A taxonomy of computer program security flaws

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A taxonomy of computer program security flaws

Full text

Pdf (3.81 MB)

Source

ACM Computing Surveys (CSUR) archive
Volume 26 , Issue 3 (September 1994) table of contents

Pages: 211 - 254

Year of Publication: 1994

ISSN:0360-0300

Authors

Carl E. Landwehr	Naval Research Lab, Washington, DC
Alan R. Bull	Naval Research Lab, Washington, DC
John P. McDermott	Naval Research Lab, Washington, DC
William S. Choi	Naval Research Lab, Washington, DC

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 42, Downloads (12 Months): 283, Citation Count: 31

Additional Information:

abstract references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/185403.185412 What is a DOI?

ABSTRACT

An organized record of actual flaws can be useful to computer system designers, programmers, analysts, administrators, and users. This survey provides a taxonomy for computer program security flaws, with an Appendix that documents 50 actual security flaws. These flaws have all been described previously in the open literature, but in widely separated places. For those new to the field of computer security, they provide a good introduction to the characteristics of security flaws and how they can arise. Because these flaws were not randomly selected from a valid statistical sample of such flaws, we make no strong claims concerning the likely distribution of actual security flaws within the taxonomy. However, this method of organizing security flaw data can help those who have custody of more representative samples to organize them and to focus their efforts to remove and, eventually, to prevent the introduction of security flaws.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	ABBOT% R. P., CHIN, J. S., DONNELLEY, J. E., KONIGSFORD, W. L., TOKUBO, S., AND WEBB, D.A. 1976. Security analysis and enhancements of computer operating systems. NBSIR 76 1041, National Bureau of Standards, ICST, Washington, D.C.
	2	ANDERSON, J.P. 1972. Computer security technology planning study. ESD-TR-73-51, vols. I and II. NTIS AD758206, Hanscom Field, Bedford, Mass.
	3	BISBEY R., II AND HOLLINGWORTH, D. 1978. Protection analysis project final report. ISI/RR-78-13, DTIC AD A056816, USC/Information Sciences Inst., 1978.
	4	BREHMER, C. L. AND CARL, J.R. 1993. Incorporating IEEE Standard 1044 into your anomaly tracking process. CrossTalk, J. Def. Softw. Eng. 6, I (Jan.), 9-16.
	5	Ram Chillarege , Inderpal S. Bhandari , Jarir K. Chaar , Michael J. Halliday , Diane S. Moebus , Bonnie K. Ray , Man-Yuen Wong, Orthogonal Defect Classification-A Concept for In-Process Measurements, IEEE Transactions on Software Engineering, v.18 n.11, p.943-956, November 1992 [doi>10.1109/32.177364]
	6	COHEN, F. 1984. Computer viruses: Theory and experiments. In the 7th DoD/NBS Computer Security Conference. 240-263.
	7	DEPARTMENT OF DEFENSE. 1985. Trusted computer system evaluation criteria. DoD 5200.28- STD, U.S. Dept. of Defense, Washington, D.C.
	8	Dorothy Elizabeth Rob Denning, Cryptography and Data Security, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1982
	9	DENNING, P.J. 1988. Computer viruses. Am. Sci. 76 (May-June), 236-238.
	10	ELMER-DEWITT, P. 1988. Invasion of the data snatchers. TIME Mag. (Sept. 26), 62-67.
	11	David Ferbrache, A Pathology of Computer Viruses, Springer-Verlag New York, Inc., Secaucus, NJ, 1992
	12	FLORAC, W. A. 1992. Software quality measurement: A framework for counting problems and defects. CMU/SEI-92-TR-22, Software Engineering Inst. Pittsburgh, Pa.
	13	Morrie Gasser, Building a secure computer system, Van Nostrand Reinhold Co., New York, NY, 1988
	14	IEEE COMPUTER SOCIETY 1990. Standard glossary of software engineering terminology, ANSI/IEEE Standard 610.12-1990 IEEE Press, New York.
	15	Butler W. Lampson, A note on the confinement problem, Communications of the ACM, v.16 n.10, p.613-615, Oct. 1973 [doi>10.1145/362375.362389]
	16	LANDWEHR, C. E. 1983. The best avafiable technologies for computer security. JEEE Comp~zt, 16, 7 (July), 86 100.
	17	Carl E. Landwehr, Formal Models for Computer Security, ACM Computing Surveys (CSUR), v.13 n.3, p.247-278, Sept. 1981 [doi>10.1145/356850.356852]
	18	J.C. C. Laprie , A. Avizienis , H. Kopetz, Dependability: Basic Concepts and Terminology, Springer-Verlag New York, Inc., Secaucus, NJ, 1992
	19	LEVESON, N. AND TURNER, C. S 1992. An investigation of the Therac~25 accidents. UCI TR-92- 108, Information and Computer Science Dept., Univ. of California, Irvine, Ca.
	20	LINDE, R.R. 1975. Operating system penetration. In the AFIPS National Computer Conference. AFIPS, Arlington, Va., 361 368.
	21	McDERMOTT, J.P. 1988. A technique for removing an important class of Trojan horses from high order languages. In Proceedu~gs of the llth National Computer Security Conference. NBS/NCSC, Gaithersburg, Md., 114-117.
	22	NEUMANN, P.G. 1978. Computer security evaluation. In the 1978 Natwnal Computer Conference, AFIPS Conference Proceedings 47. AFIPS, Arlington, Va., 1087-1095.
	23	PETROSKI, H. 1992. To Engineer zs Human: The Role of Failure Ln Successful Design. Vintage Books, New York.
	24	Charles P. Pfleeger, Security in computing, Prentice-Hall, Inc., Upper Saddle River, NJ, 1988
	25	Jon A. Rochlis , Mark W. Eichin, With microscope and tweezers: the worm from MIT's perspective, Communications of the ACM, v.32 n.6, p.689-698, June 1989 [doi>10.1145/63526.63528]
	26	SCHELL, R. R. 1979. Computer security: The Achfiles heel of the electronic Air Force? A~r Univ. Rev. 30, 2 (Jan. Feb.), 16-33.
	27	John F. Shoch , Jon A. Hupp, The “worm” programs—early experience with a distributed computation, Communications of the ACM, v.25 n.3, p.172-180, March 1982 [doi>10.1145/358453.358455]
	28	E. H. Spafford, Crisis and aftermath, Communications of the ACM, v.32 n.6, p.678-687, June 1989 [doi>10.1145/63526.63527]
	29	SULLIVAN, M. R. AND CHILLAREGE, R. 1992. A comparison of software defects in database management systems and operating systems. In Proceedings of the 22nd International Symposium on Fault-Tolerant Computer Systems IEEE Computer Society, Boston, Mass., (FTCS-22 ) (July).
	30	Ken Thompson, Reflections on trusting trust, Communications of the ACM, v.27 n.8, p.761-763, Aug 1984 [doi>10.1145/358198.358210]
	31	WEiss, D. M. AND BASmI, V.R. 1985. Evaluating software development by analysis of changes: Some data from the Software Engineering Laboratory. IEEE Trans. Softw Eng. SE-11, 2 (Feb.), 157-168.

CITED BY 31

	John Viega , Gary McGraw , Tom Mutdosch , Edward W. Felten, Statically Scanning Java Code: Finding Security Vulnerabilities, IEEE Software, v.17 n.5, p.68-74, September 2000
	Edgar Weippl, An approach to secure distribution of web-based training courses, Australian Computer Science Communications, v.23 n.1, p.199-205, January-February 2001
	R. Sekar , Y. Guang , S. Verma , T. Shanbhag, A high-performance network intrusion detection system, Proceedings of the 6th ACM conference on Computer and communications security, p.8-17, November 01-04, 1999, Kent Ridge Digital Labs, Singapore
	Ernesto J. Sallés , James Bret Michael , Michael Capps , Don McGregor , Andrzej Kapolka, Security of runtime extensible virtual environments, Proceedings of the 4th international conference on Collaborative virtual environments, p.97-104, September 30-October 02, 2002, Bonn, Germany
	Edgar Weippl, Coimbra: secure Web access to multimedia content, Proceedings of the 2000 ACM workshops on Multimedia, p.145-148, October 30-November 03, 2000, Los Angeles, California, United States
	Juan M. Estévez-Tapiador , Pedro García-Teodoro , Jesús E. Díaz-Verdejo, NSDF: a computer network system description framework and its application to network security, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.43 n.5, p.573-600, 5 December 2003
	Christian S. Collberg , Clark Thomborson, Watermarking, tamper-proffing, and obfuscation: tools for software protection, IEEE Transactions on Software Engineering, v.28 n.8, p.735-746, August 2002
	Olin Sibert , Phillip A. Porras , Robert Lindell, An Analysis of the Intel 80×86 Security Architecture and Implementations, IEEE Transactions on Software Engineering, v.22 n.5, p.283-293, May 1996
	Moshe Zviran, Securing PC applications: the relay race approach, Communications of the ACM, v.45 n.4, April 2002
	Algirdas Avizienis , Jean-Claude Laprie , Brian Randell , Carl Landwehr, Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE Transactions on Dependable and Secure Computing, v.1 n.1, p.11-33, January 2004
	Peng Liu , Wanyu Zang , Meng Yu, Incentive-based modeling and inference of attacker intent, objectives, and strategies, ACM Transactions on Information and System Security (TISSEC), v.8 n.1, p.78-118, February 2005
	Sam Weber , Paul A. Karger , Amit Paradkar, A software flaw taxonomy: aiming tools at security, ACM SIGSOFT Software Engineering Notes, v.30 n.4, July 2005
	Michael Gegick , Laurie Williams, Matching attack patterns to security vulnerabilities in software-intensive system designs, ACM SIGSOFT Software Engineering Notes, v.30 n.4, July 2005
	Jeff Yan , Brian Randell, A systematic classification of cheating in online games, Proceedings of 4th ACM SIGCOMM workshop on Network and system support for games, October 10-11, 2005, Hawthorne, NY
	Daniel P. Siewiorek , Ram Chillarege , Zbigniew T. Kalbarczyk, Reflections on Industry Trends and Experimental Research in Dependability, IEEE Transactions on Dependable and Secure Computing, v.1 n.2, p.109-127, April 2004
	Peng Liu , Wanyu Zang, Incentive-based modeling and inference of attacker intent, objectives, and strategies, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
	Nicholas J. Puketza , Kui Zhang , Mandy Chung , Biswanath Mukherjee , Ronald A. Olsson, A Methodology for Testing Intrusion Detection Systems, IEEE Transactions on Software Engineering, v.22 n.10, p.719-729, October 1996
	Shanai Ardi , David Byers , Nahid Shahmehri, Towards a structured unified process for software security, Proceedings of the 2006 international workshop on Software engineering for secure systems, May 20-21, 2006, Shanghai, China
	Hanno Langweg, Framework for malware resistance metrics, Proceedings of the 2nd ACM workshop on Quality of protection, October 30-30, 2006, Alexandria, Virginia, USA
	R. Sekar , T. Bowen , M. Segal, On preventing intrusions by process behavior monitoring, Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring, p.4-4, April 09-12, 1999, Santa Clara, California
	Donald G. Marks , Michael Stinson, Security trumps efficiency: putting it into the curriculum, Journal of Computing Sciences in Colleges, v.22 n.4, p.162-169, April 2007
	Michael Gegick , Laurie Williams, On the design of more secure software-intensive systems by use of attack patterns, Information and Software Technology, v.49 n.4, p.381-397, April, 2007
	Irene M. Y. Woon , Atreyi Kankanhalli, Investigation of IS professionals' intention to practise secure development of applications, International Journal of Human-Computer Studies, v.65 n.1, p.29-41, January, 2007
	Durgesh Pant , K. C. Joshi, Software fault tolerant computing: needs and prospects, Ubiquity, v.8 n.16, p.1-1, April 24, 2007 - April 30, 2007
	Andrew Forward , Timothy C. Lethbridge, A taxonomy of software types to facilitate search and evidence-based software engineering, Proceedings of the 2008 conference of the center for advanced studies on collaborative research: meeting of minds, October 27-30, 2008, Ontario, Canada
	Jeffrey Undercoffer , Anupam Joshi , Tim Finin , John Pinkston, Using DAML+OIL to classify intrusive behaviours, The Knowledge Engineering Review, v.18 n.3, p.221-241, September 2003
	Rabih Zbib , Farooq Anjum , Abhrajit Ghosh , Amjad Umar, Intrusion Tolerance in Distributed Middleware, Information Systems Frontiers, v.6 n.1, p.67-75, March 2004
	Yudistira Asnar , Paolo Giorgini , Paolo Ciancarini , Rocco Moretti , Maurizio Sebastianis , Nicola Zannone, An evaluation of business solutions in manufacturing enterprises, International Journal of Business Intelligence and Data Mining, v.3 n.3, p.305-329, December 2008
	Carolyn B. Seaman , Forrest Shull , Myrna Regardie , Denis Elbert , Raimund L. Feldmann , Yuepu Guo , Sally Godfrey, Defect categorization: making use of a decade of widely varying historical data, Proceedings of the Second ACM-IEEE international symposium on Empirical software engineering and measurement, October 09-10, 2008, Kaiserslautern, Germany
	Daniel Hein , Hossein Saiedian, Secure Software Engineering: Learning from the Past to Address Future Challenges, Information Security Journal: A Global Perspective, v.18 n.1, p.8-25, January 2009
	Gertrude Neuman Levine, Defining defects, errors, and service degradations, ACM SIGSOFT Software Engineering Notes, v.34 n.2, March 2009

INDEX TERMS

Primary Classification:
D. Software
D.4 OPERATING SYSTEMS

General Terms:
Algorithms, Security

Keywords:
error/defect classification, security flaw, taxonomy

REVIEW

"Stanley A. Kurzban : Reviewer"

Landwehr et al.have written a useful paper on the categorization of security flaws in computer systems. It serves researchers in the field, its primary audience, well. The top level of the authors' taxonom more...

Collaborative Colleagues:

Carl E. Landwehr: colleagues

Alan R. Bull: colleagues

John P. McDermott: colleagues

William S. Choi: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player