An Experience in Testing the Security of Real-World Electronic Voting Systems

An Experience in Testing the Security of Real-World Electronic Voting Systems

Voting is the process through which a democratic society determines its government. Therefore, voting systems are as important as other well-known critical systems, such as air traffic control systems or nuclear plant monitors. Unfortunately, voting systems have a history of failures that seems to i...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on software engineering 2010-07, Vol.36 (4), p.453-473
Hauptverfasser: Balzarotti, Davide, Banks, Greg, Cova, Marco, Felmetsger, Viktoria, Kemmerer, Richard, Robertson, William, Valeur, Fredrik, Vigna, Giovanni
Format: Artikel
Sprache:eng
Schlagworte:
Air traffic control
Control systems
Digital Object Identifier
Elections
Electronic equipment testing
Electronic voting systems
Frequency
Government
Governments
History
Information systems
Large-scale systems
Monitors
Network security
Nuclear power plants
Online voting
Political conventions
Politics
Security
security testing
Software engineering
Spreads
Studies
System testing
Tasks
Voting
Voting machines
Voting systems
vulnerability analysis
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 473
container_issue 4
container_start_page 453
container_title IEEE transactions on software engineering
container_volume 36
creator Balzarotti, Davide
Banks, Greg
Cova, Marco
Felmetsger, Viktoria
Kemmerer, Richard
Robertson, William
Valeur, Fredrik
Vigna, Giovanni
description Voting is the process through which a democratic society determines its government. Therefore, voting systems are as important as other well-known critical systems, such as air traffic control systems or nuclear plant monitors. Unfortunately, voting systems have a history of failures that seems to indicate that their quality is not up to the task. Because of the alarming frequency and impact of the malfunctions of voting systems, in recent years a number of vulnerability analysis exercises have been carried out against voting systems to determine if they can be compromised in order to control the results of an election. We have participated in two such large-scale projects, sponsored by the Secretaries of State of California and Ohio, whose goals were to perform the security testing of the electronic voting systems used in their respective states. As the result of the testing process, we identified major vulnerabilities in all of the systems analyzed. We then took advantage of a combination of these vulnerabilities to generate a series of attacks that would spread across the voting systems and would "steal" votes by combining voting record tampering with social engineering approaches. As a response to the two large-scale security evaluations, the Secretaries of State of California and Ohio recommended changes to improve the security of the voting process. In this paper, we describe the methodology that we used in testing the two real-world electronic voting systems we evaluated, the findings of our analysis, our attacks, and the lessons we learned.
doi_str_mv 10.1109/TSE.2009.53
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_journals_732182642</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>5210119</ieee_id><sourcerecordid>787228901</sourcerecordid><originalsourceid>FETCH-LOGICAL-c312t-b9527ff34f016c452508026c1f02153dbb1c70d4c7d92fd646b279f00cc22bc53</originalsourceid><addsrcrecordid>eNpd0M9LwzAUwPEgCs7pyaOX4MWDdL68NE1zHKP-gIngph5Dmyba0bUzacH993ZOPHh68PjweHwJOWcwYQzUzXKRTRBATQQ_ICOmuIq4QDgko2GZRkKk6pichLACACGlGJHHaUOzr431lW2MpVVDlzZ0VfNOuw9LF9b0vuq2tHX02eZ19Nb6uqRZbU3n26Yy9LX9wYtt6Ow6nJIjl9fBnv3OMXm5zZaz-2j-dPcwm84jwxl2UaEESud47IAlJhYoIAVMDHOATPCyKJiRUMZGlgpdmcRJgVI5AGMQCyP4mFzt7258-9kPD-t1FYyt67yxbR-0TCViqoAN8vKfXLW9b4bntOTIUkxiHND1HhnfhuCt0xtfrXO_1Qz0LqwewupdWC34oC_2urLW_kmBDNhQ_BtRZXIV</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>732182642</pqid></control><display><type>article</type><title>An Experience in Testing the Security of Real-World Electronic Voting Systems</title><source>IEEE Electronic Library (IEL)</source><creator>Balzarotti, Davide ; Banks, Greg ; Cova, Marco ; Felmetsger, Viktoria ; Kemmerer, Richard ; Robertson, William ; Valeur, Fredrik ; Vigna, Giovanni</creator><creatorcontrib>Balzarotti, Davide ; Banks, Greg ; Cova, Marco ; Felmetsger, Viktoria ; Kemmerer, Richard ; Robertson, William ; Valeur, Fredrik ; Vigna, Giovanni</creatorcontrib><description>Voting is the process through which a democratic society determines its government. Therefore, voting systems are as important as other well-known critical systems, such as air traffic control systems or nuclear plant monitors. Unfortunately, voting systems have a history of failures that seems to indicate that their quality is not up to the task. Because of the alarming frequency and impact of the malfunctions of voting systems, in recent years a number of vulnerability analysis exercises have been carried out against voting systems to determine if they can be compromised in order to control the results of an election. We have participated in two such large-scale projects, sponsored by the Secretaries of State of California and Ohio, whose goals were to perform the security testing of the electronic voting systems used in their respective states. As the result of the testing process, we identified major vulnerabilities in all of the systems analyzed. We then took advantage of a combination of these vulnerabilities to generate a series of attacks that would spread across the voting systems and would "steal" votes by combining voting record tampering with social engineering approaches. As a response to the two large-scale security evaluations, the Secretaries of State of California and Ohio recommended changes to improve the security of the voting process. In this paper, we describe the methodology that we used in testing the two real-world electronic voting systems we evaluated, the findings of our analysis, our attacks, and the lessons we learned.</description><identifier>ISSN: 0098-5589</identifier><identifier>EISSN: 1939-3520</identifier><identifier>DOI: 10.1109/TSE.2009.53</identifier><identifier>CODEN: IESEDJ</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Air traffic control ; Control systems ; Digital Object Identifier ; Elections ; Electronic equipment testing ; Electronic voting systems ; Frequency ; Government ; Governments ; History ; Information systems ; Large-scale systems ; Monitors ; Network security ; Nuclear power plants ; Online voting ; Political conventions ; Politics ; Security ; security testing ; Software engineering ; Spreads ; Studies ; System testing ; Tasks ; Voting ; Voting machines ; Voting systems ; vulnerability analysis</subject><ispartof>IEEE transactions on software engineering, 2010-07, Vol.36 (4), p.453-473</ispartof><rights>Copyright IEEE Computer Society Apr 2010</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c312t-b9527ff34f016c452508026c1f02153dbb1c70d4c7d92fd646b279f00cc22bc53</citedby><cites>FETCH-LOGICAL-c312t-b9527ff34f016c452508026c1f02153dbb1c70d4c7d92fd646b279f00cc22bc53</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/5210119$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/5210119$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Balzarotti, Davide</creatorcontrib><creatorcontrib>Banks, Greg</creatorcontrib><creatorcontrib>Cova, Marco</creatorcontrib><creatorcontrib>Felmetsger, Viktoria</creatorcontrib><creatorcontrib>Kemmerer, Richard</creatorcontrib><creatorcontrib>Robertson, William</creatorcontrib><creatorcontrib>Valeur, Fredrik</creatorcontrib><creatorcontrib>Vigna, Giovanni</creatorcontrib><title>An Experience in Testing the Security of Real-World Electronic Voting Systems</title><title>IEEE transactions on software engineering</title><addtitle>TSE</addtitle><description>Voting is the process through which a democratic society determines its government. Therefore, voting systems are as important as other well-known critical systems, such as air traffic control systems or nuclear plant monitors. Unfortunately, voting systems have a history of failures that seems to indicate that their quality is not up to the task. Because of the alarming frequency and impact of the malfunctions of voting systems, in recent years a number of vulnerability analysis exercises have been carried out against voting systems to determine if they can be compromised in order to control the results of an election. We have participated in two such large-scale projects, sponsored by the Secretaries of State of California and Ohio, whose goals were to perform the security testing of the electronic voting systems used in their respective states. As the result of the testing process, we identified major vulnerabilities in all of the systems analyzed. We then took advantage of a combination of these vulnerabilities to generate a series of attacks that would spread across the voting systems and would "steal" votes by combining voting record tampering with social engineering approaches. As a response to the two large-scale security evaluations, the Secretaries of State of California and Ohio recommended changes to improve the security of the voting process. In this paper, we describe the methodology that we used in testing the two real-world electronic voting systems we evaluated, the findings of our analysis, our attacks, and the lessons we learned.</description><subject>Air traffic control</subject><subject>Control systems</subject><subject>Digital Object Identifier</subject><subject>Elections</subject><subject>Electronic equipment testing</subject><subject>Electronic voting systems</subject><subject>Frequency</subject><subject>Government</subject><subject>Governments</subject><subject>History</subject><subject>Information systems</subject><subject>Large-scale systems</subject><subject>Monitors</subject><subject>Network security</subject><subject>Nuclear power plants</subject><subject>Online voting</subject><subject>Political conventions</subject><subject>Politics</subject><subject>Security</subject><subject>security testing</subject><subject>Software engineering</subject><subject>Spreads</subject><subject>Studies</subject><subject>System testing</subject><subject>Tasks</subject><subject>Voting</subject><subject>Voting machines</subject><subject>Voting systems</subject><subject>vulnerability analysis</subject><issn>0098-5589</issn><issn>1939-3520</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2010</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><sourceid>8G5</sourceid><sourceid>BENPR</sourceid><sourceid>GUQSH</sourceid><sourceid>M2O</sourceid><recordid>eNpd0M9LwzAUwPEgCs7pyaOX4MWDdL68NE1zHKP-gIngph5Dmyba0bUzacH993ZOPHh68PjweHwJOWcwYQzUzXKRTRBATQQ_ICOmuIq4QDgko2GZRkKk6pichLACACGlGJHHaUOzr431lW2MpVVDlzZ0VfNOuw9LF9b0vuq2tHX02eZ19Nb6uqRZbU3n26Yy9LX9wYtt6Ow6nJIjl9fBnv3OMXm5zZaz-2j-dPcwm84jwxl2UaEESud47IAlJhYoIAVMDHOATPCyKJiRUMZGlgpdmcRJgVI5AGMQCyP4mFzt7258-9kPD-t1FYyt67yxbR-0TCViqoAN8vKfXLW9b4bntOTIUkxiHND1HhnfhuCt0xtfrXO_1Qz0LqwewupdWC34oC_2urLW_kmBDNhQ_BtRZXIV</recordid><startdate>20100701</startdate><enddate>20100701</enddate><creator>Balzarotti, Davide</creator><creator>Banks, Greg</creator><creator>Cova, Marco</creator><creator>Felmetsger, Viktoria</creator><creator>Kemmerer, Richard</creator><creator>Robertson, William</creator><creator>Valeur, Fredrik</creator><creator>Vigna, Giovanni</creator><general>IEEE</general><general>IEEE Computer Society</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7WY</scope><scope>7WZ</scope><scope>7X7</scope><scope>7XB</scope><scope>87Z</scope><scope>88E</scope><scope>88F</scope><scope>88I</scope><scope>88K</scope><scope>8AL</scope><scope>8FE</scope><scope>8FG</scope><scope>8FI</scope><scope>8FJ</scope><scope>8FK</scope><scope>8FL</scope><scope>8G5</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>FYUFA</scope><scope>F~G</scope><scope>GHDGH</scope><scope>GNUQQ</scope><scope>GUQSH</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>K9.</scope><scope>L.-</scope><scope>L6V</scope><scope>M0C</scope><scope>M0N</scope><scope>M0S</scope><scope>M1P</scope><scope>M1Q</scope><scope>M2O</scope><scope>M2P</scope><scope>M2T</scope><scope>M7S</scope><scope>MBDVC</scope><scope>P5Z</scope><scope>P62</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>Q9U</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>F28</scope><scope>FR3</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>20100701</creationdate><title>An Experience in Testing the Security of Real-World Electronic Voting Systems</title><author>Balzarotti, Davide ; Banks, Greg ; Cova, Marco ; Felmetsger, Viktoria ; Kemmerer, Richard ; Robertson, William ; Valeur, Fredrik ; Vigna, Giovanni</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c312t-b9527ff34f016c452508026c1f02153dbb1c70d4c7d92fd646b279f00cc22bc53</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2010</creationdate><topic>Air traffic control</topic><topic>Control systems</topic><topic>Digital Object Identifier</topic><topic>Elections</topic><topic>Electronic equipment testing</topic><topic>Electronic voting systems</topic><topic>Frequency</topic><topic>Government</topic><topic>Governments</topic><topic>History</topic><topic>Information systems</topic><topic>Large-scale systems</topic><topic>Monitors</topic><topic>Network security</topic><topic>Nuclear power plants</topic><topic>Online voting</topic><topic>Political conventions</topic><topic>Politics</topic><topic>Security</topic><topic>security testing</topic><topic>Software engineering</topic><topic>Spreads</topic><topic>Studies</topic><topic>System testing</topic><topic>Tasks</topic><topic>Voting</topic><topic>Voting machines</topic><topic>Voting systems</topic><topic>vulnerability analysis</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Balzarotti, Davide</creatorcontrib><creatorcontrib>Banks, Greg</creatorcontrib><creatorcontrib>Cova, Marco</creatorcontrib><creatorcontrib>Felmetsger, Viktoria</creatorcontrib><creatorcontrib>Kemmerer, Richard</creatorcontrib><creatorcontrib>Robertson, William</creatorcontrib><creatorcontrib>Valeur, Fredrik</creatorcontrib><creatorcontrib>Vigna, Giovanni</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>Health &amp; Medical Collection</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Medical Database (Alumni Edition)</collection><collection>Military Database (Alumni Edition)</collection><collection>Science Database (Alumni Edition)</collection><collection>Telecommunications (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Hospital Premium Collection</collection><collection>Hospital Premium Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>Research Library (Alumni Edition)</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies &amp; Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>Health Research Premium Collection</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>Health Research Premium Collection (Alumni)</collection><collection>ProQuest Central Student</collection><collection>Research Library Prep</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ProQuest Health &amp; Medical Complete (Alumni)</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ProQuest Engineering Collection</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Health &amp; Medical Collection (Alumni Edition)</collection><collection>Medical Database</collection><collection>Military Database</collection><collection>Research Library</collection><collection>Science Database</collection><collection>Telecommunications Database</collection><collection>Engineering Database</collection><collection>Research Library (Corporate)</collection><collection>Advanced Technologies &amp; Aerospace Database</collection><collection>ProQuest Advanced Technologies &amp; Aerospace Collection</collection><collection>One Business (ProQuest)</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>ProQuest Central Basic</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ANTE: Abstracts in New Technology &amp; Engineering</collection><collection>Engineering Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE transactions on software engineering</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Balzarotti, Davide</au><au>Banks, Greg</au><au>Cova, Marco</au><au>Felmetsger, Viktoria</au><au>Kemmerer, Richard</au><au>Robertson, William</au><au>Valeur, Fredrik</au><au>Vigna, Giovanni</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An Experience in Testing the Security of Real-World Electronic Voting Systems</atitle><jtitle>IEEE transactions on software engineering</jtitle><stitle>TSE</stitle><date>2010-07-01</date><risdate>2010</risdate><volume>36</volume><issue>4</issue><spage>453</spage><epage>473</epage><pages>453-473</pages><issn>0098-5589</issn><eissn>1939-3520</eissn><coden>IESEDJ</coden><abstract>Voting is the process through which a democratic society determines its government. Therefore, voting systems are as important as other well-known critical systems, such as air traffic control systems or nuclear plant monitors. Unfortunately, voting systems have a history of failures that seems to indicate that their quality is not up to the task. Because of the alarming frequency and impact of the malfunctions of voting systems, in recent years a number of vulnerability analysis exercises have been carried out against voting systems to determine if they can be compromised in order to control the results of an election. We have participated in two such large-scale projects, sponsored by the Secretaries of State of California and Ohio, whose goals were to perform the security testing of the electronic voting systems used in their respective states. As the result of the testing process, we identified major vulnerabilities in all of the systems analyzed. We then took advantage of a combination of these vulnerabilities to generate a series of attacks that would spread across the voting systems and would "steal" votes by combining voting record tampering with social engineering approaches. As a response to the two large-scale security evaluations, the Secretaries of State of California and Ohio recommended changes to improve the security of the voting process. In this paper, we describe the methodology that we used in testing the two real-world electronic voting systems we evaluated, the findings of our analysis, our attacks, and the lessons we learned.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TSE.2009.53</doi><tpages>21</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0098-5589
ispartof IEEE transactions on software engineering, 2010-07, Vol.36 (4), p.453-473
issn 0098-5589
1939-3520
language eng
recordid cdi_proquest_journals_732182642
source IEEE Electronic Library (IEL)
subjects Air traffic control
Control systems
Digital Object Identifier
Elections
Electronic equipment testing
Electronic voting systems
Frequency
Government
Governments
History
Information systems
Large-scale systems
Monitors
Network security
Nuclear power plants
Online voting
Political conventions
Politics
Security
security testing
Software engineering
Spreads
Studies
System testing
Tasks
Voting
Voting machines
Voting systems
vulnerability analysis
title An Experience in Testing the Security of Real-World Electronic Voting Systems
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-14T08%3A59%3A24IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20Experience%20in%20Testing%20the%20Security%20of%20Real-World%20Electronic%20Voting%20Systems&rft.jtitle=IEEE%20transactions%20on%20software%20engineering&rft.au=Balzarotti,%20Davide&rft.date=2010-07-01&rft.volume=36&rft.issue=4&rft.spage=453&rft.epage=473&rft.pages=453-473&rft.issn=0098-5589&rft.eissn=1939-3520&rft.coden=IESEDJ&rft_id=info:doi/10.1109/TSE.2009.53&rft_dat=%3Cproquest_RIE%3E787228901%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=732182642&rft_id=info:pmid/&rft_ieee_id=5210119&rfr_iscdi=true