CAREER: At-scale Analysis of Issues in Cyber-Security and Software Engineering

职业：网络安全和软件工程问题的大规模分析

• 批准号: 1552836
• 负责人: Christopher White
• 金额: $ 48.72万
• 依托单位: Vanderbilt University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-05-15 至 2022-04-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1552836&HistoricalAwards=false
• 关键词: CAREER; scale; Analysis; Issues; Cyber

One of the most significant challenges in cybersecurity is that humans are involved in software engineering and inevitably make security mistakes in their implementation of specifications, leading to software vulnerabilities. A challenge to eliminating these mistakes is the relative lack of empirical evidence regarding what secure coding practices (e.g., secure defaults, validating client data, etc.), threat modeling, and educational solutions are effective in reducing the number of application-level vulnerabilities that software engineers produce. This research aims to perform experiments analyzing programming assignment submissions to Massively Open Online Courses (MOOCs) before and after secure coding and threat modeling techniques are taught to empirically measure their impact on the rate of security vulnerabilities in assignment implementations. A key component of this research will be the use of MOOC assignment specifications and variations that have the potential to be affected by common cybersecurity vulnerabilities, such as problems with input validation to web applications or privilege escalation on mobile platforms. Because these critical security implementation issues will be known ahead of time, the MOOC assignments will allow automated assessment of how successfully each assignment implementation manages these security issues.Key questions investigated by this research include analyzing the impact of varying secure coding and threat modeling techniques on vulnerability production in software, what level of abstraction these techniques need to be taught at to be effective, the relative return on investment of threat modeling vs. automated vulnerability assessment effort, and the comparative effectiveness of making developers aware of security issues versus requiring active application of secure coding and threat modeling techniques. The broader impact of this research is substantial. Very little empirical data is available for organizations to use to properly value the secure coding and threat modeling techniques that have been developed. By creating a large body of rigorous evidence to illustrate how effective (or possibly not effective) different techniques are, the research will allow organizations to evaluate their return on investment and improve the use of these techniques in the software engineering process.

网络安全中最重要的挑战之一是，人类参与了软件工程，并且不可避免地在实现规范时犯安全错误，从而导致软件漏洞。消除这些错误的一个挑战是相对缺乏关于安全编码实践（例如，安全默认值，验证客户端数据等），威胁建模和教育解决方案在减少软件工程师产生的应用程序级漏洞数量方面有效的经验证据。本研究旨在进行实验，分析在安全编码和威胁建模技术教授之前和之后提交给大规模开放在线课程（MOOCs）的编程作业，以经验衡量它们对作业实施中安全漏洞率的影响。本研究的一个关键组成部分将是使用MOOC分配规范和变体，这些规范和变体有可能受到常见网络安全漏洞的影响，例如web应用程序的输入验证问题或移动平台上的权限升级问题。因为这些关键的安全实施问题将提前知道，MOOC作业将允许自动评估每个作业实施如何成功地管理这些安全问题。本研究调查的关键问题包括分析不同的安全编码和威胁建模技术对软件中漏洞产生的影响，需要在什么抽象级别上教授这些技术才能有效，威胁建模与自动化漏洞评估工作的相对投资回报，以及让开发人员意识到安全问题与需要主动应用安全编码和威胁建模技术的比较效果。这项研究的广泛影响是实质性的。很少有经验数据可供组织用来正确评估已开发的安全编码和威胁建模技术。通过创建大量严格的证据来说明不同技术的有效性（或可能无效），该研究将允许组织评估其投资回报，并在软件工程过程中改进这些技术的使用。