Software Security Metrics for Malware Resilience

We examine the level of resistance offered by a software product against malicious software (malware) attacks. Analysis is performed on the software architecture. This is available as a result of the software design process and can hence be used at an early stage in development. A model of a generic computer system is developed, based on the internationally recognized Common Criteria for Information Technology Security Evaluation. It is formally specified in the Z modeling language. Malicious software attacks and security mechanisms are captured by the model. A repository of generic attack methods is given and the concept of resistance classes introduced to distinguish different levels of protection. We assess how certain architectural properties and changes in system architecture affect the possible resistance classes of a product. This thesis has four main contributions: A generic model of an operating system from a security perspective, a repository of typical attack methods, a set of resistance classes, and an identification of software architecture metrics pertaining to ordered security levels

OOXML File Analysis of the July 22nd Terrorist Manual

Part 3: Extended AbstractsInternational audienceWe examine the terrorist manual circulated on the day of the attacks in Oslo and on Utøya island on July 22nd 2011 to find out if the OOXML structure is consistent with claims by the suspect apprehended for the terrorist act, and to determine if there have been additional authors

Building a trusted path for applications using COTS components

Client computers are often a weak link in a technical network infrastructure. Increasing the security of client systems and applications against malicious software attacks increases the security of the network as a whole. Our work solves integrity and authenticity of input, confidentiality, integrity and authenticity of output. We present components to integrate a trusted path into an application to directly communicate with a user at a personal computer. This allows security sensitive parts of applications to continue operating while being attacked with malicious software in an event-driven system. Our approach uses widely employed COTS software – DirectX – and can be varied in design and implementation, hence making it more difficult to defeat with generic attack tools. Client computers are often a weak link in a technical network infrastructure. Confidentiality and integrity of connections between nodes in a network can be secured employing strong cryptography. However, this does not help against attacks by malicious software. Trojan horse programs, i.e., programs with additional hidden, often malicious, functions, are more and more popular forms of attack. These assail the endpoint

Erfahrungsbericht Fortbildungssemester WS2018 Prof. Dr. Hanno Langweg

Erfahrungsbericht zum Fortbildungssemester am Bundesamt für Sicherheit in der Informationstechnik (BSI) in Bon

Buiding a Trusted Path . . .

Client computers are often a weak link in a technical network infrastructure. Increasing the security of client systems and applications against malicious software attacks increases the security of the network as a whole

Evidential Reasoning for Forensic Readiness

To learn from the past, we analyse 1,088 "computer as a target" judgements for evidential reasoning by extracting four case elements: decision, intent, fact, and evidence. Analysing the decision element is essential for studying the scale of sentence severity for cross-jurisdictional comparisons. Examining the intent element can facilitate future risk assessment. Analysing the fact element can enhance an organization's capability of analysing criminal activities for future offender profiling. Examining the evidence used against a defendant from previous judgements can facilitate the preparation of evidence for upcoming legal disclosure. Follow the concepts of argumentation diagrams, we develop an automatic judgement summarizing system to enhance the accessibility of judgements and avoid repeating past mistakes. Inspired by the feasibility of extracting legal knowledge for argument construction and employing grounds of inadmissibility for probability assessment, we conduct evidential reasoning of kernel traces for forensic readiness. We integrate the narrative methods from attack graphs/languages for preventing confirmation bias, the argumentative methods from argumentation diagrams for constructing legal arguments, and the probabilistic methods from Bayesian networks for comparing hypotheses