 | | | Author: | | Thomas McCabe Jr. (208.29.51.---) | | | Date: | | 08.02.08 | |
Tools that search for known exploits are analogous to debuggers in my opinion and are employed using a reactive model rather than a proactive one. The reason why cyclomatic complexity and subtree analysis is so important relates to the fact that many expoits deal with interactions: interactions between code statements, interactions between data and control flow, interactions between modules, interactions between your codebase and library routines, and interactions between your code and attack surface modules. Being cognizant of paths and subtrees within code is crucial for determining sneak paths, impact analysis, and testing to verify control flow integrity.
Furthermore, most security experts will tell you that software complexity gets in the way of analysis and incorporating McCabe Metrics such as cyclomatic complexity into your vision will aid in the quantification and understanding of the complexity characteristics of your codebase.
Security Analysis without a control and data flow diagram of logic and design is like doing security analysis of a house without schematics, such as a flooring plan or circuitry diagram.
Only scanning for known exploits without verifying control flow integrity is comparable to that same security expert explaining the obvious, such as windows are open and doors are unlocked, and being completely oblivious to the fact that there is a trap door in your basement.
Those insecure doors and windows are only the low hanging fruit.
http://www.mccabe.com/news_pr020708.htm |
|
