Hello All, I am doing research in the software visualisation field, and would like to know if a project idea I have would be useful to the security community. As well as that, I am looking for any features/techniques/idea's that you think should be taken into account, or any unforseen difficulties etc. Or if in fact, this project would not benefit programmers at all in their search for security bugs ? Since this post is on the long side, you can skip PART 1 if you are already familiar with the software visualisation field. PART 2 is related work and describes some tools that demonstrate useful techniques. PART 3 describes my proposal, this can be read on its own if you do not wish to read the other sections :) PART 1 :: INTRODUCTION ---------------------- Incase anyone is unfamiliar with the software visualisation field, a definition of program visualization can be defined as follows: "the program is specified in the conventional, textual manner, and the graphics is used to illustrate some aspects of the program or its run-time execution." [Myers 1986]. The goal of all visualisations can be identified as: "transforming information into a meaningful, useful visual representation from which a human observer can gain understanding" [Stasko, Domingue, Brown, Price 1998] If you would like more information on the above references or more detailed information about the software visualisation field, please email me and I will be happy to send on the information. PART 2 :: RELATED WORK ---------------------- In 1991, [Agrawal et al 1991] discussed a technique called program "slicing". Given a variable and a program location, it is possible to determine the statements that affect the value of that variable for the test case. Restoration of the program state is also supported by backtracing. The ability to debug backwards and forwards is demonstrated in the tool: ZStep95 [ZStep 95a] and [ZStep 95b], http://web.media.mit.edu/~lieber/Lieberary/ZStep/ZStep.html . This was a prototype tool for debugging LISP. It has VCR-like controls that let the programmer go backwards/forwards during debugging, the results of which can be seen on screen. There is a QuickTime demonstration here: http://web.media.mit.edu/~lieber/Lieberary/ZStep/ZStep.mov . PART 3 :: PROPOSAL ------------------ The area's of computer security and visualisation are being used successfully together, to make large log files more readable and visible on screen, without having to grep them manually etc. However, there seems to be little if any work done in helping programmers debug a program for security bugs using software visualisation. If anybody knows of such debuggers, I am very keen to find out about them, so please let me know. I propose to implement a dynamic graphical debugger, to aid programmers in the search for security bugs. It would employ the techniques described in PART 2, as its core. For example, the ability to step backwards in the program and see the various variable values previous to now, the ability to choose a variable and see all the statements that affect its value, the ability to identify user controlled variables (e.g. $HOME etc.) and the ability to automatically run the program with different combinations of input for these user controlled variables e.g. a very long $HOME or a $HOME that contains control characters etc. Also, a representation of stack sizes should be available to the programmer on-screen. These can be seen to grow and shrink as you step through your program. What I would like to know is, would such a tool be useful in the search for security bugs ? What other features would you see as essential or nice to have ? Also what IDE would you see this benefitting, KDevelop (C++), Eclipse (Java), NetBeans (Java), etc etc ? Obviously, Eclipse and NetBeans may be limited as they are for Java programming and security bugs are more rampant in C++, C etc. Any comments or criticisms you may have are very welcome. Thank-you very much for your time, SP. REFERENCES ---------- [Agrawal et al 1991] Agrawal, H., DeMillo, R.A., Spafford, E.H., "An Execution-Backtracing Approach to Debugging", IEEE Software, Vol. 8, No. 3, pp. 21-26, May 1991. [ZStep 95a] Lieberman, H., Fry, C., "Bridging the Gap Between Code and Behavior in Programming", ACM Conference on Computers and Human Interface (CHI-95), Denver, April 1995. [ZStep 95b] Lieberman, H., Fry, C., "ZStep 95, A Reversible, Animated Source Code Stepper", in Software Visualization: Programming as a Multimedia Experience, John Stasko, John Domingue, Blaine Price, Marc Brown, eds., MIT Press, 1997. -- _______________________________________________ Get your free email from http://www.campus.ie Powered by Outblaze
This archive was generated by hypermail 2b30 : Tue Mar 11 2003 - 14:12:40 PST