Virginia Tech®home

Seminar: Quantitative Metrics and Measurement Methodologies for System Security Assurance

Salman Ahmed

PhD Candidate, Virginia Tech

Friday, November 19, 2021
2:30pm - 3:45pm
2150 Torgersen Hall



Investigation of advanced attacks is crucial for system security assurance. One way to achieve system security assurance is through evaluating defenses using qualitative security metrics and accurate measurement methodologies. Analyzing existing exploit techniques can provide crucial insights about qualitative security metrics and measurement methodologies. Besides, impact assessment of defenses on different components of attacks using quantitative metrics is necessary to refine defenses.

In this talk, I will discuss our techniques to extract qualitative security metrics from advanced attacks (e.g., Just-In-Time Return Oriented Programming) and utilize the extracted security metrics for refining defenses. Our extracted security metrics include various gadgets (fraction of executable code from an application), time to obtain gadgets, quality of gadgets, library code pointers, and data pointers. To assess the impact of defenses on attacks, I consider three defense techniques: i) Address Space Layout Randomization (ASLR), ii) ARM Pointer Authentication, and iii) Address Sanitizer. Our evaluation shows that attackers can take as low as 1.5 seconds to conduct their attacks by quantifying the time metric against 17 real-world applications. Also, our security assessment confirms that the instruction-level ASLR is effective up to 90%, which was previously thought not that useful. We achieve an 18% performance improvement over Address Sanitizer by quantifying the data pointer metric against popular real-world applications without compromising security.


Salman Ahmed is a Ph.D. Candidate at Virginia Tech working with Professor Danfeng (Daphne) Yao. His research interests include security metrics and methodologies for security assurance and attack surface quantification, measurable cloud security, threat intelligence analysis, insider threat detection, and program analysis. He received his M.S. degree from East Tennessee State University and B.S. degree from Bangladesh University of Engineering and Technology. He will join IBM Research after graduation.