Systematic approach to uncover GUI logic flaws
First Claim
1. A method of uncovering logic flaws of a graphical user interface (GUI) comprising:
- mapping a visual invariant that is seen by a user, to a program invariant comprising Boolean flags associated with an execution context, the mapping based on a browser'"'"'s logic for mouse handling and page loading;
discovering inputs to GUI logic that include user actions and execution context to cause the program invariant to be violated; and
identifying the logic flaws of the GUI based on the inputs that cause the program invariant to be violated;
wherein the visual invariant relates consistency between a user'"'"'s visual perception and a browser state; and
wherein the discovering is used as a guidance for constructing real visual spoofing attacks.
2 Assignments
0 Petitions
Accused Products
Abstract
To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.
-
Citations
12 Claims
-
1. A method of uncovering logic flaws of a graphical user interface (GUI) comprising:
-
mapping a visual invariant that is seen by a user, to a program invariant comprising Boolean flags associated with an execution context, the mapping based on a browser'"'"'s logic for mouse handling and page loading; discovering inputs to GUI logic that include user actions and execution context to cause the program invariant to be violated; and identifying the logic flaws of the GUI based on the inputs that cause the program invariant to be violated; wherein the visual invariant relates consistency between a user'"'"'s visual perception and a browser state; and wherein the discovering is used as a guidance for constructing real visual spoofing attacks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer readable device having computer-executable modules executable by a computing device, comprising:
-
a reasoning engine that performs steps comprising; defining a formal model of a graphical user interface (GUI) comprised of a user action sequence, an execution context, and GUI states, the GUI states represented by symbolic expressions indicating how a GUI state is transformed into another GUI state; mapping one or more visual invariants that are seen by a user to one or more program invariants comprising Boolean flags associated with the GUI states, the mapping based on a browser'"'"'s logic for mouse handling and page loading; identifying logic flaws of the GUI based on inputs that cause the one or more program invariants to be violated; and in response to a violation of a particular program invariant of the one or more program invariants, outputting a spoofing scenario based on the user action sequence, the execution context, and the GUI state at the time that the violation occurred; wherein the one or more visual invariants relate consistency between a user'"'"'s visual perception and a browser state. - View Dependent Claims (10, 11, 12)
-
Specification