A Formal Approach to Exploiting Multi-Stage Attacks based on File-System Vulnerabilities of Web Applications (Extended Version)

Web applications require access to the file-system for many different tasks. When analyzing the security of a web application, secu- rity analysts should thus consider the impact that file-system operations have on the security of the whole application. Moreover, the analysis should take into consideration how file-system vulnerabilities might in- teract with other vulnerabilities leading an attacker to breach into the web application. In this paper, we first propose a classification of file- system vulnerabilities, and then, based on this classification, we present a formal approach that allows one to exploit file-system vulnerabilities. We give a formal representation of web applications, databases and file- systems, and show how to reason about file-system vulnerabilities. We also show how to combine file-system vulnerabilities and SQL-Injection vulnerabilities for the identification of complex, multi-stage attacks. We have developed an automatic tool that implements our approach and we show its efficiency by discussing several real-world case studies, which are witness to the fact that our tool can generate, and exploit, complex attacks that, to the best of our knowledge, no other state-of-the-art-tool for the security of web applications can find

Advanced Automated Web Application Vulnerability Analysis

Web applications are an integral part of our lives and culture. We useweb applications to manage our bank accounts, interact with friends,and file our taxes. A single vulnerability in one of these webapplications could allow a malicious hacker to steal your money, toimpersonate you on Facebook, or to access sensitive information, suchas tax returns. It is vital that we develop new approaches to discoverand fix these vulnerabilities before the cybercriminals exploit them.In this dissertation, I will present my research on securing the webagainst current threats and future threats. First, I will discuss mywork on improving black-box vulnerability scanners, which are toolsthat can automatically discover vulnerabilities in web applications.Then, I will describe a new type of web application vulnerability:Execution After Redirect, or EAR, and an approach to automaticallydetect EARs in web applications. Finally, I will present deDacota, afirst step in the direction of making web applications secure byconstruction

Most Northerly Observation of a Grizzly Bear (Ursus arctos) in Canada: Photographic and DNA Evidence from Melville Island, Northwest Territories

During geological studies in 2003 and 2004 on Melville Island, Northwest Territories, Canada, field parties photographed and gathered genetic information on one or more grizzly bears (Ursus arctos). To our knowledge, these data constitute the most northerly observations made of this species in North America. The DNA of a hair sample collected on Melville Island in 2004 is genetically indistinguishable from DNA collected from a population of grizzly bears around Paulatuk, Northwest Territories, along the northern mainland coast. It is also distinct from the DNA of the Viscount Melville polar bear (Ursus maritimus) population. Our evidence and review suggest that, at a minimum, transient grizzly bears are now regular visitors to the Canadian Arctic Archipelago. More research will be required to understand the significance of these observations, but a small viable population of grizzly bears may now be using areas in or around Melville Island.Dans le cadre d’études géologiques réalisées en 2003 et en 2004 sur l’île Melville, dans les Territoires du Nord-Ouest, au Canada, des chercheurs sur le terrain ont photographié et recueilli de l’information génétique sur un ou plusieurs grizzlys (Ursus arctos). À notre connaissance, il s’agit des données représentant les observations sur cette espèce qui ont été recueillies les plus au nord de l’Amérique du Nord. L’ADN d’un échantillon de poil prélevé sur l’île Melville en 2004 est indifférenciable, du point de vue génétique, de l’ADN prélevé au sein d’une population de grizzlys de la région de Paulatuk, Territoires du Nord-Ouest, le long de la côte nord. Par ailleurs, il est distinct de l’ADN de la population d’ours polaires du Vicomte de Melville (Ursus maritimus). D’après les preuves que nous avons recueillies et notre analyse, à tout le moins, les grizzlys de passage sont maintenant des visiteurs habituels dans l’archipel Arctique canadien. D’autres recherches devront être effectuées afin de comprendre l’importance de ces observations, mais une population petite, bien que viable, de grizzlys pourrait maintenant utiliser les régions de l’île Melville ou situées tout près

MuTent: Dynamic Android Intent Protection with Ownership-Based Key Distribution and Security Contracts

Intents are the plain-text based message object used for ICC by the Android framework. Hence the framework essentially lacks an inbuilt security mechanism to protect the visibility, accessibility, and integrity of Intent\u27s data that facilitates adversaries to intercept or manipulate the data. In this work, we investigate the Intent protection mechanism and propose a security-enhanced Intent library MuTent that allows Android apps to securely exchange sensitive data during ICC. Differently from the existing mechanism, MuTent provides accessibility and visibility of Intent data by validating the receiver\u27s capability and provides integrity by using encryption and the Arc security contract code. Especially, ICC is initiated by exchanging MuTent and follows a novel ownership-based key distribution model, that restricts the malware apps without permission from deciphering data. Through the evaluation, we show that MuTent can improve the security for popular Android apps with minimal performance overheads, demonstrated using F-Droid apps

Quantitative 3D analysis of complex single border cell behaviors in coordinated collective cell migration

Understanding the mechanisms of collective cell migration is crucial for cancer metastasis, wound healing and many developmental processes. Imaging a migrating cluster in vivo is feasible, but the quantification of individual cell behaviours remains challenging. We have developed an image analysis toolkit, CCMToolKit, to quantify the Drosophila border cell system. In addition to chaotic motion, previous studies reported that the migrating cells are able to migrate in a highly coordinated pattern. We quantify the rotating and running migration modes in 3D while also observing a range of intermediate behaviours. Running mode is driven by cluster external protrusions. Rotating mode is associated with cluster internal cell extensions that could not be easily characterized. Although the cluster moves slower while rotating, individual cells retain their mobility and are in fact slightly more active than in running mode. We also show that individual cells may exchange positions during migration

Thermal and asphyxia exposure risk to freshwater fish in feral-pig-damaged tropical wetlands

Acute thermal and asphyxia exposure risks for freshwater fish occupying three tropical wetland typologies were examined. Field water‐quality data revealed that fish in wetlands grazed by pigs had the highest exposure risks, because they are shallow and heavily damaged by pig activities. In contrast, with the exception is dissolved oxygen (which still reached critical conditions because of aquatic vegetation respiration), deeper permanent and pig‐managed wetlands provides the best opportunity for the same fish species to survive in a heavily pig‐modified tropical landscape

Box Traps for Feral Swine Capture: A Comparison of Gate Styles in Texas

Many different types of traps have been developed to increase feral swine (Sus scrofa) capture efficiency. Though not previously compared, gate styles may influence capture success. Our objectives were to report feral swine capture data from 31 trapping campaigns conducted in 17 counties from 2005 to 2011 in Texas, USA, compare capture rates by demographic category between side-swing and rooter gates, and evaluate influences of moisture, using the Palmer Drought Severity Index (PDSI), on juvenile capture rates. We trapped feral swine during all months of the year. Our trap configurations were identical with the exception of gate style. Traps had either side-swing or rooter gates. We captured 1,310 feral swine during 2,424 trap-nights. We found no differences in capture rates between gate styles for adults, adult males, or adult females. However, we found juvenile capture rates and total capture rates to differ between gate styles. Box traps with rooter gates captured more juveniles, resulting in more total captures than in box traps with side-swing gates. Partitioned rooter gates are constructed to allow for continual entry after the gate has been tripped; whereas with single-panel side-swine gates, continual entry may be more challenging for juvenile animals that lack the size and strength to push through the spring tension. Rooter gates should be considered over side-swing gates in management programs aimed at overall damage reduction. However, in management or research programs that seek to capture adult feral swine, side-swing gates may be more appropriate because fewer non-target juvenile feral swine are captured