By Davide Balzarotti Marco Cova Viktoria V. FelmetsgerGiovanni Vigna Presented by: Mostafa Saad.

Slides:

Advertisements

Similar presentations

Service Manager for MSPs

Advertisements

Closing the Gap: Analyzing the Limitations of Web Application Vulnerability Scanners David Shelly Randy Marchany Joseph Tront Virginia Polytechnic Institute.

Vulnerability Analysis of Web-Based Applications

Modern Web Application Frameworks CSE 591 – Security and Vulnerability Analysis Spring 2015 Adam Doupé Arizona State University

Web Trust Boundaries and Security Vulnerabilities Haris Volos and Hidayat Teonadi CS739 – Distributed Systems.

Part 2 Authors: Marco Cova, et al. Presented by Brett Parker.

By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)

Software Security Lecture 0 Fang Yu Dept. of MIS National Chengchi University Spring 2011.

Technical Architectures

Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Gary Wassermann Zhendong Su.

ReferencesReferences DiscussionDiscussion Vulnerability Example: SQL injection Auditing Tool for Eclipse LAPSE: a Security Auditing Tool for Eclipse IntroductionIntroductionResultsResults.

Crawler-Based Search Engine By Ryan Caplet, Morris Wright and Bryan Chapman.

1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.

Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister, Engin Kirda, and Christopher Kruegel RAID ’08 1 Seoyeon Kang November.

1 Detecting Logic Vulnerabilities in E- Commerce Applications Presenter: Liu Yin Slides Adapted from Fangqi Sun Computer Science Department College of.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

BUILDING A SECURE STANDARD LIBRARY Information Assurance Project I MN Tajuddin hj. Tappe Supervisor Mdm. Rasimah Che Mohd Yusoff ASP.NET TECHNOLOGY.

Leveraging User Interactions for In-Depth Testing of Web Application Sean McAllister Secure System Lab, Technical University Vienna, Austria Engin Kirda.

Chapter 6: Hostile Code Guide to Computer Network Security.

Automatic Creation of SQL Injection and Cross-Site Scripting Attacks 2nd-order XSS attacks 1st-order XSS attacks SQLI attacks Adam Kiezun, Philip J. Guo,

Expert System Approach on Web Vulnerability Analysis / Jong Heon, PARK / Hyun Woo, CHO CS548 Advanced Information Security Term Project.

Introducing LAMP: Linux, Apache, MySQL and PHP Track 2 Workshop PacNOG 7 July 1, 2010 Pago Pago, American Samoa.

Overview of JSP Technology. The need of JSP With servlets, it is easy to – Read form data – Read HTTP request headers – Set HTTP status codes and response.

Jarhead Analysis and Detection of Malicious Java Applets Johannes Schlumberger, Christopher Kruegel, Giovanni Vigna University of California Annual Computer.

● Problem statement ● Proposed solution ● Proposed product ● Product Features ● Web Service ● Delegation ● Revocation ● Report Generation ● XACML 3.0.

박 종 혁 컴퓨터 보안 및 운영체제 연구실 MobiSys '11 Proceedings of the 9th international conference on Mobile systems, applications,

LAYING OUT THE FOUNDATIONS. OUTLINE Analyze the project from a technical point of view Analyze and choose the architecture for your application Decide.

Brad Baker CS526 May 7 th, /7/ Project goals 2. Test Environment 3. The Problem 4. Some Solutions 5. ModSecurity Overview 6. ModSecurity.

Hamdi Yesilyurt, MA Student in MSDF & PhD-Public Affaris SQL Riji Jacob MS Student in Computer Science.

NDSS 2007 Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, Giovanni Vigna.

Approaches to Application Security – DSM

A Framework for Automated Web Application Security Evaluation

Automatically Hardening Web Applications Using Precise Tainting Anh Nguyen-Tuong Salvatore Guarnieri Doug Greene Jeff Shirley David Evans University of.

Preventing SQL Injection Attacks in Stored Procedures Alex Hertz Chris Daiello CAP6135Dr. Cliff Zou University of Central Florida March 19, 2009.

AMNESIA: Analysis and Monitoring for NEutralizing SQL- Injection Attacks Published by Wiliam Halfond and Alessandro Orso Presented by El Shibani Omar CS691.

Security Testing Case Study 360logica Software Testing Services.

1 Vulnerability Analysis and Patches Management Using Secure Mobile Agents Presented by: Muhammad Awais Shibli.

CSC-682 Cryptography & Computer Security Sound and Precise Analysis of Web Applications for Injection Vulnerabilities Pompi Rotaru Based on an article.

Web Application Security ECE ECE Internetwork Security What is a Web Application? An application generally comprised of a collection of scripts.

Introduction To Web Application Security in PHP. Security is Big And Often Difficult PHP doesn’t make it any easier.

Beyond negative security Signatures are not always enough Or Katz Trustwave ot.com/

1 Swaddler: An Approach for the Anomaly-based Detection of State Violations in Web Application Marco Cova, Davide Balzarotti, Viktoria Felmetsger, and.

Web Logic Vulnerability By Eric Jizba and Yan Chen With slides from Fangqi Sun and Giancarlo Pellegrino.

MIS Week 6 Site:

1 The current lesson plans provided for in Webgoatv2 include Http Basics How to Perform Database Cross Site Scripting (XSS) How to Spoof an Authentication.

Finding Security Vulnerabilities in Java Applications with Static Analysis Reviewed by Roy Ford.

02/09/2010 Industrial Project Course (234313) Virtualization-aware database engine Final Presentation Industrial Project Course (234313) Virtualization-aware.

1 HoneyNets. 2 Introduction Definition of a Honeynet Concept of Data Capture and Data Control Generation I vs. Generation II Honeynets Description of.

INFORMATION SECURITY UNIX & DB2. Introduction THE OBJECTIVE IS TO DESIGN SECURITY MEASURES FOR A MILITARY SYSTEM SYSTEM RUNNING A DB2 SERVER ON UNIX FOCUS.

Web Application Vulnerabilities ECE 4112 Internetwork Security, Spring 2005 Chris Kelly Chris Lewis April 28, 2005 ECE 4112 Internetwork Security, Spring.

Group 19 Juan O’Connell Justin Rand ECE 4112 Group 19 May 1, 2007 Georgia Institute of Technology College of Engineering School of Electrical and Computer.

Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.

EECS 354: Network Security Group Members: Patrick Wong Eric Chan Shira Schneidman Web Attacks Project: Detecting XSS and SQL Injection Vulnerabilities.

Example – SQL Injection MySQL & PHP code: // The next instruction prompts the user is to supply an ID $personID = getIDstringFromUser(); $sqlQuery = "SELECT.

Saner: Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications Davide Balzarotti, Marco Cova, Vika Felmetsger, Nenad Jovanovic,

By Collin Donaldson. Hacking is only legal under the following circumstances: 1.You hack (penetration test) a device/network you own. 2.You gain explicit,

Aaron Corso COSC Spring What is LAMP?  A ‘solution stack’, or package of an OS and software consisting of:  Linux  Apache  MySQL  PHP.

Final Project: Advanced Security Blade IPS and DLP blades.

Web Application Security

Presentation by: Naga Sri Charan Pendyala

TriggerScope: Towards Detecting Logic Bombs in Android Applications

Static Detection of Cross-Site Scripting Vulnerabilities

Theodore Lawson CSCE548 Student Presentation, Topic #2

Abstract Intrusion detection in networks is of practical interest in many applications such as detecting an intruder in a battlefield. The intrusion detection.

Computer Security Fundamentals

Website Security Testing: Why Business Need It Very Badly.

Risk Assessment = Risky Business

Lecture 2 - SQL Injection

Ben Smith and Laurie Williams

Automatically Hardening Web Applications Using Precise Tainting

Presentation transcript:

By Davide Balzarotti Marco Cova Viktoria V. FelmetsgerGiovanni Vigna Presented by: Mostafa Saad

Problem statement  Web applications have become popular, and nowadays they are used in security-critical environments, such as financial, and military systems.  More critical services  more sophistications of attacks.  Multi Module data/flow attacks  Current solutions: Firewalls or before deployment vulnerability analysis techniques to identify security problems.  The vulnerability analysis of web applications is difficult  Applications use scripting languages  Structuring of the application logic into separate pages and code modules  Interaction with back-end databases.  Current vulnerability analysis approaches focused on single application modules  Unfortunately, these approaches are limited in scope, and, therefore, they cannot detect multi-step attacks that exploit the interaction among multiple modules of an application.

Related work  The WebSSARI tool is one of the first works that applies static taint propagation analysis to find security vulnerabilities in PHP.  Cross site scripting & SQL injection.  An approach that uses the syntactic structure of the program-generated output to identify SQL injection only.  Tools either focus on a single application module analysis or better dynamic analysis that do not model or take into account the application’s intended workflow.

Solution approach  Intra Module Analysis phase  Examines each module of the application in isolation.  Inter Module Analysis phase  Examine whole application.

Intended workﬂow of an application  An application consists of 3 files.

Evaluation

Conclusion and future work  Because of the heterogeneous nature of web applications, it is important to develop new techniques that are able to analyze the interaction among multiple application modules and different technologies.  Paper presented a novel vulnerability analysis approach that takes into account the multi-module, multi-technology nature of complex web applications.  Additional technologies needs to be supported so that we can cover a larger class of applications.  Leveraging the findings of the static analysis to automatically generate test drivers to reduce the number of the false positives.