A Systematic Approach to Uncover Security Flaws in GUI Logic

2007 IEEE Symposium on Security and Privacy (SP '07) Pub Date : 2007-05-20 DOI:10.1109/SP.2007.6

J. Meseguer, R. Sasse, Helen J. Wang, Yi-Min Wang

{"title":"A Systematic Approach to Uncover Security Flaws in GUI Logic","authors":"J. Meseguer, R. Sasse, Helen J. Wang, Yi-Min Wang","doi":"10.1109/SP.2007.6","DOIUrl":null,"url":null,"abstract":"To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the human-computer interface is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic bugs in GUI design/implementation. Visual spoofing attacks that exploit these flaws can lure even security- conscious users to perform unintended actions. The focus of this paper is to formulate the problem of GUI logic flaws and to develop a methodology for uncovering them in software implementations. Specifically, based on an in-depth study of key subsets of Internet Explorer (IE) browser source code, we have developed a formal model for the browser GUI logic and have applied formal reasoning to uncover new spoofing scenarios, including nine for status bar spoofing and four for address bar spoofing. The IE development team has confirmed all these scenarios and has fixed most of them in their latest build. Through this work, we demonstrate that a crucial subset of visual spoofing vulnerabilities originate from GUI logic flaws, which have a well-defined mathematical meaning allowing a systematic analysis.","PeriodicalId":131863,"journal":{"name":"2007 IEEE Symposium on Security and Privacy (SP '07)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"52","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 IEEE Symposium on Security and Privacy (SP '07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SP.2007.6","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 52

Abstract

To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the human-computer interface is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic bugs in GUI design/implementation. Visual spoofing attacks that exploit these flaws can lure even security- conscious users to perform unintended actions. The focus of this paper is to formulate the problem of GUI logic flaws and to develop a methodology for uncovering them in software implementations. Specifically, based on an in-depth study of key subsets of Internet Explorer (IE) browser source code, we have developed a formal model for the browser GUI logic and have applied formal reasoning to uncover new spoofing scenarios, including nine for status bar spoofing and four for address bar spoofing. The IE development team has confirmed all these scenarios and has fixed most of them in their latest build. Through this work, we demonstrate that a crucial subset of visual spoofing vulnerabilities originate from GUI logic flaws, which have a well-defined mathematical meaning allowing a systematic analysis.

查看原文本刊更多论文

揭示GUI逻辑安全漏洞的系统方法

为了实现端到端的安全，如果人机界面的完整性受到损害，传统的机器对机器安全措施是不够的。GUI逻辑缺陷是一类由GUI设计/实现中的逻辑错误导致的软件漏洞。利用这些漏洞的视觉欺骗攻击甚至可以引诱具有安全意识的用户执行意想不到的操作。本文的重点是阐述GUI逻辑缺陷的问题，并开发一种在软件实现中发现它们的方法。具体来说，基于对IE浏览器源代码关键子集的深入研究，我们为浏览器GUI逻辑开发了一个形式化模型，并应用形式化推理来发现新的欺骗场景，包括9个状态栏欺骗和4个地址栏欺骗。IE开发团队已经确认了所有这些场景，并在最新版本中修复了其中的大部分。通过这项工作，我们证明了视觉欺骗漏洞的一个关键子集源于GUI逻辑缺陷，这些缺陷具有良好定义的数学含义，允许系统分析。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2007 IEEE Symposium on Security and Privacy (SP '07)

自引率

0.00%

发文量