Better detect vulnerabilities with linguistics-inspired exploit testing
How to Avoid Malice Using Linguistics-Inspired Exploit Testing
The US military uses countless commodity IT products, such as printers, PCs, and mobile phones. These devices’ components are often built overseas and delivered to the military with little oversight, creating a significant risk of exploitable vulnerabilities.
Under DARPA’s Vetting Commodity IT Software and Firmware (VET) program, we developed HAMLET to address this risk. The HAMLET tool analyzes potential vulnerabilities in firmware and other low-level software in IT products to objectively quantify the risks. HAMLET then uses this quantification to create highly optimized test plans to rule out risk as efficiently as possible.
Cyber analysts can use HAMLET’s objective risk assessments to prioritize their analysis or to guide tabletop exercises.
“Military IT products are vulnerable to adversary cyberattacks; it’s a known industry problem with no easy answer. However, our HAMLET tool helps quantify risks objectively. Our current research into security assessments will be invaluable for the military.”
Dr. Terry Patten
Principal Scientist and Principal Investigator on HAMLET
HAMLET applies sophisticated linguistic grammars to cybersecurity to ensure that military devices, such as printers and routers, are safe.
Identifying and quantifying cyber risk
Under VET, Charles River developed the HAMLET tool. HAMLET identifies potential vulnerabilities, then objectively quantifies the risks. The tool applies advanced analysis techniques adapted from linguistics to represent the attack space and optimize test plans.
The HAMLET tool addresses three key components of the VET program:
- Support knowledge elicitation sessions to identify the kinds of malicious attacks that adversaries can make against commodity IT devices
- Use this knowledge to automatically identify vulnerability combinations or malicious code that might be used by an adversary to attack a particular device and its components
- Develop an efficient test plan that demonstrates the presence or absence of vulnerabilities or malicious code
Adapting linguistics to cybersecurity
HAMLET borrows techniques from linguistics and applies them to cybersecurity. Functional linguists perform essentially the same type of hierarchical functional decomposition as security analysts. With their 100-year head start, linguists have developed sophisticated representations that address several critical limitations of current attack trees. HAMLET uses systemic functional grammars (SFGs) as next-generation attack trees to quantify the attack space and optimize comprehensive test plans.
Advancing new technology
HAMLET’s test plans minimize the number of required tests and the amount of time that expert analysts need to run them. HAMLET provides valuable cyber analysis for commodity devices, but it can also be applied to other applications. HAMLET is being used by AFRL to analyze avionics systems, it’s being adapted for cyber assessments during the design phase under DARPA’s CASE program, and we expect it to transition to SPAWAR for tabletop cyber-risk assessments.
Risk/cost graph for an optimized test plan
HAMLET was highlighted in this Success Story:
Distribution Statement “A” (Approved for Public Release, Distribution Unlimited)