Embed
Email

lab7.docx - Google Code

Document Sample

Shared by: dandanhuanghuang
Categories
Tags
Stats
views:
0
posted:
12/4/2011
language:
Malay
pages:
2
CS675 Software Reverse Engineering

Lab 7: Evaluation of the Logic-based Software Failure Detection

Omar Badran, Dan Moyer, Sadia Afroz





Experimental Setup:



False Positive test:

This test is done on the Pre-Trojan version of Java Email Server (JES). The test case

structure was similar to Lab:1 which verifies all the functionalities of JES.



False negative test:

This test is done on the Trojan version of JES. The test cases act as client of JES and use

SMTP and POP3 interfaces to send and receive messages. All the test cases have three

steps:

1. Activate the malware feature

2. Send and retrieve messages

3. Deactivate the malware feature



Start and stop triggers for the malware features are discussed below:



Spam Bot:

This feature causes the SMTP sender thread to send multiple copies of spam messages

with one valid message being sent to the recipient.

Start trigger: message that contains the word “BigBrothers”

Stop trigger: message containing the word “Status”



Slow Memory Leak:

This feature consumes memory spaces by saving each retrieved messages in memory.

Start trigger: any invalid POP3 command

Stop trigger: the “RSET” pop3 command.



Recursive function call:

The Recursive function call is designed to eat up stack space.

Start trigger: message containing the word “CS675”

Stop trigger: message containing the word “Drexel Graduation”.



Spawn multiple threads:

This feature spawn extra threads and send messages.

Start trigger: message containing the word “Winter”

Stop trigger: message containing the word “Summer”.



Endless Loop:

Executes an endless loop in the SMTP sender thread

Start trigger: any invalid SMTP command

Stop trigger: the “NOOP” smtp command.

File Multiplier:

Creates multiple copies of received messages in user’s directory.

Start trigger: the “MAIL FROM:” smtp command.

Stop trigger: the “RCPT TO:” smtp command



Observation:



False positive rate:

False positive rate is 2.5%



False negative rate:

Test case False negative rate



Endless Loop 48.18%



File Multiplier 19.43%



Recursive function 6.44%

call



Slow Memory 57.94%

Leak:



Spam Bot 79.17%



Spawn multiple 3.73%

threads



All 2.16%



Other docs by dandanhuanghua...
CSCE_Postgrad_Research_Students_Guidelines
Views: 0  |  Downloads: 0
F
Views: 6  |  Downloads: 0
SDS_User_Manual
Views: 3  |  Downloads: 0
systémy - FEL wiki
Views: 0  |  Downloads: 0
New high-order well-balanced numerical schemes for - Sovan Lek Home
Views: 0  |  Downloads: 0
Alan Kalter - Bio 020812
Views: 0  |  Downloads: 0
Battery Balancer - Control Board
Views: 0  |  Downloads: 0
cocuk_1_erkekler
Views: 0  |  Downloads: 0
CARLSON.TESTIMONY
Views: 0  |  Downloads: 0
New_York_2011_info_letter_1_
Views: 0  |  Downloads: 0
By registering with docstoc.com you agree to our
privacy policy
Close

You are almost ready to download!

close

You are almost ready to download!