Talks & Seminars
Understanding Windows Security Bugs
Govindavajhala Sudhakar, Princeton University
Date & Time: December 30, 2005 11:00
Venue: KreSIT Seminar Hall
In this talk I will introduce the MulVAL project -- a framework that conducts multihost, multistage vulnerability analysis on a network. Our framework automatically integrates formal vulnerability specifications from the bug reporting community and scales to a network with thousands of machines. The Linux module found real bugs in the security configuration of the Linux machines of our department.

Recently, we extended the model to understand multiple operating systems. We implemented the Windows module for our framework. A typical weekly vulnerability report from US-CERT contains tens of bugs. Given multiple security bugs, this framework provides a mechanism to prioritize the remediation measures. We apply the ideas to the bugs previously reported in the OVAL database (http://oval.mitre.org) and automatically understand what bugs are admin-level and what bugs are non-admin level. We share the insights from modeling a network with multiple operating systems. We discuss how this framework can be used in the future to formulate vulnerability response strategies, quantitative risk estimation etc.

This is joint work with Prof. Andrew Appel.
Speaker Profile:
Govindavajhala Sudhakar is a finishing Ph.D. student at Princeton University. He did his B.Tech from IIT Madras. His broad research interests are computer security, operating systems and networks. These days his research is centered on building tools that utilize simple rule-based reasoning to assist a system administrator in network-security management. In his dissertation titled ``Modular, Operating System Aware, Network Security Analysis'', he demonstrated that simple models for security components can be used to check the security configuration of large networks. He likes to call himself "hacker from the south". :-)
List of Talks


Faculty CSE IT
Forgot Password
    [+] Sitemap     Feedback