1,721,012 research outputs found
Methods for Model-Based and Vulnerability-driven Security Testing
No full textQuando si tratta di security testing, le capacità e l'esperienza maturate dal tester durante la sua attività sono i
fattori chiave che determinano l'accuratezza e l'efficacia del procedimento di testing. Il Model-Based Testing (MBT)
è un campo di ricerca che si è sviluppato negli ultimi anni ed è stato recentemente applicato anche per testare la
sicurezza dei servizi web. Il MBT si basa sull'utilizzo di un modello formale del System Under Test (SUT) e di tecniche
di model-checking per generare test case astratti.
L'obiettivo di questa tesi è la definizione ed implementazione di tecniche formali per testare la sicurezza di applicazioni
web e di protocolli di comunicazione. Per fare questo, ho sviluppato e applicato tecniche di Mutation-testing, assumendo la
presenza di un modello formale del SUT, in grado di generare test case astratti che, dopo una fase di concretizzazione, possono
essere eseguiti sull'implementazione del SUT.
Oltre a queste tecniche, ho anche ideato e sviluppato un approccio di MBT basato sul concetto di Chained Attacks,
una sequenza di exploit che permettono ad un attaccante di compromettere la sicurezza delle applicazioni web.
Questo approccio MBT permette inoltre di generare in maniera semi-automatica un modello formale del SUT,
processo che spesso rende impraticabile l'impiego di tecniche di MBT in campo industriale.When it comes to security testing, the skills and experience the tester has acquired during his activity are the key factors that will determine the accuracy and efficiency of the testing process. Model-Based Testing (MBT) is a research field that has been growing and developing for years and it has been lately applied also to test the security of web services. MBT consists in exploiting a formal model of the System Under Test (SUT) and model-checking tools to cast the test generation problem as a model-checking problem. This reduction allows for the generation of a set of Abstract Test Cases (ATC).
The objective of my Ph.D. thesis is the definition and implementation of formal techniques to test the security of web applications and communication protocols. To achieve this goal I have developed and applied Mutation Testing techniques, assuming the presence of a secure model of the SUT, to generate ATC that, after a concretization step, can be executed on the SUT's implementation. I have also designed and developed a MBT approach based on the idea of Chained Attacks, a sequence of exploits allowing an intruder to attack the security of a web application, and the formalization of the web attacker. This MBT approach also provide means for the semi-automatic generation of a SUT's model that is usually a task preventing the application of MBT techniques in the industrial field
An automated approach for testing the security of web applications against chained attacks
No full textWe present the Chained Attacks approach, an automated model-based approach to test the security of web applications that does not require a background in formal methods. Starting from a set of HTTP conversations and a configuration file providing the testing surface and purpose, a model of the System Under Test (SUT) is generated and input, along with the web attacker model we defined, to a model checker acting as test oracle. The HTTP conversations, payload libraries, and a mapping created while generating the model aid the concretization of the test cases, allowing for their execution on the SUT's implementation. We applied our approach to a real-life case study and we were able to find a combination of different attacks representing the concrete chained attack performed by a bug bounty hunter
Workflow and Access Control Reloaded: a Declarative Specification Framework for the Automated Analysis of Web Services
No full textWeb services supporting business and administrative transactions between several parties over the Internet are more and more widespread. Their development involves several security issues ranging from authentication to the management of the access to shared resources according to given business and legal models. The capability of validating designs against fast evolving requirements is of paramount importance for the adaptation of business and administrative models to changing regulations and rapidly evolving market needs. We present formal specification and analysis techniques that allow us to validate the designs of security-sensitive web services specified in the Business Process Execution Language and extensions of the Role-Based Access Control model. We also present a prototype tool, called WSSMT, mechanizing our approach and describe our experience in using it on two industrial case studies, on in the e-business and one in the e-government area
Evaluation of ASLan Mutation Operators
No full textThe AVANTSSAR validation platform is an automated toolset for validating trust and security aspects of Service-Oriented Architectures (SOAs). Models and security properties are specified in lowlevel AVANTSSAR Specification Language (ASLan) and there are three dedicated model-checkers that can validate if such models satisfy the security properties. However, the implementation may deviate from the specification and may contain some vulnerabilities that an attacker could exploit to violate the defined security properties. We have designed a set of semantic mutation operators to inject such vulnerabilities in an ASLan specification. Here we present the implementation of those mutation operators as Extensible Stylesheet Language Transformation (XSLT) scripts. Then, we evaluate the interest of using semantic mutation operators instead of syntactic ones by comparing the number of mutants that lead to the generation of a test case (i.e., a potential attack) and the resulting test suite for a set of existing ASLan specifications
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Appropriate Similarity Measures for Author Cocitation Analysis
Full text linkWe provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
Dispelling the Myths Behind First-author Citation Counts
Full text linkWe conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued
use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation
counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more
sophisticated methods
- …
