Visible to the public Vulnerability Detection (2014 Year in Review), Part 4

SoS Newsletter- Advanced Book Block


SoS Logo

Vulnerability Detection
(2014 Year in Review)
Part 4


Vulnerability detection is a topic for which a great deal of research is being done.  In 2014, more than one hundred major research presentations relevant to the Science of Security were made and published.  To facilitate finding articles, we will present these in four parts. In Part 4, we will cite the next 25.


Bhunia, S.; Hsiao, M.S.; Banga, M.; Narasimhan, S., "Hardware Trojan Attacks: Threat Analysis and Countermeasures," Proceedings of the IEEE, vol. 102, no.8, pp.1229, 1247, Aug. 2014. doi: 10.1109/JPROC.2014.2334493 Security of a computer system has been traditionally related to the security of the software or the information being processed. The underlying hardware used for information processing has been considered trusted. The emergence of hardware Trojan attacks violates this root of trust. These attacks, in the form of malicious modifications of electronic hardware at different stages of its life cycle, pose major security concerns in the electronics industry. An adversary can mount such an attack with an objective to cause operational failure or to leak secret information from inside a chip-e.g., the key in a cryptographic chip, during field operation. Global economic trend that encourages increased reliance on untrusted entities in the hardware design and fabrication process is rapidly enhancing the vulnerability to such attacks. In this paper, we analyze the threat of hardware Trojan attacks; present attack models, types, and scenarios; discuss different forms of protection approaches, both proactive and reactive; and describe emerging attack modes, defenses, and future research pathways.
Keywords: electronics industry; invasive software; computer system security; electronic hardware malicious modifications; electronics industry; global economic trend; hardware Trojan attack; information processing; proactive protection approach; reactive protection approach; threat analysis; Circuit faults; Computer security; Fabrication; Hardware ;Integrated circuit modeling; Integrated circuits; Trojan horses; Hardware intellectual property (IP) trust; Trojan detection; Trojan taxonomy; Trojan tolerance; hardware Trojan attacks; hardware obfuscation; self-referencing; side-channel analysis (ID#: 15-4162)


Zheng Wang; Paul, G.; Chattopadhyay, A., "Processor Design with Asymmetric Reliability," VLSI (ISVLSI), 2014 IEEE Computer Society Annual Symposium on, pp.565, 570, 9-11 July 2014. doi: 10.1109/ISVLSI.2014.63 Continuous shrinking of device size has introduced reliability as a new design challenge for embedded processors. Error mitigation techniques trade off reliability for other design metrics such as performance and power consumption. State-of-the-art fault-tolerant designs involve cross-layer error management, which lead to an over-protected system. To address the overhead issue, asymmetric reliability utilizes unequal protection levels for different system components based on various criticality requirements. In this paper, We propose a versatile asymmetric error detection/correction framework based on instruction-level vulnerability analysis. Inspired from information-theoretic view of processor as a noisy network, asymmetric error correction coding schemes are designed and exploited to efficiently trade off reliability for other performance constraints. Multiple novel asymmetric fault-tolerant design techniques are proposed, which are evaluated through a range of experiments.
Keywords: error detection codes; fault tolerance; integrated circuit reliability; asymmetric error correction coding schemes; asymmetric fault-tolerant design techniques; asymmetric reliability; instruction-level vulnerability analysis; noisy network; processor design; versatile asymmetric error detection/correction framework; Decoding; Encoding; Error correction codes; Reliability engineering; Runtime; VLIW; Asymmetric Reliability; High-level Processor Design; Reliability Exploration (ID#: 15-4163)


Rahbari, H.; Krunz, M.; Lazos, L., "Security Vulnerability And Countermeasures Of Frequency Offset Correction In 802.11a Systems," INFOCOM, 2014 Proceedings IEEE, pp.1015,1023, April 27 2014-May 2 2014.  doi: 10.1109/INFOCOM.2014.6848031 Frequency offset (FO) is an inherent feature of wireless communications. It results from differences in the operating frequency of different radio oscillators. Failure to compensate for the FO may lead to a decoding failure, particularly in OFDM systems. IEEE 802.11a/g systems use a globally known preamble to deal with this issue. In this paper, we demonstrate how an adversary can exploit the structure and publicity of 802.11a's frame preamble to launch a low-power reactive jamming attack against the FO estimation mechanism. In this attack, the adversary will need to quickly detect a PHY frame and subsequently distort the FO estimation mechanism, irrespective of the channel conditions. By employing a fast frame detection technique, and optimizing the energy and structure of the jamming signal, we show the feasibility of such an attack. Furthermore, we propose some mitigation techniques and evaluate one of them through simulations and USRP testbed experimentation.
Keywords: OFDM modulation; jamming; radiofrequency oscillators; software radio; telecommunication security; telecommunication standards; wireless LAN; wireless channels; FO correction; FO estimation mechanism; IEEE 802.11a/g systems; OFDM systems; PHY frame; USRP testbed experimentation; channel conditions; countermeasures; decoding failure; fast frame detection technique; frequency offset correction; jamming signal; low-power reactive jamming attack; radio oscillators; security vulnerability; wireless communications; Channel estimation; Estimation; Jamming; Noise; OFDM; Receivers; Timing (ID#: 15-4164)


Mahajan, R.; Singh, M.; Miglani, S., "ADS: Protecting NTFS from Hacking," Recent Advances and Innovations in Engineering (ICRAIE), 2014, pp.1, 4, 9-11 May 2014. doi: 10.1109/ICRAIE.2014.6909325 Alternate Data Streams is one of the possible ways to hide data in NTFS file system in Windows. It was introduced to make Windows NTFS compatible with HFS file system of Macintosh. This paper explains what exactly alternate data streams are, their requirement and their functionality. It also explains whether alternate data streams is a feature or a vulnerability of NTFS file system. It explains how hacker can utilize this functionality of NTFS to hide malicious codes in victim's machine so as to compromise it. All possible ways of hiding data and techniques for detecting and removing ADS are also explained. It mainly focuses on criminals who use various data hiding techniques in order to hide their data from the forensic analysts. Finally its main focus is on explaining an ADS Tool that is a graphical tool which enables user to create, start, detect and delete ADS.  
Keywords: computer crime; data encapsulation; digital forensics ;storage management; ADS tool; HFS file system; Macintosh; NTFS file system; Windows NTFS; alternate data streams; data hiding techniques; forensic analyst; graphical tool; hacking; malicious codes; File systems; Streaming media; Alternate Data Streams; HFS; NTFS; creation; deletion; detection (ID#: 15-4165)


Bartolini, N.; Bongiovanni, G.; La Porta, T.F.; Silvestri, S., "On the Vulnerabilities of the Virtual Force Approach to Mobile Sensor Deployment," Mobile Computing, IEEE Transactions on, vol. 13, no. 11, pp.2592, 2605, Nov. 2014. doi: 10.1109/TMC.2014.2308209 The virtual force approach is at the basis of many solutions proposed for deploying mobile sensors. In this paper we study the vulnerabilities of this approach. We show that by compromising a few mobile sensors, an attacker can influence the movement of other sensors and prevent the achievement of the network coverage goals. We introduce an attack, called opportunistic movement, and give an analytical study of its efficacy. We show that in a typical scenario this attack can reduce coverage by more than 50 percent, by only compromising a 7 percent of the nodes. We propose two algorithms to counteract the above mentioned attack, DRM and SecureVF. DRM is a light-weight algorithm which randomly repositions sensors from overcrowded areas. SecureVF requires a more complex coordination among sensors but, unlike DRM, it enables detection and identification of malicious sensors. We investigate the performance of DRM and SecureVF through simulations. We show that DRM can significantly reduce the effects of the attack, at the expense of an increase in the energy consumption due to additional movements. By contrast, SecureVF completely neutralizes the attack and allows the achievement of the coverage goals of the network even in the presence of localization inaccuracies.
Keywords: mobile radio; telecommunication security; wireless sensor networks; DRM; SecureVF; energy consumption; light-weight algorithm; mobile sensor deployment; network coverage goal; opportunistic movement; virtual force approach; Analytical models; Bills of materials; Force; Mobile communication; Mobile computing; Radio frequency; Security; Mobile sensors; self-deployment; virtual force approach (ID#: 15-4166)


Ghosh, S.; Basak, A.; Bhunia, S., "How Secure Are Printed Circuit Boards Against Trojan Attacks?" Design & Test, IEEE, vol.32, no.2, pp.7,16, April 2015 doi: 10.1109/MDAT.2014.2347918 Malicious modification of a design in a foundry or design house, referred to as hardware Trojan attacks, are intended to act as a spy or terrorist-on-chip. While these attacks have emerged as major security concerns for Integrated Circuits (ICs), in this paper, we demonstrate similar vulnerabilities at higher level, in particular for Printed Circuit Boards (PCBs). We note that increasing complexity of modern PCBs and growing reliance on third party entities make Trojan attacks in PCBs highly feasible. We introduce possible attack models and demonstrate instances for hardware Trojan insertion in fabricated PCBs that can either cause malfunction or leak secret information. Our investigation reveals that traditional PCB test methodologies can often be ineffective in detecting these Trojans. We also explore possible protection approaches against such attacks including a Reverse Engineering-based detection approach and a low-overhead preventive design solution.
Keywords: Fabrication; Hardware; Integrated circuits; Pins; Resistance; Testing; Trojan horses (ID#: 15-4167)


Vuković, O.; Dán, G., "Security of Fully Distributed Power System State Estimation: Detection and Mitigation of Data Integrity Attacks," Selected Areas in Communications, IEEE Journal on, vol. 32, no.7, pp.1500,1508, July 2014. doi: 10.1109/JSAC.2014.2332106 State estimation (SE) plays an essential role in the monitoring and supervision of power systems. In today's power systems, SE is typically done in a centralized or in a hierarchical way, but as power systems will be increasingly interconnected in the future smart grid, distributed SE will become an important alternative to centralized and hierarchical solutions. As the future smart grid may rely on distributed SE, it is essential to understand the potential vulnerabilities that distributed SE may have. In this paper, we show that an attacker that compromises the communication infrastructure of a single control center in an interconnected power system can successfully perform a denial-of-service attack against state-of-the-art distributed SE, and consequently, it can blind the system operators of every region. As a solution to mitigate such a denial-of-service attack, we propose a fully distributed algorithm for attack detection. Furthermore, we propose a fully distributed algorithm that identifies the most likely attack location based on the individual regions' beliefs about the attack location, isolates the identified region, and then reruns the distributed SE. We validate the proposed algorithms on the IEEE 118 bus benchmark power system.
Keywords: {computer network security; data integrity; distributed algorithms; power system interconnection; power system security; power system state estimation; IEEE 118 bus benchmark power system; attack detection; attack location; communication infrastructure; control center; data integrity attacks; denial-of-service attack; distributed SE; fully distributed algorithm; fully distributed power system state estimation; future smart grid; interconnected power system; Convergence; Power measurement; Power system stability; Security; State estimation; Vectors; Distributed power system state estimation; data integrity attacks; detection; false data injection; mitigation; security (ID#: 15-4168)


Raghavendra, R.; Busch, C., "Robust 2D/3D Face Mask Presentation Attack Detection Scheme By Exploring Multiple Features And Comparison Score Level Fusion," Information Fusion (FUSION), 2014 17th International Conference on, pp.1, 7, 7-10 July 2014. The face mask presentation attack introduces a greater threat to the face recognition system. With the evolving technology in generating both 2D and 3D masks in a more sophisticated, realistic and cost effective manner encloses the face recognition system to more challenging vulnerabilities. In this paper, we present a novel Presentation Attack Detection (PAD) scheme that explores both global (i.e. face) and local (i.e. periocular or eye) region to accurately identify the presence of both 2D and 3D face masks. The proposed PAD algorithm is based on both Binarized Statistical Image Features (BSIF) and Local Binary Patterns (LBP) that can capture a prominent micro-texture features. The linear Support Vector Machine (SVM) is then trained independently on these two features that are applied on both local and global region to obtain the comparison scores. We then combine these scores using the weighted sum rule before making the decision about a normal (or real or live) or an artefact (or spoof) face. Extensive experiments are carried out on two publicly available databases for 2D and 3D face masks namely: CASIA face spoof database and 3DMAD shows the efficacy of the proposed scheme when compared with well-established state-of-the-art techniques.
Keywords: biometrics (access control);face recognition; feature extraction; image texture; learning (artificial intelligence);support vector machines;2D face mask;3D face mask;3DMAD;BSIF;CASIA face spoof database; LBP; SVM; binarized statistical image features; comparison score level fusion; face biometrics; face recognition system; linear support vector machine; local binary patterns; presentation attack detection; Databases; Face; Face recognition; Feature extraction; Image resolution; Support vector machines; Three-dimensional displays; Biometrics; Counter measure; Security; face mask attack (ID#: 15-4169)


Yang, Y.; McLaughlin, K.; Sezer, S.; Littler, T.; Im, E.G.; Pranggono, B.; Wang, H.F., "Multiattribute SCADA-Specific Intrusion Detection System for Power Networks," Power Delivery, IEEE Transactions on, vol. 29, no. 3, pp.1092, 1102, June 2014. doi: 10.1109/TPWRD.2014.2300099 The increased interconnectivity and complexity of supervisory control and data acquisition (SCADA) systems in power system networks has exposed the systems to a multitude of potential vulnerabilities. In this paper, we present a novel approach for a next-generation SCADA-specific intrusion detection system (IDS). The proposed system analyzes multiple attributes in order to provide a comprehensive solution that is able to mitigate varied cyber-attack threats. The multiattribute IDS comprises a heterogeneous white list and behavior-based concept in order to make SCADA cybersystems more secure. This paper also proposes a multilayer cyber-security framework based on IDS for protecting SCADA cybersecurity in smart grids without compromising the availability of normal data. In addition, this paper presents a SCADA-specific cybersecurity testbed to investigate simulated attacks, which has been used in this paper to validate the proposed approach.
Keywords: SCADA systems; power system security; security of data; smart power grids; IDS; SCADA cybersystems; behavior-based concept; cyber-attack threats; heterogeneous white list; multiattribute SCADA-specific intrusion detection system; multilayer cyber-security framework; power system networks; smart grids ;supervisory control and data acquisition systems; Computer security; Current measurement; Detectors; Intrusion detection; Protocols; SCADA systems; Cybersecurity; intrusion detection; smart grid; supervisory control and data acquisition (SCADA) (ID#: 15-4170)


Kaur, R.; Singh, M., "Efficient Hybrid Technique For Detecting Zero-Day Polymorphic Worms," Advance Computing Conference (IACC), 2014 IEEE International, pp. 95, 100, 21-22 Feb. 2014. doi: 10.1109/IAdCC.2014.6779301 This paper presents an efficient technique for detecting zero-day polymorphic worms with almost zero false positives. Zero-day polymorphic worms not only exploit unknown vulnerabilities but also change their own representations on each new infection or encrypt their payloads using a different key per infection. Thus, there are many variations in the signatures for the same worm, making fingerprinting very difficult. With their ability to rapidly propagate, these worms increasingly threaten the Internet hosts and services. If these zero-day worms are not detected and contained at right time, they can potentially disable the Internet or can wreak serious havoc. So the detection of Zero-day polymorphic worms is of paramount importance.
Keywords: Internet; cryptography; digital signatures; invasive software; Internet hosts; encryption; fingerprinting; hybrid technique; signatures; unknown vulnerabilities; zero false positives; zero-day polymorphic worm detection; Algorithm design and analysis; Grippers; Internet; Malware; Payloads; Registers; Sensors; Zero-day attack; hybrid system; intrusion detection; polymorphic worm (ID#: 15-4171)


Ying-dar Lin; Chia-Yin Lee; Yu-Sung Wu; Pei-Hsiu Ho; Fu-yu Wang; Yi-Lang Tsai, "Active versus Passive Malware Collection," Computer, vol.47, no.4, pp.59,65, Apr. 2014. doi: 10.1109/MC.2013.226 An exploration of active and passive malware honeypots reveals that the two systems yield vastly different malware collections and that peer-to-peer file sharing is an important, but often overlooked, malware source.
Keywords: invasive software; peer-to-peer computing; active malware collection; active malware honeypots; passive malware collection; passive malware honeypots; peer-to-peer file sharing; Databases; Malware; Peer-to-peer computing; Telecommunication traffic; Trojan horses; Virtual machining; honeypots; malware collection and detection; network security; network vulnerability (ID#: 15-4172)


Shuai, Shao; Guowei, Dong; Tao, Guo; Tianchang, Yang; Chenjie, Shi, "Modelling Analysis and Auto-detection of Cryptographic Misuse in Android Applications," Dependable, Autonomic and Secure Computing (DASC), 2014 IEEE 12th International Conference on, pp. 75, 80, 24-27 Aug. 2014. doi: 10.1109/DASC.2014.22 Cryptographic misuse affects a sizeable portion of Android applications. However, there is only an empirical study that has been made about this problem. In this paper, we perform a systematic analysis on the cryptographic misuse, build the cryptographic misuse vulnerability model and implement a prototype tool Crypto Misuse Analyser (CMA). The CMA can perform static analysis on Android apps and select the branches that invoke the cryptographic API. Then it runs the app following the target branch and records the cryptographic API calls. At last, the CMA identifies the cryptographic API misuse vulnerabilities from the records based on the pre-defined model. We also analyze dozens of Android apps with the help of CMA and find that more than a half of apps are affected by such vulnerabilities.
Keywords: Analytical models; Androids; Encryption; Humanoid robots; Runtime; Android; Cryptographic Misuse; Modelling Analysis; Vulnerability (ID#: 15-4173)


Farzan, F.; Jafari, M.A.; Wei, D.; Lu, Y., "Cyber-Related Risk Assessment And Critical Asset Identification In Power Grids," Innovative Smart Grid Technologies Conference (ISGT), 2014 IEEE PES, pp.1,5, 19-22 Feb. 2014. doi: 10.1109/ISGT.2014.6816371 This paper proposes a methodology to assess cyber-related risks and to identify critical assets both at power grid and substation levels. The methodology is based on a two-pass engine model. The first pass engine is developed to identify the most critical substation(s) in a power grid. A mixture of Analytical hierarchy process (AHP) and (N-1) contingent analysis is used to calculate risks. The second pass engine is developed to identify risky assets within a substation and improve the vulnerability of a substation against the intrusion and malicious acts of cyber hackers. The risk methodology uniquely combines asset reliability, vulnerability and costs of attack into a risk index. A methodology is also presented to improve the overall security of a substation by optimally placing security agent(s) on the automation system.
Keywords: {analytic hierarchy process; power grids; power system reliability; power system security; risk analysis; substation automation; AHP;N-1 contingent analysis; analytical hierarchy process; asset reliability; automation system; cost vulnerability; critical asset identification; critical substation identification; cyber hackers; cyber related risk assessment; intrusion detection; malicious; optimal placing security; power grid; risk index; risk methodology; second pass engine; substation level; substation vulnerability; two-pass engine model; Automation; Indexes; Modeling; Power grids; Reliability; Security; Substations; cyber security; cyber vulnerability; electrical power grids; risk assessment; substation (ID#: 15-4174)


Myalapalli, V.K.; Chakravarthy, A.S.N., "A Unified Model For Cherishing Privacy In Database System An Approach To Overhaul Vulnerabilities," Networks & Soft Computing (ICNSC), 2014 First International Conference on, pp. 263, 266, 19-20 Aug. 2014. doi: 10.1109/CNSC.2014.6906658 Privacy is the most anticipated aspect in many perspectives especially with sensitive data and the database is being targeted incessantly for vulnerability. The database must be persistently monitored for ensuring comprehensive security. The proposed model is intended to cherish the database privacy by thwarting intrusions and inferences. The Database Static protection and Intrusion Tolerance Subsystem proposed in the architecture bolster this practice. This paper enunciates Privacy Cherished Database architecture model and how it achieves security under sundry circumstances.
Keywords: data privacy; database management systems; security of data; database static protection; database system privacy; inference thwarting; Intrusion thwarting; intrusion tolerance subsystem; privacy cherished database architecture model; security; Decision support systems; Handheld computers; Database Security; Database Security Configurations; Inference Detection; Intrusion detection; security policy (ID#: 15-4175)


Shaw, A.L.; Bordbar, B.; Saxon, J.; Harrison, K.; Dalton, C.I., "Forensic Virtual Machines: Dynamic Defence in the Cloud via Introspection," Cloud Engineering (IC2E), 2014 IEEE International Conference on, pp.303, 310, 11-14 March 2014. doi: 10.1109/IC2E.2014.59 The Cloud attempts to provide its users with automatically scalable platforms to host many applications and operating systems. To allow for quick deployment, they are often homogenised to a few images, restricting the variations used within the Cloud. An exploitable vulnerability stored within an image means that each instance will suffer from it and as a result, an attacker can be sure of a high pay-off for their time. This makes the Cloud a prime target for malicious activities. There is a clear requirement to develop an automated and computationally-inexpensive method of discovering malicious behaviour as soon as it starts, such that remedial action can be adopted before substantial damage is caused. In this paper we propose the use of Mini-OS, a virtualised operating system that uses minimal resources on the Xen virtualisation platform, for analysing the memory space of other guest virtual machines. These detectors, which we call Forensic Virtual Machines (FVMs), are lightweight such that they are inherently computationally cheap to run. Such a small footprint allows the physical host to run numerous instances to find symptoms of malicious behaviour whilst potentially limiting attack vectors. We describe our experience of developing FVMs and how they can be used to complement existing methods to combat malware. We also evaluate them in terms of performance and the resources that they require.
Keywords: cloud computing; digital forensics; invasive software; operating systems (computers); virtual machines; virtualisation; FVM; Mini-OS virtualised operating system; Xen virtualisation platform; cloud defence; forensic virtual machines; guest virtual machines; image vulnerability; malicious activities; malicious behaviour discovery; malware; Forensics; Kernel; Libraries; Malware; Monitoring; Virtual machining; Xen; cloud computing; forensics; introspection; intrusion detection; monitoring; security; virtual machine; virtualization (ID#: 15-4176)


Kumar, E.S.; Kusuma, S.M.; Kumar, B.P.V., "A random key distribution based Artificial Immune System for Security In Clustered Wireless Sensor Networks," Electrical, Electronics and Computer Science (SCEECS), 2014 IEEE Students' Conference on, pp.1,7, 1-2 March 2014. doi: 10.1109/SCEECS.2014.6804506 Wireless sensor networks are associated with risk due to the threats of security vulnerabilities. In this context, we propose a scheme, which uses random key distribution based Artificial Immune System (AIS) for detecting spoofing attacks. The prospective method is for clustered sensor networks and as an example, the algorithm is executed on LEACH protocol. The simulation results prove that the design is energy efficient than the other widely used cryptographic methods while providing robust security in the network.
Keywords: artificial immune systems; cryptographic protocols; telecommunication security; wireless sensor networks; AIS; LEACH protocol; clustered wireless sensor network security; cryptographic methods; energy efficient design; random key distribution based artificial immune system; security vulnerability; spoofing attack detection; Algorithm design and analysis; Equations; Immune system; Mathematical model; Protocols; Security; Wireless sensor networks; Artificial Immune System; LEACH protocol; clustered sensor networks; cryptography (ID#: 15-4177)


Stoian, I.; Ignat, S.; Capatina, D.; Ghiran, O., "Security and Intrusion Detection On Critical SCADA Systems For Water Management," Automation, Quality and Testing, Robotics, 2014 IEEE International Conference on, pp. 1, 6, 22-24 May 2014. doi: 10.1109/AQTR.2014.6857919 SCADA systems are broadly employed in supervising and controlling industrial areas comprising manufacturing industries, traffic control, power plants, integrated water management systems (distribution, treatment and sewage). The security of SCADA systems represents a significant subject on account of the critical function that these systems perform in offering vital utility services. In nowadays industrial systems ubiquitous access to Internet enhance the vulnerabilities of SCADA systems, for the reason that this allows a remote attacker to obtain control of, or produce interruption to the network critical functions. The attacks affect the network control plane and /or the data plane. Critical infrastructures, requiring uninterrupted operation, maintenance, and protection, have need of robust and secured control SCADA systems. The paper intends to depicts the critical architectural constituents of these systems, detect vulnerabilities and possible threats, and illustrate protection techniques that may be set up in order to reduce attacks involving situation awareness solutions.
Keywords: SCADA systems; control engineering computing; public utilities; security of data; water resources; Internet; architectural constituents; critical SCADA systems; critical infrastructures; data plane; industrial areas; intrusion detection ;network control plane; network critical functions; protection techniques; remote attacker; security; situation awareness solutions; ubiquitous access; vital utility services; water management; Monitoring; Protocols; Reservoirs; SCADA systems; Servers; Trojan horses; Cyber Security; Intrusion Detection; SCADA security; computer and network vulnerability assessment; process control systems (ID#: 15-4177)


Hui Guan; Hakeem, H.; Hongji Yang, "Reverse Engineering Web Applications for Security Mechanism Enhancement," Computer Software and Applications Conference Workshops (COMPSACW), 2014 IEEE 38th International, pp.492,497, 21-25 July 2014.doi: 10.1109/COMPSACW.2014.82 This paper focuses on reverse engineering web application for security mechanisms detection in the current design and thereby presents a security evaluation method for web application taking consideration of potential threats, security features provided by the detected security mechanisms and user's security objectives. Based on our previous work on risk assessment for web applications, evaluation of current security implementation is conducted combining core security structure detection and security knowledge checklist matching. Reverse engineering techniques have been used to extract system models from source code based on which security relevant artefacts are identified and matched with built security artefacts base. The paper describes the general structure of the proposed method.
Keywords: Internet; reverse engineering; security of data; core security structure detection; reverse engineering Web applications; risk assessment; security evaluation method; security knowledge checklist matching; security mechanism detection; security mechanism enhancement; source code; user security objectives; Access control; Authentication; Encryption; Reverse engineering; Software; reverse engineering; risk assessment; security evaluation; security mechanism; vulnerability (ID#: 15-4178)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.