PRIVILEGE-ESCALATION VULNERABILITY DETECTION IMPLEMENTATION WITH STATIC CODE ANALYSIS
Broken access control vulnerabilities are one of the most significant vulnerabilities in software security. Despite the reputation, the detection of broken access control vulnerabilities using static code analysis tools is challenging because each software developed has different specification pa...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/86183 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | Broken access control vulnerabilities are one of the most significant vulnerabilities
in software security. Despite the reputation, the detection of broken access control
vulnerabilities using static code analysis tools is challenging because each software
developed has different specification patterns. Popular static code analysis tools do
not thoroughly detect broken access control vulnerabilities, especially privilege
escalation. Several approaches are used to detect broken access control
vulnerabilities. One approach involves comparing the number of context-free
grammars and redirection sets of two different roles. Another approach involves
creating a control flow graph model based on vulnerable code and patched code.
In this paper, a static code analysis tool is developed to detect privilege escalation
vulnerabilities. The chosen method leverages the comparison of execution flows by
two different roles. Given an access control policy specification for each role, the
tool is expected to detect privilege escalation vulnerabilities.
From 3 source codes tested by the tool, 6 sensitive endpoints were found, 2 of which
were vulnerable. Given a specification for several roles in the source code, the tool
can compare execution flows and detect privilege escalation vulnerabilities within
the source code. It was found that the tool is not yet effective enough in detecting
vulnerabilities in large and more complex source codes. Several suggestions can be
applied to improve the effectiveness of the tool in detecting privilege escalation
vulnerabilities. |
|---|