102,459 research outputs found
A Formal Approach to Exploiting Multi-Stage Attacks based on File-System Vulnerabilities of Web Applications (Extended Version)
Web applications require access to the file-system for many different tasks.
When analyzing the security of a web application, secu- rity analysts should
thus consider the impact that file-system operations have on the security of
the whole application. Moreover, the analysis should take into consideration
how file-system vulnerabilities might in- teract with other vulnerabilities
leading an attacker to breach into the web application. In this paper, we first
propose a classification of file- system vulnerabilities, and then, based on
this classification, we present a formal approach that allows one to exploit
file-system vulnerabilities. We give a formal representation of web
applications, databases and file- systems, and show how to reason about
file-system vulnerabilities. We also show how to combine file-system
vulnerabilities and SQL-Injection vulnerabilities for the identification of
complex, multi-stage attacks. We have developed an automatic tool that
implements our approach and we show its efficiency by discussing several
real-world case studies, which are witness to the fact that our tool can
generate, and exploit, complex attacks that, to the best of our knowledge, no
other state-of-the-art-tool for the security of web applications can find
Model the System from Adversary Viewpoint: Threats Identification and Modeling
Security attacks are hard to understand, often expressed with unfriendly and
limited details, making it difficult for security experts and for security
analysts to create intelligible security specifications. For instance, to
explain Why (attack objective), What (i.e., system assets, goals, etc.), and
How (attack method), adversary achieved his attack goals. We introduce in this
paper a security attack meta-model for our SysML-Sec framework, developed to
improve the threat identification and modeling through the explicit
representation of security concerns with knowledge representation techniques.
Our proposed meta-model enables the specification of these concerns through
ontological concepts which define the semantics of the security artifacts and
introduced using SysML-Sec diagrams. This meta-model also enables representing
the relationships that tie several such concepts together. This representation
is then used for reasoning about the knowledge introduced by system designers
as well as security experts through the graphical environment of the SysML-Sec
framework.Comment: In Proceedings AIDP 2014, arXiv:1410.322
An Assurance Framework for Independent Co-assurance of Safety and Security
Integrated safety and security assurance for complex systems is difficult for
many technical and socio-technical reasons such as mismatched processes,
inadequate information, differing use of language and philosophies, etc.. Many
co-assurance techniques rely on disregarding some of these challenges in order
to present a unified methodology. Even with this simplification, no methodology
has been widely adopted primarily because this approach is unrealistic when met
with the complexity of real-world system development.
This paper presents an alternate approach by providing a Safety-Security
Assurance Framework (SSAF) based on a core set of assurance principles. This is
done so that safety and security can be co-assured independently, as opposed to
unified co-assurance which has been shown to have significant drawbacks. This
also allows for separate processes and expertise from practitioners in each
domain. With this structure, the focus is shifted from simplified unification
to integration through exchanging the correct information at the right time
using synchronisation activities
- …