Reducing Attack Surface of a Web Application by Open Web Application Security Project Compliance

The attack surface of a system is the amount of application area that is exposed to the adversaries. The overall vulnerability can be reduced by reducing the attack surface of a web application. In this paper, we have considered the web components of two versions of an in-house developed project management web application and the attack surface has been calculated prior and post open web application security project (OWASP) compliance based on a security audit to determine and then compare the security of this Project Management Application. OWASP is an open community to provide free tools and guidelines for application security. It was observed that the attack surface of the software reduced by 45 per cent once it was made OWASP compliant. The vulnerable surface exposed by the code even after OWASP compliance was due to the mandatory access points left in the software to ensure accessibility over a network.Defence Science Journal, 2012, 62(5), pp.324-330, DOI:http://dx.doi.org/10.14429/dsj.62.129

A Probabilistic Cost-efficient Approach for Mobile Security Assessment

International audienceThe development of mobile technologies and services has contributed to the large-scale deployment of smartphones and tablets. These environments are exposed to a wide range of security attacks and may contain critical information about users such as contact directories and phone calls. Assessing configuration vulnerabilities is a key challenge for maintaining their security, but this activity should be performed in a lightweight manner in order to minimize the impact on their scarce resources. In this paper we present a novel approach for assessing configuration vulnerabilities in mobile devices by using a probabilistic cost-efficient security framework. We put forward a probabilistic assessment strategy supported by a mathematical model and detail our assessment framework based on OVAL vulnerability descriptions. We also describe an implementation prototype and evaluate its feasibility through a comprehensive set of experiments

Increasing Android Security using a Lightweight OVAL-based Vulnerability Assessment Framework

International audienceMobile computing devices and the services offered by them are utilized by millions of users on a daily basis. However, they operate in hostile environments getting exposed to a wide variety of threats. Accordingly, vulnerability management mechanisms are highly required. We present in this paper a novel approach for increasing the security of mobile devices by efficiently detecting vulnerable configurations. In that context, we propose a modeling for performing vulnerability assessment activities as well as an OVAL-based distributed framework for ensuring safe configurations within the Android platform. We also describe an implementation prototype and evaluate its performance through an extensive set of experiments

Agile security for web applications

Web-based applications (or more concisely, Web applications) are a kind of information system with a particular architecture. They have progressively evolved from Internet browser-based, read-only information repositories to Web-based distributed systems. Today, increasing numbers of businesses rely on their Web applications. At the same time, Web applications are facing many security challenges and, as a result, are exposing businesses to many risks. This thesis proposes a novel approach to building secure Web applications using agile software development methods

Structure of complex networks: Quantifying edge-to-edge relations by failure-induced flow redistribution

The analysis of complex networks has so far revolved mainly around the role of nodes and communities of nodes. However, the dynamics of interconnected systems is commonly focalised on edge processes, and a dual edge-centric perspective can often prove more natural. Here we present graph-theoretical measures to quantify edge-to-edge relations inspired by the notion of flow redistribution induced by edge failures. Our measures, which are related to the pseudo-inverse of the Laplacian of the network, are global and reveal the dynamical interplay between the edges of a network, including potentially non-local interactions. Our framework also allows us to define the embeddedness of an edge, a measure of how strongly an edge features in the weighted cuts of the network. We showcase the general applicability of our edge-centric framework through analyses of the Iberian Power grid, traffic flow in road networks, and the C. elegans neuronal network.Comment: 24 pages, 6 figure

Connectomics of extrasynaptic signalling: applications to the nervous system of Caenorhabditis elegans

Connectomics – the study of neural connectivity – is primarily concerned with the mapping and characterisation of wired synaptic links; however, it is well established that long-distance chemical signalling via extrasynaptic volume transmission is also critical to brain function. As these interactions are not visible in the physical structure of the nervous system, current approaches to connectomics are unable to capture them. This work addresses the problem of missing extrasynaptic interactions by demonstrating for the first time that whole-animal volume transmission networks can be mapped from gene expression and ligand-receptor interaction data, and analysed as part of the connectome. Complete networks are presented for the monoamine systems of Caenorhabditis elegans, along with a representative sample of selected neuropeptide systems. A network analysis of the synaptic (wired) and extrasynaptic (wireless) connectomes is presented which reveals complex topological properties, including extrasynaptic rich-club organisation with interconnected hubs distinct from those in the synaptic and gap junction networks, and highly significant multilink motifs pinpointing locations in the network where aminergic and neuropeptide signalling is likely to modulate synaptic activity. Thus, the neuronal connectome can be modelled as a multiplex network with synaptic, gap junction, and neuromodulatory layers representing inter-neuronal interactions with different dynamics and polarity. This represents a prototype for understanding how extrasynaptic signalling can be integrated into connectomics research, and provides a novel dataset for the development of multilayer network algorithms.This work was supported by the Medical Research Council (MRC)

An Artificial Immune System Strategy for Robust Chemical Spectra Classification via Distributed Heterogeneous Sensors

The timely detection and classification of chemical and biological agents in a wartime environment is a critical component of force protection in hostile areas. Moreover, the possibility of toxic agent use in heavily populated civilian areas has risen dramatically in recent months. This thesis effort proposes a strategy for identifying such agents vis distributed sensors in an Artificial Immune System (AIS) network. The system may be used to complement electronic nose ( E-nose ) research being conducted in part by the Air Force Research Laboratory Sensors Directorate. In addition, the proposed strategy may facilitate fulfillment of a recent mandate by the President of the United States to the Office of Homeland Defense for the provision of a system that protects civilian populations from chemical and biological agents. The proposed system is composed of networked sensors and nodes, communicating via wireless or wired connections. Measurements are continually taken via dispersed, redundant, and heterogeneous sensors strategically placed in high threat areas. These sensors continually measure and classify air or liquid samples, alerting personnel when toxic agents are detected. Detection is based upon the Biological Immune System (BIS) model of antigens and antibodies, and alerts are generated when a measured sample is determined to be a valid toxic agent (antigen). Agent signatures (antibodies) are continually distributed throughout the system to adapt to changes in the environment or to new antigens. Antibody features are determined via data mining techniques in order to improve system performance and classification capabilities. Genetic algorithms (GAs) are critical part of the process, namely in antibody generation and feature subset selection calculations. Demonstrated results validate the utility of the proposed distributed AIS model for robust chemical spectra recognition

Refactoring of Security Antipatterns in Distributed Java Components

The importance of JAVA as a programming and execution environment has grown steadily over the past decade. Furthermore, the IT industry has adapted JAVA as a major building block for the creation of new middleware as well as a technology facilitating the migration of existing applications towards web-driven environments. Parallel in time, the role of security in distributed environments has gained attention, as a large amount of middleware applications has replaced enterprise-level mainframe systems. The protection of confidentiality, integrity and availability are therefore critical for the market success of a product. The vulnerability level of every product is determined by the weakest embedded component, and selling vulnerable products can cause enormous economic damage to software vendors. An important goal of this work is to create the awareness that the usage of a programming language, which is designed as being secure, is not sufficient to create secure and trustworthy distributed applications. Moreover, the incorporation of the threat model of the programming language improves the risk analysis by allowing a better definition of the attack surface of the application. The evolution of a programming language leads towards common patterns for solutions for recurring quality aspects. Suboptimal solutions, also known as ´antipatterns´, are typical causes for quality weaknesses such as security vulnerabilities. Moreover, the exposure to a specific environment is an important parameter for threat analysis, as code considered secure in a specific scenario can cause unexpected risks when switching the environment. Antipatterns are a well-established means on the abstractional level of system modeling to inform about the effects of incomplete solutions, which are also important in the later stages of the software development process. Especially on the implementation level, we see a deficit of helpful examples, that would give programmers a better and holistic understanding. In our basic assumption, we link the missing experience of programmers regarding the security properties of patterns within their code to the creation of software vulnerabilities. Traditional software development models focus on security properties only on the meta layer. To transfer these efficiently to the practical level, we provide a three-stage approach: First, we focus on typical security problems within JAVA applications, and develop a standardized catalogue of ´antipatterns´ with examples from standard software products. Detecting and avoiding these antipatterns positively influences software quality. We therefore focus, as second element of our methodology, on possible enhancements to common models for the software development process. These help to control and identify the occurrence of antipatterns during development activities, i. e. during the coding phase and during the phase of component assembly, integrating one´s own and third party code. Within the third part, and emphasizing the practical focus of this research, we implement prototypical tools for support of the software development phase. The practical findings of this research helped to enhance the security of the standard JAVA platforms and JEE frameworks. We verified the relevance of our methods and tools by applying these to standard software products leading to a measurable reduction of vulnerabilities and an information exchange with middleware vendors (Sun Microsystems, JBoss) targeting runtime security. Our goal is to enable software architects and software developers developing end-user applications to apply our findings with embedded standard components on their environments. From a high-level perspective, software architects profit from this work through the projection of the quality-of-service goals to protection details. This supports their task of deriving security requirements when selecting standard components. In order to give implementation-near practitioners a helpful starting point to benefit from our research we provide tools and case-studies to achieve security improvements within their own code base.Die Bedeutung der Programmiersprache JAVA als Baustein für Softwareentwicklungs- und Produktionsinfrastrukturen ist im letzten Jahrzehnt stetig gestiegen. JAVA hat sich als bedeutender Baustein für die Programmierung von Middleware-Lösungen etabliert. Ebenfalls evident ist die Verwendung von JAVA-Technologien zur Migration von existierenden Arbeitsplatz-Anwendungen hin zu webbasierten Einsatzszenarien. Parallel zu dieser Entwicklung hat sich die Rolle der IT-Sicherheit nicht zuletzt aufgrund der Verdrängung von mainframe-basierten Systemen hin zu verteilten Umgebungen verstärkt. Der Schutz von Vertraulichkeit, Integrität und Verfügbarkeit ist seit einigen Jahren ein kritisches Alleinstellungsmerkmal für den Markterfolg von Produkten. Verwundbarkeiten in Produkten wirken mittlerweile indirekt über kundenseitigen Vertrauensverlust negativ auf den wirtschaftlichen Erfolg der Softwarehersteller, zumal der Sicherheitsgrad eines Systems durch die verwundbarste Komponente bestimmt wird. Ein zentrales Ziel dieser Arbeit ist die Erkenntnis zu vermitteln, dass die alleinige Nutzung einer als ´sicher´ eingestuften Programmiersprache nicht als alleinige Grundlage zur Erstellung von sicheren und vertrauenswürdigen Anwendungen ausreicht. Vielmehr führt die Einbeziehung des Bedrohungsmodells der Programmiersprache zu einer verbesserten Risikobetrachtung, da die Angriffsfläche einer Anwendung detaillierter beschreibbar wird. Die Entwicklung und fortschreitende Akzeptanz einer Programmiersprache führt zu einer Verbreitung von allgemein anerkannten Lösungsmustern zur Erfüllung wiederkehrender Qualitätsanforderungen. Im Bereich der Dienstqualitäten fördern ´Gegenmuster´, d.h. nichtoptimale Lösungen, die Entstehung von Strukturschwächen, welche in der Domäne der IT-Sicherheit ´Verwundbarkeiten´ genannt werden. Des Weiteren ist die Einsatzumgebung einer Anwendung eine wichtige Kenngröße, um eine Bedrohungsanalyse durchzuführen, denn je nach Beschaffenheit der Bedrohungen im Zielszenario kann eine bestimmte Benutzeraktion eine Bedrohung darstellen, aber auch einen erwarteten Anwendungsfall charakterisieren. Während auf der Modellierungsebene ein breites Angebot von Beispielen zur Umsetzung von Sicherheitsmustern besteht, fehlt es den Programmierern auf der Implementierungsebene häufig an ganzheitlichem Verständnis. Dieses kann durch Beispiele, welche die Auswirkungen der Verwendung von ´Gegenmustern´ illustrieren, vermittelt werden. Unsere Kernannahme besteht darin, dass fehlende Erfahrung der Programmierer bzgl. der Sicherheitsrelevanz bei der Wahl von Implementierungsmustern zur Entstehung von Verwundbarkeiten führt. Bei der Vermittlung herkömmlicher Software-Entwicklungsmodelle wird die Integration von praktischen Ansätzen zur Umsetzung von Sicherheitsanforderungen zumeist nur in Meta-Modellen adressiert. Zur Erweiterung des Wirkungsgrades auf die praktische Ebene wird ein dreistufiger Ansatz präsentiert. Im ersten Teil stellen wir typische Sicherheitsprobleme von JAVA-Anwendungen in den Mittelpunkt der Betrachtung, und entwickeln einen standardisierten Katalog dieser ´Gegenmuster´. Die Relevanz der einzelnen Muster wird durch die Untersuchung des Auftretens dieser in Standardprodukten verifiziert. Der zweite Untersuchungsbereich widmet sich der Integration von Vorgehensweisen zur Identifikation und Vermeidung der ´Sicherheits-Gegenmuster´ innerhalb des Software-Entwicklungsprozesses. Hierfür werden zum einen Ansätze für die Analyse und Verbesserung von Implementierungsergebnissen zur Verfügung gestellt. Zum anderen wird, induziert durch die verbreitete Nutzung von Fremdkomponenten, die arbeitsintensive Auslieferungsphase mit einem Ansatz zur Erstellung ganzheitlicher Sicherheitsrichtlinien versorgt. Da bei dieser Arbeit die praktische Verwendbarkeit der Ergebnisse eine zentrale Anforderung darstellt, wird diese durch prototypische Werkzeuge und nachvollziehbare Beispiele in einer dritten Perspektive unterstützt. Die Relevanz der Anwendung der entwickelten Methoden und Werkzeuge auf Standardprodukte zeigt sich durch die im Laufe der Forschungsarbeit entdeckten Sicherheitsdefizite. Die Rückmeldung bei führenden Middleware-Herstellern (Sun Microsystems, JBoss) hat durch gegenseitigen Erfahrungsaustausch im Laufe dieser Forschungsarbeit zu einer messbaren Verringerung der Verwundbarkeit ihrer Middleware-Produkte geführt. Neben den erreichten positiven Auswirkungen bei den Herstellern der Basiskomponenten sollen Erfahrungen auch an die Architekten und Entwickler von Endprodukten, welche Standardkomponenten direkt oder indirekt nutzen, weitergereicht werden. Um auch dem praktisch interessierten Leser einen möglichst einfachen Einstieg zu bieten, stehen die Werkzeuge mit Hilfe von Fallstudien in einem praktischen Gesamtzusammenhang. Die für das Tiefenverständnis notwendigen Theoriebestandteile bieten dem Software-Architekten die Möglichkeit sicherheitsrelevante Auswirkungen einer Komponentenauswahl frühzeitig zu erkennen und bei der Systemgestaltung zu nutzen

Proceedings of the 36th International Workshop Statistical Modelling July 18-22, 2022 - Trieste, Italy

The 36th International Workshop on Statistical Modelling (IWSM) is the first one held in presence after a two year hiatus due to the COVID-19 pandemic. This edition was quite lively, with 60 oral presentations and 53 posters, covering a vast variety of topics. As usual, the extended abstracts of the papers are collected in the IWSM proceedings, but unlike the previous workshops, this year the proceedings will be not printed on paper, but it is only online. The workshop proudly maintains its almost unique feature of scheduling one plenary session for the whole week. This choice has always contributed to the stimulating atmosphere of the conference, combined with its informal character, encouraging the exchange of ideas and cross-fertilization among different areas as a distinguished tradition of the workshop, student participation has been strongly encouraged. This IWSM edition is particularly successful in this respect, as testified by the large number of students included in the program

Generalised stochastic blockmodels and their applications in the analysis of brain networks

Recently, there has been a great interest in methods that can decompose brain networks into clusters with similar connection patterns. However, most of the currently used clustering methods in neuroimaging are based on the stringent assumption that the cluster structure is modular, that is, the nodes are densely connected within clusters, but sparsely connected between clusters. Furthermore, multi-subject network data is typically fit by several subject-by-subject analyses, which are limited by the fact that there is no obvious way to combine the results for group comparisons, or on a group-averaged network analysis, which does not reflect the variability between subjects. In the first part of this thesis, we consider the analysis of a single binary-valued brain network using the Stochastic Blockmodel (Daudin et al., 2008) and compare it to the widely used clustering methods, Louvain and Spectral algorithms. For this, we use the Caenorhabditis elegans (C. elegans) worm nervous system as a model organism whose wealth of prior biological knowledge can be used to validate the functional relevance of network decompositions. We show that the ‘cores-in-modules’ decomposition of the worm brain network estimated by the Stochastic Blockmodel is more compatible with prior biological knowledge about the C. elegans than the purely modular decompositions found by the Louvain and Spectral algorithms. In the second part of this thesis, we propose three multi-subject extensions of Daudin et al.’s Stochastic Blockmodel that can estimate a common cluster structure across subjects. Two of these (non-trivial) models use subject specific covariates to model variation in connection rates in the data. The first and trivial model assumes no variability between subjects, the second model accounts for a global variability in connections between subjects, and the third model accounts for local variability in connections between subjects that can differ across individual within/between-cluster connectivity elements. In the third part of this thesis, we propose a mixed-effect multi-subject model which can account for the repeated-measures aspects of multi-subject network data by including a random intercept. For the second and third part of the thesis, we use intensive Monte Carlo simulations to investigate the accuracy of the estimated parameters as well as the validity of inference procedures. Furthermore, we illustrate the proposed models on a resting state fMRI dataset with two groups of subjects: healthy volunteers and individuals diagnosed with schizophrenia