An Attack Simulator for Systematically Testing Program-based Security Mechanisms

The use of insecure programming practices has led to a large number of vulnerable programs that can be exploited for malicious purposes. These vulnerabilities are often difficult to find during traditional software testing. In response to these difficulties, various program-based security mechanisms have been proposed to help protect potentially vulnerable programs. Testing these security mechanisms, however, also can be difficult and is currently rather ad hoc. In this paper, we describe the design, implementation, and evaluation of an attack simulator that enables the systematic and semi-automatic testing and evaluation of the effectiveness of current and future security mechanisms by automatically providing numerous contexts for testing the reliability of the mechanisms. Capable of automatically creating attacks on running programs by dynamically adding code (but not modifying existing code), the attack simulator can run in different modes and simulate attacks at various program points systematically. Through a case study, we demonstrate how our tool can be used to test two well-known security mechanisms for stack smashing attacks in several different testing modes