Results 1 - 10
of
89
Measuring the attack surfaces of two FTP daemons
- In ACM CCS Workshop on Quality of Protection
, 2006
"... Software consumers often need to choose between different software that provide the same functionality. Today, security is a quality that many consumers, especially system administrators, care about and will use in choosing one software system over another. An attack surface metric is a security met ..."
Abstract
-
Cited by 35 (3 self)
- Add to MetaCart
(Show Context)
Software consumers often need to choose between different software that provide the same functionality. Today, security is a quality that many consumers, especially system administrators, care about and will use in choosing one software system over another. An attack surface metric is a security metric for comparing the relative security of similar software systems [8]. The measure of a system’s attack surface is an indicator of the system’s security: given two systems, we compare their attack surface measurements to decide whether one is more secure than another along each of the following three dimensions: methods, channels, and data. In this paper, we use the attack surface metric to measure the attack surfaces of two open source FTP daemons: ProFTPD 1.2.10 and Wu-FTPD 2.6.2. Our measurements show that ProFTPD is more secure along the method dimension, ProFTPD is as secure as Wu-FTPD along the channel dimension, and Wu-FTPD is more secure along the data dimension. We also demonstrate how software consumers can use the attack surface metric in making a choice between the two FTP daemons.
An attack graph-based probabilistic security metric
- In Proceedings of the 22nd IFIP DBSec
, 2008
"... Abstract. To protect critical resources in today’s networked environments, it is desirable to quantify the likelihood of potential multi-step attacks that combine multiple vulnerabilities. This now becomes feasible due to a model of causal re-lationships between vulnerabilities, namely, attack graph ..."
Abstract
-
Cited by 33 (6 self)
- Add to MetaCart
(Show Context)
Abstract. To protect critical resources in today’s networked environments, it is desirable to quantify the likelihood of potential multi-step attacks that combine multiple vulnerabilities. This now becomes feasible due to a model of causal re-lationships between vulnerabilities, namely, attack graph. This paper proposes an attack graph-based probabilistic metric for network security and studies its effi-cient computation. We first define the basic metric and provide an intuitive and meaningful interpretation to the metric. We then study the definition in more com-plex attack graphs with cycles and extend the definition accordingly. We show that computing the metric directly from its definition is not efficient in many cases and propose heuristics to improve the efficiency of such computation. 1
Measuring network security using attack graphs
- In Proceedings of the 3rd ACM workshop on Quality of protection (QoP’07
, 2007
"... In measuring the overall security of a network, a crucial issue is to correctly compose the measure of individual components. Incorrect compositions may lead to misleading results. For example, a network with less vulnerabilities or a more diversified configuration is not necessarily more secure. To ..."
Abstract
-
Cited by 30 (6 self)
- Add to MetaCart
(Show Context)
In measuring the overall security of a network, a crucial issue is to correctly compose the measure of individual components. Incorrect compositions may lead to misleading results. For example, a network with less vulnerabilities or a more diversified configuration is not necessarily more secure. To obtain correct compositions of individual measures, we need to first understand the interplay between network components. For example, how vulnerabilities can be combined by attackers in advancing an intrusion. Such an understanding becomes possible with recent advances in modeling network security using attack graphs. Based on our experiences with attack graph analysis, we propose an integrated framework for measuring various aspects of network security. We first outline our principles and methodologies. We then describe concrete examples to build intuitions. Finally, we present our formal framework. It is our belief that metrics developed based on the proposed framework will lead to novel quantitative approaches to vulnerability analysis, network hardening, and attack response.
Traon. Automatically securing permission-based software by reducing the attack surface: An application to Android
- In IEEE/ACM International Conference on Automated Software Engineering (ASE
, 2012
"... A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), en-tails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a “permission gap”. Malware can leverage the unused permis-sion ..."
Abstract
-
Cited by 21 (5 self)
- Add to MetaCart
(Show Context)
A common security architecture, called the permission-based security model (used e.g. in Android and Blackberry), en-tails intrinsic risks. For instance, applications can be granted more permissions than they actually need, what we call a “permission gap”. Malware can leverage the unused permis-sions for achieving their malicious goals, for instance using code injection. In this paper, we present an approach to de-tecting permission gaps using static analysis. Our prototype implementation in the context of Android shows that the static analysis must take into account a significant amount of platform-specific knowledge. Using our tool on two datasets of Android applications, we found out that a non negligible part of applications suffers from permission gaps, i.e. does not use all the permissions they declare. 1.
A novel quantitative approach for measuring network security
- In Press, IEEE Infocom Miniconference
, 2008
"... Abstract—Evaluation of network security is an essential step in securing any network. This evaluation can help security professionals in making optimal decisions about how to design security countermeasures, to choose between alternative security architectures, and to systematically modify security ..."
Abstract
-
Cited by 17 (2 self)
- Add to MetaCart
(Show Context)
Abstract—Evaluation of network security is an essential step in securing any network. This evaluation can help security professionals in making optimal decisions about how to design security countermeasures, to choose between alternative security architectures, and to systematically modify security configurations in order to improve security. However, the security of a network depends on a number of dynamically changing factors such as emergence of new vulnerabilities and threats, policy structure and network traffic. Identifying, quantifying and validating these factors using security metrics is a major challenge in this area. In this paper, we propose a novel security metric framework that identifies and quantifies objectively the most significant security risk factors, which include existing vulnerabilities, historical trend of vulnerability of the remotely accessible services, prediction of potential vulnerabilities for any general network service and their estimated severity and finally policy resistance to attack propagation within the network. We then describe our rigorous validation experiments using reallife vulnerability data of the past 6 years from National Vulnerability Database (NVD) [10] to show the high accuracy and confidence of the proposed metrics. Some previous works have considered vulnerabilities using code analysis. However, as far as we know, this is the first work to study and analyze these metrics for network security evaluation using publicly available vulnerability information and security policy configuration. 1 I.
Ideal Based Cyber Security Technical Metrics for Control Systems
- CRITIS’07 2nd International Workshop on Critical Information Infrastructures Security
, 2007
"... This is a preprint of a paper intended for publication in a journal or proceedings. Since changes may be made before publication, this preprint should not be cited or reproduced without permission of the author. This document was prepared as an account of work sponsored by an agency of the United St ..."
Abstract
-
Cited by 12 (0 self)
- Add to MetaCart
(Show Context)
This is a preprint of a paper intended for publication in a journal or proceedings. Since changes may be made before publication, this preprint should not be cited or reproduced without permission of the author. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor any agency thereof, or any of their employees, makes any warranty, expressed or implied, or assumes any legal liability or responsibility for any third party’s use, or the results of such use, of any information, apparatus, product or process disclosed in this report, or represents that its use by such third party would not infringe privately owned rights. The views expressed in this paper are not necessarily those of the United States Government or the sponsoring agency.
Supporting Automated Vulnerability Analysis using Formalized Vulnerability Signatures
"... Adopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on applications ’ security. Hackers can easily exploit vuln ..."
Abstract
-
Cited by 6 (2 self)
- Add to MetaCart
(Show Context)
Adopting publicly accessible platforms such as cloud computing model to host IT systems has become a leading trend. Although this helps to minimize cost and increase availability and reachability of applications, it has serious implications on applications ’ security. Hackers can easily exploit vulnerabilities in such publically accessible services. In addition to, 75 % of the total reported application vulnerabilities are web application specific. Identifying such known vulnerabilities as well as newly discovered vulnerabilities is a key challenging security requirement. However, existing vulnerability analysis tools cover no more than 47 % of the known vulnerabilities. We introduce a new solution that supports automated vulnerability analysis using formalized vulnerability signatures. Instead of depending on formal methods to locate vulnerability instances where analyzers have to be developed to locate specific vulnerabilities, our approach incorporates a formal vulnerability signature described using OCL. Using this formal signature, we perform program analysis of the target system to locate signature matches (i.e. signs of possible vulnerabilities). A newly–discovered vulnerability can be easily identified in a target program provided that a formal signature for it exists. We have developed a prototype static vulnerability analysis tool based on our formalized vulnerability signatures specification approach. We have validated our approach in capturing signatures of the OWSAP Top10 vulnerabilities and applied these signatures in analyzing a set of seven benchmark applications.
k-zero day safety: Measuring the security risk of networks against unknown attacks
, 2010
"... Abstract. The security risk of a network against unknown zero day attacks has been considered as something unmeasurable since software flaws are less predictable than hardware faults and the process of finding such flaws and developing exploits seems to be chaotic. In this paper, we propose a novel ..."
Abstract
-
Cited by 5 (3 self)
- Add to MetaCart
(Show Context)
Abstract. The security risk of a network against unknown zero day attacks has been considered as something unmeasurable since software flaws are less predictable than hardware faults and the process of finding such flaws and developing exploits seems to be chaotic. In this paper, we propose a novel security metric, k-zero day safety, based on the number of unknown zero day vulnerabilities. That is, the metric simply counts how many unknown vulnerabilities would be required for compromising a network asset, regardless of what vulnerabilities those might be. We formally define the metric based on an abstract model of networks and attacks. We then devise algorithms for computing the metric. Finally, we show the metric can quantify many existing practices in hardening a network. 1