Abstract
An operating system relies heavily on its access control mechanism to defend against various attacks. The complexities of modern access control mechanisms and the scale of possible configurations are often overwhelming to system administrators and software developers. Therefore, misconfigurations are very common and the security consequences are serious. It is very necessary to detect and eliminate these misconfigurations. We propose an automated and systematic approach to address how to correct the misconfigurations based on capability dependency graph generating and MaxSAT solving. Given the attacker’s initial capabilities, we first automatically generate a capability dependency graph to describe attacker’s potential capabilities and the dependency relationships among these capabilities. Based on the capability dependency graph, we then develop a solution to automate the task of hardening operating system security policy against multi-step attacks resulting from misconfigurations. In this solution, we first represent each capability obtained by an attacker as a propositional logic formula of initial conditions, and then transfer the policy hardening problem to a MaxSAT problem. Finally, we present a notation called normal capability loss to aid an administrator to select an optimal hardening solution leading to minimum system usability loss. We apply our approach to analyze misconfigurations in Ubuntu10.04 shipped with SELinux and study an attack case to evaluate the effectiveness of our approach.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Chen, H., Li, N., Gates, C.S., Mao, Z.: Towards analyzing complex operating system access control configurations. In: Proceedings of the 15th ACM Symposium on Access Control Models and Technologies, pp. 13–22 (June 2010)
Chen, H., Li, N., Mao, Z.: Analyzing and comparing the protection quality of security enhanced operating systems. In: Proceedings of the 16th Network and Distributed System Security Symposium, NDSS 2009 (February 2009)
Cheng, L., Zhang, Y., Han, Z.: Quantitatively measure access control mechanisms across different operating systems. In: 2013 IEEE 7th International Conference on Software Security and Reliability (SERE), pp. 50–59. IEEE (2013)
Diamah, A., Mohammadian, M., Balachandran, B.M.: Network security evaluation method via attack graphs and fuzzy cognitive maps. In: Intelligent Decision Technologies, pp. 433–440. Springer (2012)
Govindavajhala, S., Appel, A.W.: Windows access control demystified. Technical report, Technical Report TR-744-06, Department of Computer Science, Princeton University (January 2006)
Govindavajhala, S., Appel, A.W.: Automatic configuration vulnerability analysis. Technical report, Technical Report TR-773-07, Department of Computer Science, Princeton University (February 2007)
Han, Z., Cheng, L., Zhang, Y., Feng, D.: Measuring and comparing the protection quality in different operating systems. In: Network and System Security, pp. 642–648. Springer (2013)
Heras, F., Morgado, A., Marques-Silva, J.: An empirical study of encodings for group maxsat. In: Advances in Artificial Intelligence, pp. 85–96. Springer (2012)
Homer, J., Ou, X.: Sat-solving approaches to context-aware enterprise network security management. IEEE Journal on Selected Areas in Communications 27(3), 315–322 (2009)
Huang, H., Zhang, S., Ou, X., Prakash, A., Sakallah, K.: Distilling critical attack graph surface iteratively through minimum-cost sat solving. In: Proceedings of the 27th Annual Computer Security Applications Conference, pp. 31–40. ACM (2011)
Huth, M., Ryan, M.: Logic in Computer Science: Modelling and reasoning about systems, 2nd edn. Cambridge University Press (2007)
Le Berre, D., Parrain, A., et al.: The sat4j library, release 2.2, system description. Journal on Satisfiability, Boolean Modeling and Computation 7, 59–64 (2010)
Naldurg, P., Raghavendra, K.R.: Seal: a logic programming framework for specifying and verifying access control models. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, pp. 83–92 (June 2011)
Naldurg, P., Schwoon, S., Rajamani, S.K., Lambert, J., Lambert, J.: Netra:seeing through access control. In: Proceedings of the 4th ACM Workshop on Formal Methods in Security Engineering, pp. 55–66 (2006)
Noel, S., Jajodia, S., O’Berry, B., Jacobs, M.: Efficient minimum-cost network hardening via exploit dependency graphs. In: 2003 Proceedings of the 19th Annual Computer Security Applications Conference, pp. 86–95. IEEE (2003)
Ou, X., Appel, A.W.: A logic-programming approach to network security analysis. Phd, Princeton University Princeton (2005)
Ou, X., Govindavajhala, S., Appel, A.W.: Mulval: A logic-based network security analyzer. In: USENIX Security (2005)
Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Computer Communications 29(18), 3812–3824 (2006)
Wang, S., Zhang, Z., Kadobayashi, Y.: Exploring attack graph for cost-benefit security hardening: A probabilistic approach. Computers and Security 32, 158–169 (2013)
Zhu, Z., Li, C.-M., Manyà , F., Argelich, J.: A new encoding from minSAT into maxSAT. In: Milano, M. (ed.) CP 2012. LNCS, vol. 7514, pp. 455–463. Springer, Heidelberg (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Han, Z., Cheng, L., Zhang, Y., Feng, D. (2015). Operating System Security Policy Hardening via Capability Dependency Graphs. In: Lopez, J., Wu, Y. (eds) Information Security Practice and Experience. ISPEC 2015. Lecture Notes in Computer Science(), vol 9065. Springer, Cham. https://doi.org/10.1007/978-3-319-17533-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-319-17533-1_1
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17532-4
Online ISBN: 978-3-319-17533-1
eBook Packages: Computer ScienceComputer Science (R0)