Users interacting with a system through UI are typically obliged to perform their actions in a pre-determined order, to successfully achieve certain functional goals. However, such obligations are often not followed strictly by users, which may lead to the violation to security properties, especially in security-critical systems. To improve the security with the awareness of unexpected user behaviors, a system can be redesigned to a more robust one by changing the order of actions in its specification. Meanwhile, we anticipate that the functionalities would remain consistent following the modifications. In this paper, we propose an efficient algorithm to automatically produce specification revisions tackling the attack scenarios caused by weakened user obligations. By our algorithm, all the revisions would be generated to maintain the integrity of the functionalities using a novel recomposition approach. Then, the eligible revisions that can satisfy the security requirements would be efficiently spotted by a hybrid approach combining model checking and machine learning techniques. We evaluate our algorithm by comparing its performance with a state-of-the-art approach regarding their coverage and searching speed of the desirable revisions.
翻译:通过UI与系统互动的用户通常有义务按照预先确定的顺序采取行动,以成功实现某些功能目标。然而,用户往往不严格遵守这些义务,这可能导致对安全特性的违反,特别是在安全临界系统中。为了提高安全性,意识到出乎意料的用户行为,一个系统可以通过改变其规格的行动顺序而重新设计为更健全的系统。与此同时,我们预计,在修改之后,功能将保持一致。我们在本文件中提议一种高效的算法,针对用户义务削弱造成的攻击情形自动提出规格修订。根据我们的算法,所有修订都将产生,以便使用新的重组方法维护功能的完整性。然后,能够满足安全要求的合格修订将通过混合方法,将模式检查和机器学习技术结合起来,有效地发现。我们通过将自己的性能与最新的方法进行比较,了解其覆盖范围和适当修改的速度,从而评估我们的算法。