Persistence deployment automation

La ciberseguretat és un camp que cada cop té més importància, ja que any rere any creix el nombre de ciberatacs a tota mena d'organitzacions. Atès que l'impacte d'aquests atacs és cada vegada més gran (la qual cosa es tradueix en majors pèrdues per a les grans empreses), és fonamental invertir en equips, eines, personal i/o serveis de seguretat per estar el més protegits possible davant de tota mena de ciberamenaces. Dos dels serveis de ciberseguretat més comuns són les avaluacions de seguretat als equips d'usuari i a les xarxes, on es posen a prova els programes antimalware contractats pel client, davant diferents tècniques utilitzades en atacs reals, com les classificades com a \textit{persistència}: procediments per tornar a executar un fitxer o una comanda, o per tornar a establir la comunicació amb un servidor remot, després de que l'ordinador s'hagi reiniciat o de que el procés hagi finalitzat. Durant les intrusions, entenent "intrusió" com un atac que ha aconseguit accedir a ordinadors de la xarxa interna d'alguna empresa, les tècniques de persistència són crucials, donat que perdre la connexió amb l'equip compromès podria posar en risc tot l'operatiu. Aquest projecte recopila informació sobre els diferents mètodes per desplegar persistència tant a diversos sistemes operatius (Windows i Linux) com en serveis (com el de Directori Actiu), centrant-se en les tècniques més usades als atacs d'avui dia. Aquesta informació també es troba a Internet, però està dispersa i de vegades escrita en un llenguatge molt tècnic, fent-ne difícil la seva comprensió. A més, s'ha desenvolupat una eina d'automatització per poder fer el desplegament de la persistència de forma ràpida i senzilla. Aquesta eina es compon de diversos scripts, adaptats a diferents sistemes operatius, i pot resultar molt útil quan es realitzen les avaluacions de seguretat esmentades anteriorment. En resum, l'objectiu final d'aquest projecte és posar a disposició una gran quantitat de recursos que poden ser emprats durant les auditories de seguretat, per ajudar a identificar millor els problemes de seguretat dels equips, i aconseguir així sistemes millor protegits.Cybersecurity is a field that is becoming more important over time, as the number of cyberattacks on all kinds of organizations is growing every year. Since the impact of those attacks increases in time (which translates into greater losses to big companies), it is essential to invest in security equipment, tools, people and/or services in order to be as protected as possible against all kinds of cyber threats. Two of the most common cybersecurity services are endpoint and network security evaluations, where professionals test a company's antimalware software against different techniques used in real-life attacks, like the ones classified as \textit{persistence}: procedures to re-execute a file or a command, or to reconnect with controlled servers, following reboots or process terminations. Persistence techniques are used regularly because they are crucial in most intrusions (when an attack has succeeded in accessing internal computers of an enterprise), since losing connection with the compromised machine can make the whole operation fail. This project collects information about different ways of deploying persistence in diverse operating systems (both Windows and Linux) and services (Active Directory), focusing on the most used in recent attacks. This information is already on the Internet, but it is scattered and sometimes written in overly technical language, making it difficult to understand. Additionally, an automation tool is developed to deploy persistence easily and faster on computers. This tool is composed of several scripts, depending on the base operating system, and could be very useful when performing the aforementioned security evaluations. In short, the final goal of this project is to make lots of resources available that can be used during security assessments, to help identify flaws and thus achieve better protected systems

Selecting a Deployment Automation Tool for CRM Software in Elisa Oy

Software passes through several phases during its production process which are typically designing, developing, testing and delivering. In the software development life cycle (SDLC), the ultimate aim is to deliver the software product to its intended users with the expected functionality. Deployment is a critical step which harnesses all the work done in the previous stages in the SDLC and makes the software available to the end user. Thus, failure in the final deployment stage will waste the effort expended in earlier phases. The responsibility for deployment usually belongs to operations teams and it is done manually or then partially automated, often using inefficient scripts. Manual deployment can be extremely difficult task, and it is easy to blunder with repetitive routines consisting of many steps such as setting up similar environments and installing software components in those environments. Some operations teams attempt to ease the manual work by writing scripts to automate the process, but ultimately this method can become complicated and burdensome. The deployment process delays can be avoided and redundant costs eliminated in the error prone manual deployment process by changing the work culture and automating said processes. There are several products on the market to help automate this process. Achieving fully automated provisioning is the ultimate goal to produce and update services rapidly within enterprise applications in large corporations. Full automation is accomplished when the environments are set up automatically, and software installation is automatic in those environments. The objective of this research is to introduce these automation tools to the Customer Relation Management (CRM) system at Elisa Oy and to develop a proposal for automating the deployment process as an alternative to its current manual process. CRM as a large system consists of numerous sub systems and software components. A deployment case with a selected tool will be demonstrated to show how the automation can be accomplished

The Making of Cloud Applications An Empirical Study on Software Development for the Cloud

Cloud computing is gaining more and more traction as a deployment and provisioning model for software. While a large body of research already covers how to optimally operate a cloud system, we still lack insights into how professional software engineers actually use clouds, and how the cloud impacts development practices. This paper reports on the first systematic study on how software developers build applications in the cloud. We conducted a mixed-method study, consisting of qualitative interviews of 25 professional developers and a quantitative survey with 294 responses. Our results show that adopting the cloud has a profound impact throughout the software development process, as well as on how developers utilize tools and data in their daily work. Among other things, we found that (1) developers need better means to anticipate runtime problems and rigorously define metrics for improved fault localization and (2) the cloud offers an abundance of operational data, however, developers still often rely on their experience and intuition rather than utilizing metrics. From our findings, we extracted a set of guidelines for cloud development and identified challenges for researchers and tool vendors

DevOps, Continuous Integration and Continuous Deployment Methods for Software Deployment Automation

In the fast-paced landscape of software development, the need for efficient, reliable, and rapid deployment processes has become paramount. Manual deployment processes often lead to inefficiencies, errors, and delays, impacting the overall agility and reliability of software delivery. DevOps, as a cultural and collaborative approach, plays a central role in orchestrating the synergy between development and operations teams, fostering a shared responsibility for the entire software delivery lifecycle. Continuous Integration is a fundamental DevOps practice that involves regularly integrating code changes into a shared repository, triggering automated builds and tests. Continuous Deployment complements Continuous Integration by automating the release and deployment of validated code changes into production environments. The purpose of this research is to create a software deployment automation system to make it easier and reliable for organizations to deploy software. In conclusion, the results of this research show that by adopting DevOps, Continuous Integration, and Continuous Deployment, organizations can achieve enhanced collaboration, shortened release cycles, increased deployment frequency, consistent deployment, and improved overall software quality

A management framework for automating network experiments and user behaviour emulation on large scale testbed facilities

Generic test environments such as Emu lab allow to perform large scale tests on different network topologies. While these facilities offer a tool to easily configure the topology, setting up realistic network scenarios afterwards is a manual and time consuming task involving the configuration of dozens of servers, including the installation of software suites and the emulation of subscriber behaviour. Also collecting the evaluation results afterwards can be complex and time consuming. This article discusses a management framework that allows both automating the configuration of networking experiments through a Graphical User Interface and automating the collection of measurements and visualisation of experimental results afterwards

Evaluating the Impact of Critical Factors in Agile Continuous Delivery Process: A System Dynamics Approach

Continuous Delivery is aimed at the frequent delivery of good quality software in a speedy, reliable and efficient fashion – with strong emphasis on automation and team collaboration. However, even with this new paradigm, repeatability of project outcome is still not guaranteed: project performance varies due to the various interacting and inter-related factors in the Continuous Delivery 'system'. This paper presents results from the investigation of various factors, in particular agile practices, on the quality of the developed software in the Continuous Delivery process. Results show that customer involvement and the cognitive ability of the QA have the most significant individual effects on the quality of software in continuous delivery

Agile information technology service management with DevOps: An incident management case study

This research aims to investigate how DevOps culture can be applied in the incident management process. The authors believe, based on experience as practitioners, that agile software development methodologies are fair enough to be used on Incident Management process, to quickly restore the business interruption. An application management team which solves incidents and applies DevOps practices was studied. Three data collection methods were used: interviews, document analysis and observation. This research provides novel findings supported by metrics and real experience implementing DevOps practices in incident management process. The novelty of the findings brings advantages for academics, and due to the exploratory nature of this research, it extends the body of knowledge. It also provides contributions for practitioners, by showing how these practices can be applied and the result of the implementation of these practices. Directions of future work are also presented.info:eu-repo/semantics/acceptedVersio