Global ETD Search

11	FUZZING DEEPER LOGIC WITH IMPEDING FUNCTION TRANSFORMATION Rowan Brock Hart (14205404) 02 December 2022 (has links) <p>Fuzzing, a technique for negative testing of programs using randomly mutated or gen?erated input data, is responsible for the discovery of thousands of bugs in software from web browsers to video players. Advances in fuzzing focus on various methods for enhancing the number of bugs found and reducing the time spent to find them by applying various static, dynamic, and symbolic binary analysis techniques. As a stochastic process, fuzzing is an inherently inefficient method for discovering bugs residing in deep logic of programs due to the compounding complexity of preconditions as paths in programs grow in length. We propose a novel system to overcome this limitation by abstracting away path-constraining preconditions from a statement level to a function level by identifying impeding functions, functions that inhibit control flow from proceeding. REFACE is an end-to-end system for enhancing the capabilities of an existing fuzzer by generating variant binaries that present an easier-to-fuzz interface and expands an ongoing fuzzing campaign with minimal offline overhead. REFACE operates entirely on binary programs, requiring no source code or sym?bols to run, and is fuzzer-agnostic. This enhancement represents a step forward in a new direction toward abstraction of code that has historically presented a significant barrier to fuzzing and aims to make incremental progress by way of several ancillary dataflow analysis techniques with potential wide applicability. We attain a significant improvement in speed of obtaining maximum coverage, re-discover one known bug, and discover one possible new bug in a binary program during evaluation against an un-modified state-of-the-art fuzzer with no augmentation.</p> Software and application security Fuzzing Symbolic Execution Taint Analysis Tracing Patching
12	Android Malware Detection through Permission and App Component Analysis using Machine Learning Algorithms Kulkarni, Keyur 21 December 2018 (has links) No description available. Computer Science
13	Security Properties of Virtual Remotes and Spooking their Violations Joshua David Oetting Majors (18390504) 18 April 2024 (has links) <p dir="ltr">As Smart TV devices become more prevalent in our lives, it becomes increasingly important to evaluate the security of these devices. In addition to a smart and connected ecosystem through apps, Smart TV devices expose a WiFi remote protocol, that provides a virtual remote capability and allows a WiFi enabled device (e.g. a Smartphone) to control the Smart TV. The WiFi remote protocol might pose certain security risks that are not present in traditional TVs. In this paper, we assess the security of WiFi remote protocols by first identifying the desired security properties so that we achieve the same level of security as in traditional TVs. Our analysis of four popular Smart TV platforms, Android TV, Amazon FireOS, Roku OS, and WebOS (for LG TVs), revealed that <i>all these platforms violate one or more of the identified security properties</i>. To demonstrate the impact of these flaws, we develop Spook, which uses one of the commonly violated properties of a secure WiFi remote protocol to pair an Android mobile as a software remote to an Android TV. Subsequently, we hijack the Android TV device through the device debugger, enabling complete remote control of the device. All our findings have been communicated to the corresponding vendors. Google <i>acknowledged our findings</i> as a security vulnerability, assigned it a CVE, and released patches to the Android TV OS to partially mitigate the attack. We argue that these patches provide a stopgap solution without ensuring that WiFi remote protocol has all the desired security properties. We design and implement a WiFi remote protocol in the Android ecosystem using ARM TrustZone. Our evaluation shows that the proposed defense satisfies all the security properties and ensures that we have the flexibility of virtual remote without compromising security.</p> Software and application security security analysis shows smart tv
14	Detection of Vulnerability Scanning Attacks using Machine Learning : Application Layer Intrusion Detection and Prevention by Combining Machine Learning and AppSensor Concepts / Detektering av sårbarhetsscanning med maskininlärning : Detektering och förhindrande av attacker i applikationslagret genom kombinationen av maskininlärning och AppSensor koncept Shahrivar, Pojan January 2022 (has links) It is well-established that machine learning techniques have been used with great success in other domains and has been leveraged to deal with sources of evolving abuse, such as spam. This study aims to determine whether machine learning techniques can be used to create a model that detects vulnerability scanning attacks using proprietary real-world data collected from tCell, a web application firewall. In this context, a vulnerability scanning attack is defined as an automated process that detects and classifies security weaknesses and flaws in the web application. To test the hypothesis that machine learning techniques can be used to create a detection model, twenty four models were trained. The models showed a high level of precision and recall, ranging from 91% to 0.96% and 85% to 0.93%, respectively. Although the classification performance was strong, the models were not calibrated sufficiently which resulted in an underconfidence in the predictions. The results can therefore been viewed as a performance baseline. Nevertheless, the results demonstrate an advancement over the simplistic threshold-based techniques developed in the early days of the internet, but require further research and development to tune and calibrate the models. / Det är väletablerat att tekniker för maskininlärning har använts med stor framgång inom andra domäner och har utnyttjats för att hantera källor till växande missbruk, såsom spam. Denna studie syftar till att avgöra om maskininlärningstekniker kan tillämpas för att skapa en modell som upptäcker sårbarhets-skanningsattacker med hjälp av proprietär data som samlats in från tCell, en webbapplikationsbrandvägg. I detta sammanhang definieras en sårbarhetsskanningsattack som en automatiserad process som upptäcker och klassificerar säkerhetsbrister och brister i webb-applikationen. För att testa hypotesen att maskininlärningstekniker kan användas för att skapa en detektionsmodell, tränades tjugofyra modeller. Modellerna visade en hög nivå av precision och sensitivitet, från 91% till 0,96% och 85% till 0,93%, respektive. Även om klassificeringsprestandan var god, var modellerna inte tillräckligt kalibrerade, vilket resulterade i ett svagt förtoende för förutsägelserna. De presenterade resultaten kan därför ses som en prestationsbaslinje. Resultaten visar ett framsteg över de förenklade tröskelbaserade teknikerna som utvecklades i begynnelsen av internet, men kräver ytterligare forskning och utveckling för att kalibrera modellerna. Vulnerability Scanning Random Forest Web application security Next-Gen Web application Firewall Machine learning Dynamic application security testing Intrusion detection & prevention Computer and Information Sciences Data- och informationsvetenskap
15	Creating Application Security Layer Based On Resource Access Decision Service Metin, Mehmet Ozer 01 September 2003 (has links) (PDF) Different solutions have been used for each security aspects (access control, application security) to secure enterprise web applications. However combining &quot / enterprise-level&quot / and &quot / application-level&quot / security aspects in one layer could give great benefits such as reusability, manageability, and scalability. In this thesis, adding a new layer to n-tier web application architectures to provide a common evaluation and enforcement environment for both enterprise-level and application level policies to bring together access controlling with application-level security. Removing discrimination between enterprise-level and application-level security policies improves manageability, reusability and scalability of whole system. Resource Access Decision (RAD) specification has been implemented and used as authentication mechanism for this layer. RAD service not only provides encapsulating domain specific factors to give access decisions but also can form a solid base to apply positive and negative security model to secure enterprise web applications. Proposed solution has been used in a real life system and test results have been presented.
16	Moving Target Defense for Web Applications January 2018 (has links) abstract: Web applications continue to remain as the most popular method of interaction for businesses over the Internet. With it's simplicity of use and management, they often function as the "front door" for many companies. As such, they are a critical component of the security ecosystem as vulnerabilities present in these systems could potentially allow malicious users access to sensitive business and personal data. The inherent nature of web applications enables anyone to access them anytime and anywhere, this includes any malicious actors looking to exploit vulnerabilities present in the web application. In addition, the static configurations of these web applications enables attackers the opportunity to perform reconnaissance at their leisure, increasing their success rate by allowing them time to discover information on the system. On the other hand, defenders are often at a disadvantage as they do not have the same temporal opportunity that attackers possess in order to perform counter-reconnaissance. Lastly, the unchanging nature of web applications results in undiscovered vulnerabilities to remain open for exploitation, requiring developers to adopt a reactive approach that is often delayed or to anticipate and prepare for all possible attacks which is often cost-prohibitive. Moving Target Defense (MTD) seeks to remove the attackers' advantage by reducing the information asymmetry between the attacker and defender. This research explores the concept of MTD and the various methods of applying MTD to secure Web Applications. In particular, MTD concepts are applied to web applications by implementing an automated application diversifier that aims to mitigate specific classes of web application vulnerabilities and exploits. Evaluation is done using two open source web applications to determine the effectiveness of the MTD implementation. Though developed for the chosen applications, the automation process can be customized to fit a variety of applications. / Dissertation/Thesis / Masters Thesis Computer Science 2018 Computer science Automated Source Code Randomization Computer Science Dynamic Configurations Moving Target Defense Web Application Security
17	Evaluation of Multi Criteria Decision Making Methods for Potential Use in Application Security Gade, Praveen Kumar, Osuri, Manjit January 2014 (has links) With an upsurge in number of available smart phones, tablet PCs etc. most users find it easy to access Internet services using mobile applications. It has been a challenging task for mobile application developers to choose suitable security types (types of authentication, authorization, security protocols, cryptographic algorithms etc.) for mobile applications. Choosing an inappropriate security type for a mobile application may lead to performance degradation and vulnerable issues in applications. The choice of the security type can be done by decision making. Decision making is a challenging task for humans. When choosing a single alternative among a set of alternatives with multiple criteria, it is hard to know which one is the better decision. Mobile application developers need to incorporate Multi-Criteria Decision Making (MCDM) Models to choose a suitable security type for mobile application. A decision model for application security enhances decision making for mobile application developers to decide and set the required security types for the application. In this thesis, we discuss different types of MCDM models that have been applied in an IT security area and scope of applying MCDM models in application security area. Literature review and evaluation of the selected decision models gives a detailed overview on how to use them to provide application security. / The first chapter introduces the thesis work. The second chapter presents the background of decision making models, their process, and the classification of decision making models. The third chapter presents the research methodology we have used in different phases which aims to answer the research questions. The fourth chapter gives a detailed literature study of how decision models can be used in application security. The fifth chapter evaluates selected decision models. The sixth chapter concludes the thesis and presents future work. Multi-Criteria Decision Making Mobile Application Security Mathematical Analysis Matematisk analys Telecommunications Telekommunikation Software Engineering Programvaruteknik
18	Android Environment Security Andersson, Gustaf, Andersson, Fredrik January 2012 (has links) In modern times mobile devices are a increasing technology and malicious users are increasing as well. On a mobile device it often exist valuable private information that a malicious user is interested in and it often has lower security features implemented compared to computers. It is therefore important to be aware of the security risks that exist when using a mobile device in order to stay protected.In this thesis information about what security risks and attacks that are possible to execute towards a mobile device running Android will be presented. Possible attack scenarios are attacking the device itself, the communication between the device and a server and finally the server. Android mobile device penetration testing exploit OWASP application security root Computer Sciences Datavetenskap (datalogi)
19	Rules Based Analysis Engine for Application Layer IDS Scrobonia, David 01 May 2017 (has links) Web application attack volume, complexity, and costs have risen as people, companies, and entire industries move online. Solutions implemented to defend web applications against malicious activity have traditionally been implemented at the network or host layer. While this is helpful for detecting some attacks, it does not provide the gran- ularity to see malicious behavior occurring at the application layer. The AppSensor project, an application level intrusion detection system (IDS), is an example of a tool that operates in this layer. AppSensor monitors users within the application by observing activity in suspicious areas not able to be seen by traditional network layer tools. This thesis aims to improve the state of web application security by supporting the development of the AppSensor project. Specifically, this thesis entails contributing a rules-based analysis engine to provide a new method for determining whether suspicious activity constitutes an attack. The rules-based method aggregates information from multiple sources into a logical rule to identify malicious activity, as opposed to relying on a single source of information. The rules-based analysis engine is designed to offer more flexible configuration for administrators and more accurate results than the incumbent analysis engine. Tests indicate that the new engine should not hamper the performance of AppSensor and use cases highlight how rules can be leveraged for more accurate results. web application security security intrustion detection system appsensor rule engine owasp Digital Communications and Networking
20	Detecting changes in web applications Lunyov, Phillip January 2020 (has links) As the availability and popularity of the Internet continues to grow, the trend ofproviding global access to business resources and services online is an efficient andprofitable way for organizations to acquire a new share of the market. Due to the flexibilityand scalability of modern web technologies, web-based applications processand store personal or critical information in enormous amounts. Hence, the overallapplication’s functionality and secure data processing are the main key factors ofeach web application. For ensuring those key factors, the web page code must be regularlymonitored to retain the overall quality of the code. This project is devoted tochange identification and classification in modern web-based applications, based onthe comparison of two versions of web page code, acquired in different time periods.The foundation of the development is described as a detection algorithm in one of theacademic papers. The algorithm was supplemented by a more extensive classificationof changes that was originally proposed by the author. The result of the researchis a semi-automatic tool, developed in Python. The tool compares two versions ofthe web page code to find changes and classify those changes. The result of the tool’sexecution is a report file that contains statistics of the overall algorithm’s executionand type-clustered information about the detected changes between two versions ofthe web page code. The analysis of results showed that the implemented diff-toolprovides reliable results and allocates all types of possible changes in the web pagecodes, which are acknowledged by statistical analysis. The comparative analysis ofthe results of the developed diff-tool with the results of other similar technical solutionsrevealed serious shortcomings of other solutions, due to their data processingimplementation, classification of the changes and resulting report file. web application security analysis change identification and classification diff-algorithms Computer Sciences Datavetenskap (datalogi) Software Engineering Programvaruteknik

Search results