2,123 research outputs found
Virtual Environments for Training: From Individual Learning to Collaboration with Humanoids
The next generation of virtual environments for training is oriented towards
collaborative aspects. Therefore, we have decided to enhance our platform for
virtual training environments, adding collaboration opportunities and
integrating humanoids. In this paper we put forward a model of humanoid that
suits both virtual humans and representations of real users, according to
collaborative training activities. We suggest adaptations to the scenario model
of our platform making it possible to write collaborative procedures. We
introduce a mechanism of action selection made up of a global repartition and
an individual choice. These models are currently being integrated and validated
in GVT, a virtual training tool for maintenance of military equipments,
developed in collaboration with the French company NEXTER-Group
Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On
Single Sign-On (SSO) systems simplify login procedures by using an an
Identity Provider (IdP) to issue authentication tokens which can be consumed by
Service Providers (SPs). Traditionally, IdPs are modeled as trusted third
parties. This is reasonable for SSO systems like Kerberos, MS Passport and
SAML, where each SP explicitely specifies which IdP he trusts. However, in open
systems like OpenID and OpenID Connect, each user may set up his own IdP, and a
discovery phase is added to the protocol flow. Thus it is easy for an attacker
to set up its own IdP. In this paper we use a novel approach for analyzing SSO
authentication schemes by introducing a malicious IdP. With this approach we
evaluate one of the most popular and widely deployed SSO protocols - OpenID. We
found four novel attack classes on OpenID, which were not covered by previous
research, and show their applicability to real-life implementations. As a
result, we were able to compromise 11 out of 16 existing OpenID implementations
like Sourceforge, Drupal and ownCloud. We automated discovery of these attacks
in a open source tool OpenID Attacker, which additionally allows fine-granular
testing of all parameters in OpenID implementations. Our research helps to
better understand the message flow in the OpenID protocol, trust assumptions in
the different components of the system, and implementation issues in OpenID
components. It is applicable to other SSO systems like OpenID Connect and SAML.
All OpenID implementations have been informed about their vulnerabilities and
we supported them in fixing the issues
Enabling collaboration in virtual reality navigators
In this paper we characterize a feature superset for Collaborative
Virtual Reality Environments (CVRE), and derive a component
framework to transform stand-alone VR navigators into full-fledged
multithreaded collaborative environments. The contributions of our
approach rely on a cost-effective and extensible technique for
loading software components into separate POSIX threads for
rendering, user interaction and network communications, and adding a
top layer for managing session collaboration. The framework recasts
a VR navigator under a distributed peer-to-peer topology for scene
and object sharing, using callback hooks for broadcasting remote
events and multicamera perspective sharing with avatar interaction.
We validate the framework by applying it to our own ALICE VR
Navigator. Experimental results show that our approach has good
performance in the collaborative inspection of complex models.Postprint (published version
Economic Factors of Vulnerability Trade and Exploitation
Cybercrime markets support the development and diffusion of new attack
technologies, vulnerability exploits, and malware. Whereas the revenue streams
of cyber attackers have been studied multiple times in the literature, no
quantitative account currently exists on the economics of attack acquisition
and deployment. Yet, this understanding is critical to characterize the
production of (traded) exploits, the economy that drives it, and its effects on
the overall attack scenario. In this paper we provide an empirical
investigation of the economics of vulnerability exploitation, and the effects
of market factors on likelihood of exploit. Our data is collected
first-handedly from a prominent Russian cybercrime market where the trading of
the most active attack tools reported by the security industry happens. Our
findings reveal that exploits in the underground are priced similarly or above
vulnerabilities in legitimate bug-hunting programs, and that the refresh cycle
of exploits is slower than currently often assumed. On the other hand,
cybercriminals are becoming faster at introducing selected vulnerabilities, and
the market is in clear expansion both in terms of players, traded exploits, and
exploit pricing. We then evaluate the effects of these market variables on
likelihood of attack realization, and find strong evidence of the correlation
between market activity and exploit deployment. We discuss implications on
vulnerability metrics, economics, and exploit measurement.Comment: 17 pages, 11 figures, 14 table
Web Application Weakness Ontology Based on Vulnerability Data
Web applications are becoming more ubiquitous. All manner of physical devices
are now connected and often have a variety of web applications and
web-interfaces. This proliferation of web applications has been accompanied by
an increase in reported software vulnerabilities. The objective of this
analysis of vulnerability data is to understand the current landscape of
reported web application flaws. Along those lines, this work reviews ten years
(2011 - 2020) of vulnerability data in the National Vulnerability Database.
Based on this data, most common web application weaknesses are identified and
their profiles presented. A weakness ontology is developed to capture the
attributes of these weaknesses. These include their attack method and attack
vectors. Also described is the impact of the weaknesses to software quality
attributes. Additionally, the technologies that are susceptible to each
weakness are presented, they include programming languages, frameworks,
communication protocols, and data formats
- …