The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
SOA have been deployed as a mean to offer a better flexibility, to increase efficiency through reuse of services and also to improve interoperability by providing new opportunities to connect heterogeneous platforms. However, those benefits make security more difficult to control. Fortunately, new standards are proposed to treat this issue, but their current use makes the architecture much more complex...
This paper proposes an approach to locate the patched vulnerability by analyzing the differences between two versions of an executable file. The approach comprises two parts: finding the differences and auditing the differences. To find the differences, a heuristically method is presented to compute an isomorphism between two callgraphs, based on the definitions of similarity between functions, and...
Validating function pointers dynamically is very useful for intrusion detection since many runtime attacks exploit function pointer vulnerabilities. Most current solutions tackle this problem through checking whether function pointers target the addresses within the code segment or, more strictly, valid function entries. However, they cannot detect function entry attacks that manipulate function pointers...
We study randomized fingerprinting codes that achieve the fundamental capacity limits subject to the so-called Boneh-Shaw marking assumption. Two decoding schemes are studied in particular: the joint decoder is capacity-achieving but computationally intense, while the simple decoder is suboptimal but efficient. We provide tight bounds as well as numerical results for capacities and study the difference...
This paper presents a field study on Web security vulnerabilities from the programming language type system perspective. Security patches reported for a set of 11 widely used Web applications written in strongly typed languages (Java, C#, VB.NET) were analyzed in order to understand the fault types that are responsible for the vulnerabilities observed (SQL injection and XSS). The results are analyzed...
Model based intrusion detection mechanisms have produced encouraging results for reduced false alarms. This paper extends our earlier work, where we reported for sandboxing Linux 2.6 using code generated from policies. Here we pursue the problem of code generation from a set of policies extracted from a domain model. Such a technique can support the safeguarding of system resources. We also present...
In Internet-based e-commerce, the transaction entities' trust levels provided by e-commerce platform can be viewed as a key indicator for users selecting transaction partners. The trust of transaction entities objectively and comprehensively represents the integrated influence of various trust attributes. Aiming at uncertainty and ambiguity of trust in e-commerce, the concept of membership degree...
Network security requirements have recently gained widespread attention in the requirements engineering community. Despite this, it is not yet clear how to systematically validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity...
Security requirements analysis is gaining growing attention as new vulnerabilities and threats are emerging on daily basis, the systematic evaluation of security requirements is of utmost importance among the various decisions to be made related to security. This short contribution proposes using a 3-dimensional vector for quantitative evaluation of security requirements, which takes into account...
Interdependencies between different security patterns can influence the properties of a particular pattern when applied in conjunction with other patterns. The resulting properties will often be weaker due to the possibility of new attacks. In this paper we introduce a mechanism that leads towards a generic process for pattern integration. As an example, we use the interesting case in which the proper...
The paper analyzes plug-in technology ways to be used in vulnerability scanners at home and abroad. So far plug-in development in the vulnerability scanners has not arrived the unified standard. If the public standard is designed for plug-in in vulnerability scanners, it will add flexibility of write plug-in (not confined to special language). Plug-in is designed by system development staff. The terminal...
Trust management plays an important role in improving the cooperation of agents in multi-agent system. This paper proposes a trust evaluation method based on rough sets theory. The method divides attributes into necessary or unnecessary, calculates attribute weight, and then evaluates trust values by using a decision-making method of multi-attributes. Finally, an example shows that it is efficient...
Web sites that incorporate untrusted content may use browser- or language-based methods to keep such content from maliciously altering pages, stealing sensitive information, or causing other harm. We study language-based methods for filtering and rewriting JavaScript code, using Yahoo! ADSafe and Facebook FBJS as motivating examples. We explain the core problems by describing previously unknown vulnerabilities...
Data (or information) provenance has many important applications. However, prior work on data provenance management almost exclusively focused on the collection, representation, query, and storage of provenance data. In contrast, the security aspect of provenance management has not been understood nor adequately addressed. A natural question then is: What would a secure provenance management system...
Network administrators are able to correlate log file entries manually. Large volume and low quality of log files justify the need for further log processing. The manual log processing is lack of flexibility. It is time consuming, and one doesn't get the general view of the log files in the network. Without this general view it is hard to correlate information between the network components. Events...
Insider threats and attacks are a known problem. Within an enterprise it is very difficult to detect and identify insider attacks and abuse against information systems. A study was conducted by observing a group of IS security analysts who detect and identify insider attacks. Commonalities and generalizations were made based on the study to create an insider attack detection model. This model will...
A transaction is assigned with a purpose which is a collection of roles. Suppose a transaction T1 with a purpose R1 writes an object o2 after reading an object o1 and then another transaction T2 with R2 reads o2 and writes an object o3. Unless T2 is granted a read right of o1, illegal information flow occur from o1 to o2. In the purpose-marking(PM) protocol, T1 marks o2 with the purpose R1. T2 cannot...
In this paper we compare three static code analysis tools. The tools represent three different approaches in the field of static analysis: fortify SCA is a non-annotation based heuristic analyzer, Splint represents an annotation based heuristic analyzer, and Frama-C an annotation based correct analyzer. The tools are compared by analysing their performance when checking a demonstration code with intentionally...
Monitoring the preservation of security and dependability (S&D) properties during the operation of systems at runtime is an important verification measure that can increase system resilience. However it does not always provide sufficient scope for taking control actions against violations as it only detects problems after they occur. In this paper, we describe a proactive monitoring approach that...
Threat analysis gives how potential adversaries exploit system weakness to achieve their goals. It identifies threats and defines a risk mitigation policy for a specific architecture, functionality and configuration. In a threat analysis security metrics are a challenging requirement in order to determine the status of network security performance and to further enhance it by minimizing exposure to...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.