7,473 Hits in 7.6 sec

A Formal Approach to Exploiting Multi-stage Attacks Based on File-System Vulnerabilities of Web Applications [chapter]

Federico De Meo, Luca Viganò
2017 Lecture Notes in Computer Science  
In this paper, we first propose a classification of filesystem vulnerabilities, and then, based on this classification, we present a formal approach that allows one to exploit file-system vulnerabilities  ...  We also show how to combine file-system vulnerabilities and SQL-Injection vulnerabilities for the identification of complex, multi-stage attacks.  ...  Our approach is able to find multi-stage attacks to web applications that, to the best of our knowledge, no other tools can find, which involve the combined exploit of file-system and SQLi vulnerabilities  ... 
doi:10.1007/978-3-319-62105-0_13 fatcat:b7it64t7ovfmtkjq4zlydlaj4a

Event-Based Alert Correlation System to Detect SQLI Activities

Faeiz Alserhani, Monis Akhlaq, Irfan U. Awan, Andrea J. Cullen
2011 2011 IEEE International Conference on Advanced Information Networking and Applications  
The system has been evaluated to detect one of the most serious multi-stage attacks in cyber crime -SQLIA (SQL Injection Attack).  ...  However, most of the proposed systems are based on rule -based mechanisms which are tedious and error prone.  ...  Vulnerable web applications are exploited to execute arbitrary transactions on database server bypassing authentications.  ... 
doi:10.1109/aina.2011.102 dblp:conf/aina/AlserhaniAAC11 fatcat:cqzyrg3jtzdernhanam7xz2qwa

Patcher: An Online Service for Detecting, Viewing and Patching Web Application Vulnerabilities

Fang Yu, Yi-Yang Tung
2014 2014 47th Hawaii International Conference on System Sciences  
We present a new web service platform where system developers can detect, view and patch potential vulnerabilities of their web applications online.  ...  It is known that web applications are vulnerable due to software defects. Open to public users, vulnerable websites may encounter lots of malicious attacks from the Internet.  ...  Global accessibility of web applications makes this a very serious problem. Malicious users all around the world can exploit a vulnerable web application and cause serious damages.  ... 
doi:10.1109/hicss.2014.598 dblp:conf/hicss/YuT14 fatcat:oojoaeorovfsxk6wmf2g74friy

Opportunistic Diversity-Based Detection of Injection Attacks in Web Applications

Wenyu Qu, Wei Huo, Lingyu Wang
2018 EAI Endorsed Transactions on Security and Safety  
We then devise a multi-stage approach to examine features extracted from the database queries, their effect on the database, the query results, as well as the user-end results.  ...  At the same time, larger attack surfaces and developers' lack of security proficiency or awareness leave Web applications particularly vulnerable to security attacks.  ...  Acknowledgements Authors with Concordia University were partially supported by the Natural Sciences and Engineering Research Council of Canada under Discovery Grant N01035.  ... 
doi:10.4108/eai.11-12-2018.156032 fatcat:4rbyn3sgfnctboeft44ng5f7zu


Nirnay Ghosh, Ishan Chokshi, Mithun Sarkar, Soumya K. Ghosh, Anil Kumar Kaushik, Sajal K. Das
2015 Proceedings of the 2015 International Conference on Distributed Computing and Networking - ICDCN '15  
Such attacks are multi-stage ones, and correlate vulnerabilities on intermediate hosts to compromise an otherwise well-protected critical resource.  ...  Sophisticated cyber-attacks have become prominent with the growth of the Internet and web technology.  ...  Acknowledgment The work is partially supported by a research grant from the Department of Electronics and Information Technology  ... 
doi:10.1145/2684464.2684494 dblp:conf/icdcn/GhoshCSGKD15 fatcat:5cj5vxrz6bezne43mboq57h6hu


Yinzhi Cao, Xiang Pan, Yan Chen, Jianwei Zhuge
2014 Proceedings of the 30th Annual Computer Security Applications Conference on - ACSAC '14  
Drive-by download attacks, which exploit vulnerabilities of web browsers to control client computers, have become a major venue for attackers.  ...  However, anomaly-based approaches are vulnerable to data pollution, and existing vulnerability-based approaches cannot accurately describe the vulnerability condition of all the drive-by download attacks  ...  BrowserGuard [27] adopts similar behaviour based approach to detect downloaded files.  ... 
doi:10.1145/2664243.2664256 dblp:conf/acsac/CaoPCZ14 fatcat:gnwctoedrzavtpvyh62ocmvl3a

Attack Graph Generation and Analysis Techniques

Mridul Sankar Barik, Anirban Sengupta, Chandan Mazumdar
2016 Defence Science Journal  
Attack graph is a modeling tool used in the assessment of security of enterprise networks.  ...  This paper presents a consolidated view of major attack graph generation and analysis techniques.  ...  Host H1 is running a vulnerable version of Apache web server, which has vulnerability (CVE-2006-3747) that allows a remote attacker to exploit and gain user privilege on the Web Server.  ... 
doi:10.14429/dsj.66.10795 fatcat:qfklg22ienfkrflngqwyrdd6au

FloGuard: Cost-Aware Systemwide Intrusion Defense via Online Forensics and On-Demand IDS Deployment [chapter]

Saman Aliari Zonouz, Kaustubh R. Joshi, William H. Sanders
2011 Lecture Notes in Computer Science  
While intrusion detection techniques exist for many types of vulnerabilities, deploying them all to catch the small number of vulnerability exploitations that might actually exist for a given system is  ...  FloGuard relies on often easy-to-detect symptoms of attacks, e.g., participation in a botnet, and works backwards by iteratively deploying off-the-shelf detectors closer to the initial attack vector.  ...  The Generated AGT for Eggdrop Botnet Worm detector deployment to defend against multi-stage attacks affecting multiple parts of a system.  ... 
doi:10.1007/978-3-642-24270-0_25 fatcat:te2ogqdyazdnbgns6l2c2pnsba

Automated State Machines Applied in Client Honeypots

Yaser Alosefer, Omer Rana
2010 2010 5th International Conference on Future Information Technology  
One of the first approaches to detect malware is to compare an infected application against a clean copy of the same application or a formal specification to detect the malicious code [8] [9] .  ...  In our work, we need to model web-based attacks, in which a malicious web page attacks the end-user's system through a web browser in stages, and each stage causes a transition from one stage to another  ... 
doi:10.1109/futuretech.2010.5482695 fatcat:n6xgujmyeng6lmqgqwoou52cfy

An Automated Approach to Generate Web Applications Attack Scenarios

E. Alata, M. Kaaniche, V. Nicomette, R. Akrout
2013 2013 Sixth Latin-American Symposium on Dependable Computing  
Web applications have become one of the most popular targets of attacks during the last years.  ...  This paper presents an approach that is aimed at the vulnerability assessment of Web applications following a black-box approach.  ...  An attack graph is a formalism that enables to formally represent the combination of vulnerabilities that may be exploited by an intruder to break into a system.  ... 
doi:10.1109/ladc.2013.22 dblp:conf/ladc/AlataKNA13 fatcat:zlfjfshdwbhhhdiouy6uiipqz4

Markov Game Modeling of Moving Target Defense for Strategic Detection of Threats in Cloud Networks [article]

Ankur Chowdhary, Sailik Sengupta, Dijiang Huang, Subbarao Kambhampati
2019 arXiv   pre-print
Often, these techniques model the problem of multi-stage attacks by stealthy adversaries as a single-step attack detection game using graph connectivity measures as a heuristic to measure performance,  ...  In this work, we leverage knowledge in attack graphs of a cloud network in formulating a zero-sum Markov Game and use the Common Vulnerability Scoring System (CVSS) to come up with meaningful utility values  ...  to reason about known multi-stage attacks in large-scale systems.  ... 
arXiv:1812.09660v2 fatcat:5cstdinaxjcttmvh4rcpphar6i

Supporting automated vulnerability analysis using formalized vulnerability signatures

Mohamed Almorsy, John Grundy, Amani S. Ibrahim
2012 Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering - ASE 2012  
We have developed a prototype static vulnerability analysis tool based on our formalized vulnerability signatures specification approach.  ...  Hackers can easily exploit vulnerabilities in such publically accessible services. In addition to, 75% of the total reported application vulnerabilities are web application specific.  ...  ACKNOWLEDGEMENTS The authors are grateful to Swinburne University of Technology and the FRST SPPI project for support for this research.  ... 
doi:10.1145/2351676.2351691 dblp:conf/kbse/AlmorsyGI12 fatcat:stzi4hevergi3iffmptejzdgzq

Semantics-aware detection of targeted attacks: a survey

Robert Luh, Stefan Marschalek, Manfred Kaiser, Helge Janicke, Sebastian Schrittwieser
2016 Journal in Computer Virology and Hacking Techniques  
However, few of these solutions have a particular focus on Advanced Persistent Threats or similarly sophisticated multi-stage attacks.  ...  To overcome these obstacles, we present a structured review of semantics-aware works that have a high potential for contributing to the analysis or detection of targeted attacks.  ...  Pölten -University of Applied Sciences.  ... 
doi:10.1007/s11416-016-0273-3 fatcat:flhbpc4uwbandby2adxi62t64u

Using a virtual security testbed for digital forensic reconstruction

André Årnes, Paul Haas, Giovanni Vigna, Richard A. Kemmerer
2006 Journal in Computer Virology  
Two examples are given to demonstrate the approach; one overview example based on the Trojan defense and one detailed example of a multi-step attack.  ...  Based on a hypothesis of the security incident in question, ViSe is configured with the appropriate operating systems, services, and exploits.  ...  The "Centre for Quantifiable Quality of Service in Communication Systems, Centre of Excellence" is appointed by The Research Council of Norway, and funded by the Research Council, NTNU and UNINETT.  ... 
doi:10.1007/s11416-006-0033-x fatcat:j2iq2ggfdvhupaa4cywucejrcm

Automated Security Analysis of Dynamic Web Applications through Symbolic Code Execution

Giovanni Agosta, Alessandro Barenghi, Antonio Parata, Gerardo Pelosi
2012 2012 Ninth International Conference on Information Technology - New Generations  
The automatic identification of security vulnerabilities is a critical issue in the development of web-based applications.  ...  We present a methodology and tool for vulnerability identification based on symbolic code execution exploiting Static Taint Analysis to improve the efficiency of the analysis.  ...  The proposed approach exploits a formal description of the program control flow and data flow to spot inter-procedural vulnerability patterns which are ignored by pure expression matching approaches.  ... 
doi:10.1109/itng.2012.167 dblp:conf/itng/AgostaBPP12 fatcat:vvp6gc3ezrb4dii6ob4npr4exq
« Previous Showing results 1 — 15 out of 7,473 results