities are caused by misunderstandings, or lack of knowledge, called blind spots, which the developers experience while they are building systems. When building systems, developers often focus more on functional requirements than on non-functional ones, such as security. Thus, they can make design decisions that prioritize functionality without noticing the security vulnerabilities these decisions create. Today, developers often have no access to effective software tools that highlight these vulnerabilities during development. This research identifies common developer blind spots with the goal of building and evaluating practical software tools that help prevent blind spots during development and detect vulnerabilities in deployed software.To capture developers' reasoning when faced with blind spots, and to identify common blind spot characteristics, this research converts several identified blind spots into programming puzzles, and conducts a user study with developers solving these puzzles. Statistical analysis of the developers' answers identifies common characteristics among blind spots, and the observations of developers' behaviors guide the creation of tools to automatically detect blind spots and to warn developers about them as developers experience them. The tools have two complementary goals: (1) prevent blind spots from occurring by cueing developers on-the-spot about potential blind spots as they write code, and (2) identify software vulnerabilities in existing applications by detecting code that may have been written as a result of a blind spot. This research evaluates these newly developed tools in the context of a user study with developers, producing the following outcomes: (1) understanding of blind spots in application programming interfaces (APIs), and of developers' attentional and decision processes when writing code using APIs, (2) understanding of how to notify, without habituation and annoyance, developers on-the-spot about blind spots so that relevant security information is used by developers while writing code, (3) creation of open-source, publicly available developer tools that notify developers about blind spots and facilitate detection of vulnerabilities caused by blind spots, and (4) development of guidelines for better API design to minimize blind spots by considering developers' attentional and decision processes. This research addresses an important gap in secure software development by incorporating the human factor of the development process. This is particularly crucial given our society's increasing dependence on software applications.

尽管安全社区强调生产安全软件的重要性，但软件中新的安全漏洞的数量每年都在增加。这项研究基于这样的假设，即软件漏洞是由误解或缺乏知识引起的，即开发人员在构建系统时所经历的盲点。在构建系统时，开发人员通常更关注功能需求，而不是非功能需求，比如安全性。因此，他们可以做出优先考虑功能的设计决策，而不会注意到这些决策所产生的安全漏洞。今天，开发人员通常无法访问在开发过程中突出这些漏洞的有效软件工具。这项研究确定了常见的开发人员盲点，目的是构建和评估实用的软件工具，帮助防止开发过程中的盲点，并检测已部署软件中的漏洞。为了捕捉开发人员在面对盲点时的推理，并识别出常见的盲点特征，本研究将识别出的几个盲点转化为编程难题，并与解决这些难题的开发人员进行用户研究。对开发人员的回答进行统计分析，确定盲点之间的共同特征，对开发人员行为的观察指导创建自动检测盲点的工具，并在开发人员遇到盲点时警告开发人员。这些工具有两个互补的目标：(1)通过在编写代码时提示开发人员潜在的盲点来防止盲点的出现，以及(2)通过检测可能由于盲点而编写的代码来识别现有应用程序中的软件漏洞。本研究在用户研究与开发人员的背景下评估这些新开发的工具，产生以下结果：(1)了解应用程序编程接口（api）中的盲点，以及使用api编写代码时开发人员的注意和决策过程；(2)了解如何在不习惯和烦恼的情况下，现场通知开发人员盲点，以便开发人员在编写代码时使用相关的安全信息；(3)创建开源；公开可用的开发人员工具，通知开发人员有关盲点，并方便检测盲点引起的漏洞，以及(4)制定更好的API设计指南，通过考虑开发人员的注意力和决策过程，最大限度地减少盲点。本研究通过纳入开发过程中的人为因素，解决了安全软件开发中的一个重要空白。鉴于我们的社会越来越依赖软件应用，这一点尤为重要。