340 research outputs found
Assessing the accuracy of vulnerability scanners and developing a tsunami securaty scanner plug-in
Mestrado em Cibersegurança na Escola Superior de Tecnologia e Gestão do Instituto Politécnico de Viana do CasteloDigital transformation is a key factor for a company's success. Recently this digital transformation was accelerated in many companies due to the Covid-19 pandemic, requiring more changes in people, systems, and data. In some cases, these changes in systems and procedures uncover new vulnerabilities that could be early detected and mitigated. In this context, the vulnerability scanner tools may prevent con guration errors and known vulnerabilities at an early stage. The release of the Tsunami Security Scanner, an open-source vulnerability scanner released by Google, opens the opportunity to analyze and compare the commonly used, free-to-use vulnerability scanners. The wide choice of Vulnerability Scanning Tools can be a time-consuming task for a company that needs to take into consideration complex and numerous variables such as accuracy and precision to be able to choose the right tool. This thesis aims to assess the accuracy of vulnerability scanner tools. In the rst stage resources usage and performance assessment regarding diferent vulnerabilities and systems. In the second stage, a plugin is developed for the Tsunami Security Scanner with the purpose of detecting a speci c vulnerability (CVE-2019-12815). The precision assessment is accomplished by placing multiple virtual machines in a network with different vulnerable scanners and other machines with different vulnerable and non-vulnerable operating systems. This enables the validation that the features and
performance of these scanners are different or vary accordingly to the target systems. This work can be particularly helpful to organisations with lower resources such as Small and Medium-sized Enterprises (SMEs) since it reviews a set of these tools that are available for use. The development of the Tsunami Security Scanner plugin is also important as an effort to increase the range of plugins available.A transformação digital é um fator chave para o sucesso das empresas. Recentemente a transformação digital foi acelerada em muitas empresas devido à pandemia de Covid-19, exigindo mudanças de pessoas, sistemas e dados. Em alguns casos, essas mudanças nos sistemas e procedimentos revelam novas vulnerabilidades que devem ser detectadas e mitigadas com antecedência. Neste contexto, as ferramentas de veri ficação de vulnerabilidades podem evitar erros de con figuração e vulnerabilidades conhecidas numa fase antecipada. A disponibilização do Tsunami Security Scanner, um verificador de vulnerabilidades de código aberto lançaado pelo Google, abre a oportunidade de analisar e comparar os verifi cadores de vulnerabilidades comumente usados e gratuitos. A ampla escolha de ferramentas
de veri ficação de vulnerabilidades pode ser uma tarefa demorada para uma empresa que precisa levar em consideração variáveis complexas e numerosas, como exatidão e precisão, para poder escolher a ferramenta certa. Esta tese visa avaliar a precisão de ferramentas de veri ficação de vulnerabilidades.
Numa primeira fase, avaliação do uso de recursos e desempenho em relação a diferentes vulnerabilidades e sistemas. Numa segunda fase, é desenvolvido um plugin para o Tsunami
Security Scanner com o objetivo de detectar uma vulnerabilidade especÃfica (CVE-2019-
12815). A avaliação da precisão das ferramentas é realizada colocando múltiplas máquinas virtuais em uma rede com diferentes veri ficadores de vulnerabilidades e outras máquinas com diferentes sistemas operativos vulneráveis e não vulneráveis. Isso permite validar que as caracterÃsticas e desempenho desses verifi cadores são diferentes ou variam de acordo com os sistemas-alvo. Este trabalho pode ser particularmente útil para organizações com recursos mais limitados, já que revê um conjunto dessas ferramentas que estão disponÃveis para uso. O desenvolvimento do plugin para o Tsunami Security Scanner também é importante como um esforço para aumentar a gama de plugins disponÃveis
Sensei : enforcing secure coding guidelines in the integrated development environment
We discuss the potential benefits, requirements, and implementation challenges of a security-by-design approach in which an integrated development environment (IDE) plugin assists software developers to write code that complies with secure coding guidelines. We discuss how such a plugin can enable a company's policy-setting security experts and developers to pass their knowledge on to each other more efficiently, and to let developers more effectively put that knowledge into practice. This is achieved by letting the team members develop customized rule sets that formalize coding guidelines and by letting the plugin check the compliance of code being written to those rule sets in real time, similar to an as-you-type spell checker. Upon detected violations, the plugin suggests options to quickly fix them and offers additional information for the developer. We share our experience with proof-of-concept designs and implementations rolled out in multiple companies, and present some future research and development directions
Automatic Detection and Fixing of Java XXE Vulnerabilities Using Static Source Code Analysis and Instance Tracking
Web security is an important part of any web-based software
system. XML External Entity (XXE) attacks are one of web applications’
most significant security risks. A successful XXE attack can have severe
consequences like Denial-of-Service (DoS), remote code execution, and information extraction. Many Java codes are vulnerable to XXE due to missing the proper setting of the parser’s security attributes after initializing the instance of the parser. To fix such vulnerabilities, we invented a novel instance tracking approach to detect Java XXE vulnerabilities and integrated the approach into a vulnerability detection plugin of Integrated Development Environment (IDE). We have also implemented auto-fixes for the identified XXE vulnerabilities by modifying the source code’s Abstract Syntax Tree (AST). The detection and auto-fixing approaches were evaluated using typical Java code vulnerable to XXE. The evaluation results showed that our detection approach provided 100% precision and recall in detecting the XXE vulnerabilities and correctly fixed 86% of the identified vulnerabilities
Ghera: A Repository of Android App Vulnerability Benchmarks
Security of mobile apps affects the security of their users. This has fueled
the development of techniques to automatically detect vulnerabilities in mobile
apps and help developers secure their apps; specifically, in the context of
Android platform due to openness and ubiquitousness of the platform. Despite a
slew of research efforts in this space, there is no comprehensive repository of
up-to-date and lean benchmarks that contain most of the known Android app
vulnerabilities and, consequently, can be used to rigorously evaluate both
existing and new vulnerability detection techniques and help developers learn
about Android app vulnerabilities. In this paper, we describe Ghera, an open
source repository of benchmarks that capture 25 known vulnerabilities in
Android apps (as pairs of exploited/benign and exploiting/malicious apps). We
also present desirable characteristics of vulnerability benchmarks and
repositories that we uncovered while creating Ghera.Comment: 10 pages. Accepted at PROMISE'1
- …