Automotive Software Security Testing
|
|
- Byron Mason
- 5 years ago
- Views:
Transcription
1 Detecting and Addressing Cybersecurity Issues V
2 Code ahead! 2
3 Automated vulnerability detection and triage + = 3
4 How did we get here? Vector was engaged with a large, US Tier 1 and we were addressing software quality They acknowledged they had software quality issues Concern was related to how these quality issues could affect security Project goals morphed into low-hanging security fruit (for both the customer and the attacker)! Our goal was more along the lines of robustness! 4
5 VectorCAST test automation platform 5
6 Software System Link to Requirements VectorCAST Analytics Automotive Software Security Testing Vector testing solution System Validation System Integration Test Software Integration Test System validation + code coverage on ECU Change-Based Testing SW integration testing + code coverage on PC CANoe, vteststudio VT System VectorCAST/QA CANoe, vteststudio vvirtualtarget VectorCAST/C++ and /QA Software Unit Test White-Box testing on host / on target VectorCAST/C++ Software Implementation Benefits Full support in the development process, from software unit test to system validation Uniform test management, test automation (CI), result analysis and traceability 6
7 Vulnerability detection via dynamic analysis The idea The approach To be able to identify and automatically test for undiagnosed security vulnerabilities Utilizes MITRE s classification of CWEs (common weakness enumeration) Once an instance of a generic CWE is found in the software, that issue is then classed as a CVE (common vulnerability and exposure) Automatically interrogate the code and identify possible weaknesses (a la static analysis) Once a potential CWE is found, generate a test exploiting the identified issue and execute it (dynamic execution) After execution, analyses the execution trace and decide if the potential CWE is a genuine threat Code CWEs Tests Execution Analysis CVEs 7
8 Vulnerability detection via dynamic analysis The benefits Weaknesses identified Unlike static analysis, this method will only flag an issue if we can generate an exploit, eliminating the false-positive issue plaguing static analysis The generation of test artefacts allows for their future re-execution to demonstrate the mitigation of a potential issue after software redesign Can be used for both on-host and on-target execution (think security validation for embedded systems) Via the analysis of open-source projects, a number of API-usage related issues have been identified A large US automotive Tier 1 has used it to find security-specific reuse issues on their software platform Able to automatically find issues such as NULL pointer dereference (CWE-476), classic buffer overflow (CWE-120) and improper resource shutdown/release (CWE-404) Automated Validation 8
9 Two technical approaches Mutational (test-suite) fuzz testing Take an existing test-suite Modify the values to be randomly erroneous Run it with coverage Does it crash? If yes: potential weakness! Directed ( intelligent ) security testing Identify an expression of interest > E.g., pointer deref., divide by zero Generate a test reaching that line with erroneous values Run it with coverage Does it crash? If yes: potential weakness! 9
10 Security weaknesses of interest The approach is focused on automatically generating tests for a number of classifications of vulnerabilities according to MITRE At the highest level, we look to address the general banner CWE-398 ( indication of poor code quality ) Some examples of issues we aim to detect Hard errors Use of a NULL pointer (CWE-476) Buffer {under,over}flow (stack corruption) (CWE-124) Divide by zero (CWE-369) Mismatched calls malloc/free, fopen/fclose, pthread_mutex_lock/pthread_mutex_unlock (CWE- 401/404/413/415/590) Bad arguments memcpy (CWE-120/130) Unchecked return malloc (CWE-252/690) 10
11 Automated (mutational) fuzz testing for unit testing Existing test-case: > TEST.VALUE:buffer.buffer_copy_string_buffer.src:<<malloc 1>> > TEST.VALUE:buffer.buffer_copy_string_buffer.src.used:0 > TEST.VALUE:buffer.buffer_copy_string_buffer.b:<<malloc 1>> Manipulate the values: > TEST.VALUE:buffer.buffer_copy_string_buffer.src:<<malloc 1>> > TEST.VALUE:buffer.buffer_copy_string_buffer.src.used:0 > TEST.VALUE:buffer.buffer_copy_string_buffer.b:<<null>> Execute! 11
12 From software to mathematics Replace x with input and 0 with null pointer dereference 12
13 Directed test-case generation for weaknesses VectorCAST combines in-depth static analysis with constraint solving to identify more complex weaknesses: > param_2->x += 3; > param_3->y += 2; > return param_1->z / (param_2->x - param_3->y); Fuzz testing has to get lucky here, but using test-case generation we can directly generate a test such that: > (param_2->x 3) (param_3->y 2) 0 This gets fed to a black box oracle that can provide the answer! 13
14 Take home Process Identify portfolio Assess vulnerabilities Manage risk Some of the issues we find you might consider are non-issues or are mitigated against as part of your software architecture That s great be wary about software re-use across projects! Mainly: no one size fits all solution use multiple tools! Dynamic execution can find certain vulnerabilities more definitively Need to always consider DP-E ratio (damage potential vs. effort) 15
15 For more information about Vector and our products please visit Dr Andrew V. Jones Vector Informatik GmbH. All rights reserved. Any distribution or copying is subject to prior written approval by Vector. V
Putting the dynamic into software security testing
Ptting the dynamic into software secrity testing Detecting and Addressing Cybersecrity Isses V1.1 2018-03-05 Code ahead! 2 Atomated vlnerability detection and triage + = 3 How did we get here? Vector was
More informationBenefits of Collecting Code Coverage Metrics during HIL/ECU Testing
Benefits of Collecting Code Coverage Metrics during HIL/ECU Testing Jeffrey Fortin Product Manager VectorCAST V0.1 2018-10-30 Agenda 1. How VectorCAST fits into HIL/ECU Testing 2. Demo 3. Questions and
More informationFending Off Cyber Attacks Hardening ECUs by Fuzz Testing
Fending Off Cyber Attacks Hardening ECUs by Fuzz Testing In designing vehicle communication networks, security test procedures play an important role in the development process. Fuzz testing, which originated
More informationIntegration of the softscheck Security Testing Process into the V-Modell
Integration of the softscheck Security Testing Process into the V-Modell Wilfried Kirsch, Prof. Dr. Hartmut Pohl softscheck GmbH Köln Büro: Bonnerstr. 108. 53757 Sankt Augustin www. softscheck.com Products
More information정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석
정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석 Develop high quality embedded software 이영준 Principal Application Engineer 2015 The MathWorks, Inc. 1 Agendas Unit-proving of AUTOSAR Component and Runtime error Secure Coding
More informationEngineering Your Software For Attack
Engineering Your Software For Attack Robert A. Martin Senior Principal Engineer Cyber Security Center Center for National Security The MITRE Corporation 2013 The MITRE Corporation. All rights reserved.
More informationVerification & Validation of Open Source
Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open
More informationVariants and Traceability as the Challenge
Variants and Traceability as the Challenge Model-Based Test Design as an Answer V1.0 2016-11-12 Motivation We are talking about automated ECU testing: Module tests, sub system tests, MIL, SIL, HIL Challenges
More informationSecuring Applications in C/C++
Securing Applications in C/C++ Application Security Training Datasheet Security Compass 2012. Application Security Training Datasheet. Securing Applications in C/C++ 1 It has long been discussed that identifying
More informationCIS 700/002 : Special Topics : OWASP ZED (ZAP)
CIS 700/002 : Special Topics : OWASP ZED (ZAP) Hitali Sheth CIS 700/002: Security of EMBS/CPS/IoT Department of Computer and Information Science School of Engineering and Applied Science University of
More informationProgramming Language Vulnerabilities within the ISO/IEC Standardization Community
Programming Language Vulnerabilities within the ISO/IEC Standardization Community Stephen Michell International Convenor JTC 1/SC 22 WG 23 Programming Language Vulnerabilities stephen.michell@maurya.on.ca
More informationSecure Coding Techniques
Secure Coding Techniques "... the world outside your function should be treated as hostile and bent upon your destruction" [Writing Secure Code, Howard and LeBlanc] "Distrust and caution are the parents
More informationWeb Applications (Part 2) The Hackers New Target
Web Applications (Part 2) The Hackers New Target AppScan Source Edition Terence Chow Advisory Technical Consultant An IBM Rational IBM Software Proof of Technology Hacking 102: Integrating Web Application
More informationEnsuring quality for ADAS applications with a model-based approach
Åsa Björnemark, Manager Test Solutions, Vector Scandinavia V1.0 2015-12-03 Volvo Car Statement We are building fewer and fewer test vehicles, and we need to find alternative ways to verify functions in
More informationWhat You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices
What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices Marius Muench 1 Jan Stijohann 2,3 Frank Kargl 3 Aurélien Francillon 1 Davide Balzarotti 1 1 EURECOM 2 Siemens AG 3 Ulm University
More informationUsing Static Code Analysis to Find Bugs Before They Become Failures
Using Static Code Analysis to Find Bugs Before They Become Failures Presented by Brian Walker Senior Software Engineer, Video Product Line, Tektronix, Inc. Pacific Northwest Software Quality Conference,
More informationSecurity Testing. John Slankas
Security Testing John Slankas jbslanka@ncsu.edu Course Slides adapted from OWASP Testing Guide v4 CSC 515 Software Security What is Security Testing? Validate security controls operate as expected What
More informationHunting Security Bugs
Microsoft Hunting Security Bugs * Tom Gallagher Bryan Jeffries Lawrence Landauer Contents at a Glance 1 General Approach to Security Testing 1 2 Using Threat Models for Security Testing 11 3 Finding Entry
More informationRiskSense Attack Surface Validation for IoT Systems
RiskSense Attack Surface Validation for IoT Systems 2018 RiskSense, Inc. Surfacing Double Exposure Risks Changing Times and Assessment Focus Our view of security assessments has changed. There is diminishing
More informationC and C++ Secure Coding 4-day course. Syllabus
C and C++ Secure Coding 4-day course Syllabus C and C++ Secure Coding 4-Day Course Course description Secure Programming is the last line of defense against attacks targeted toward our systems. This course
More informationInternet infrastructure
Internet infrastructure Prof. dr. ir. André Mariën (c) A. Mariën 04/03/2014 1 Topic Vulnerability and patch management (c) A. Mariën 04/03/2014 2 Requirements Security principle: Everything can and will
More informationSoftware security, secure programming
Software security, secure programming Lecture 4: Protecting your code against software vulnerabilities? (overview) Master on Cybersecurity Master MoSiG Academic Year 2017-2018 Preamble Bad news several
More informationVulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits
Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits Carl Sabottke Octavian Suciu Tudor Dumitraș University of Maryland 2 Problem Increasing number
More informationDetermining the Fundamental Basis of Software Vulnerabilities. Larry Wagoner NSA
Determining the Fundamental Basis of Software Vulnerabilities Larry Wagoner NSA Agenda Background Analogous background Matt Bishop work CWEs Tool reporting of CWEs KDM Analytics Determining the fundamental
More informationMeasuring and Evaluating Cyber Risk in ICS Components, Products and Systems
Measuring and Evaluating Cyber Risk in ICS Components, Products and Systems Copyright 2018 UL LLC. All rights reserved. No portion of this material may be reprinted in any form without the express written
More informationIt was a dark and stormy night. Seriously. There was a rain storm in Wisconsin, and the line noise dialing into the Unix machines was bad enough to
1 2 It was a dark and stormy night. Seriously. There was a rain storm in Wisconsin, and the line noise dialing into the Unix machines was bad enough to keep putting garbage characters into the command
More informationDefeat Exploit Mitigation Heap Attacks. compass-security.com 1
Defeat Exploit Mitigation Heap Attacks compass-security.com 1 ASCII Armor Arbitrary Write Overflow Local Vars Exploit Mitigations Stack Canary ASLR PIE Heap Overflows Brute Force Partial RIP Overwrite
More informationRisk Analysis and Measurement with CWRAF
Risk Analysis and Measurement with CWRAF - Common Weakness Risk Analysis Framework - April 4, 2012 Making Security Measurable (MSM) Software Assurance Enterprise Security Management Threat Management Design
More informationA Security Practice Evaluation Framework
A Security Practice Evaluation Framework Patrick Morrison Advisor: Dr. Laurie Williams North Carolina State University A Security Practice Evaluation Framework Design, Development, & Deployment create
More informationProduct Security. for Consumer Devices. Anton von Troyer Codenomicon. all rights reserved.
Product Security Anton von Troyer for Consumer Devices About Codenomicon Founded in Autumn 2001 Commercialized the academic approach built since 1996 Technology leader in security test automation Model-based,
More informationApplications. Cloud. See voting example (DC Internet voting pilot) Select * from userinfo WHERE id = %%% (variable)
Software Security Requirements General Methodologies Hardware Firmware Software Protocols Procedure s Applications OS Cloud Attack Trees is one of the inside requirement 1. Attacks 2. Evaluation 3. Mitigation
More informationSoftware Vulnerability
Software Vulnerability Refers to a weakness in a system allowing an attacker to violate the integrity, confidentiality, access control, availability, consistency or audit mechanism of the system or the
More informationMy other computer is YOURS!
Octet-based encoding example Here is a DER encoding of the following definition: Person ::= SEQUENCE { first UTF8String, last UTF8String } myself ::= Person { first "Nathanael", last "COTTIN" } Octet-based
More informationn Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test
Chapter Objectives n Explain penetration testing concepts n Explain vulnerability scanning concepts Chapter #4: Threats, Attacks, and Vulnerabilities Vulnerability Scanning and Penetration Testing 2 Penetration
More informationCYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun
CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun Reading This lecture [McGraw]: Ch. 7-9 2 Seven Touchpoints 1. Code review 2. Architectural
More informationSECURITY RISK METRICS: THE VIEW FROM THE TRENCHES. Alain Mayer CTO, RedSeal Systems
SECURITY RISK METRICS: THE VIEW FROM THE TRENCHES Alain Mayer CTO, RedSeal Systems Alain@RedSeal.net Security Defects Defects Vulnerabilities on applications, OS, embedded systems Un-approved applications
More information4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints
Reading This lecture [McGraw]: Ch. 7-9 CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun 2 Seven Touchpoints Application of Touchpoints
More informationStatic Analysis and Bugfinding
Static Analysis and Bugfinding Alex Kantchelian 09/12/2011 Last week we talked about runtime checking methods: tools for detecting vulnerabilities being exploited in deployment. So far, these tools have
More informationDon t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd
Don t Be the Developer Whose Rocket Crashes on Lift off 2015 LDRA Ltd Cost of Software Defects Consider the European Space Agency s Ariane 5 flight 501 on Tuesday, June 4 1996 Due to an error in the software
More informationVirtualization of Heterogeneous Electronic Control Units Testing and Validating Car2X Communication
Testing and Validating Car2X Communication 1 Public ETAS-PGA 2017-07-06 ETAS GmbH 2017. All rights reserved, also regarding any disposal, exploitation, reproduction, editing, Testing and Validating Car2X
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 16: Building Secure Software Department of Computer Science and Engineering University at Buffalo 1 Review A large number of software vulnerabilities various
More informationRanking Vulnerability for Web Application based on Severity Ratings Analysis
Ranking Vulnerability for Web Application based on Severity Ratings Analysis Nitish Kumar #1, Kumar Rajnish #2 Anil Kumar #3 1,2,3 Department of Computer Science & Engineering, Birla Institute of Technology,
More informationBank Infrastructure - Video - 1
Bank Infrastructure - 1 05/09/2017 Threats Threat Source Risk Status Date Created Account Footprinting Web Browser Targeted Malware Web Browser Man in the browser Web Browser Identity Spoofing - Impersonation
More informationTaking White Hats to the Laundry: How to Strengthen Testing in Common Criteria
Taking White Hats to the Laundry: How to Strengthen Testing in Common Criteria Apostol Vassilev, Principal Consultant September 23,2009. Product Testing in Common Criteria Product Testing in Common Criteria
More informationInfecting the Embedded Supply Chain
SESSION ID: PDAC-F01 Infecting the Embedded Supply Chain Zach Miller Security Researcher in8 Solutions (Formerly Somerset Recon) @bit_twidd1er Inspiration Inspiration Countless embedded devices exist Each
More informationCS161 Midterm 1 Review
CS161 Midterm 1 Review Midterm 1: March 4, 18:3020:00 Same room as lecture Security Analysis and Threat Model Basic security properties CIA Threat model A. We want perfect security B. Security is about
More informationSecurity Issues Formalization
Security Issues Formalization V. T. Dimitrov University of Sofia, Faculty of Mathematics and Informatics, 5 James Bourchier Blvd, 1164, Sofia, Bulgaria E-mail: cht@fmi.uni-sofia.bg Software bugs are primary
More informationSecurity Testing: Terminology, Concepts, Lifecycle
Security Testing: Terminology, Concepts, Lifecycle Ari Takanen, CTO, Codenomicon Ltd. Ian Bryant, Technical Director, UK TSI 1 About the Speakers Ari Takanen Researcher/Teacher 1998-2002 @University of
More informationSession 5311 Critical Testing Programs for Security Operations
Session 5311 Critical Testing Programs for Security Operations Introduction Neil Lakomiak UL Rodney Thayer Smithee Spelvin Agnew & Plinge, Inc. Coleman Wolf Environmental Systems Design, Inc. Testing Programs
More informationModule: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?
More informationBuilding Secure Systems
Building Secure Systems Antony Selim, CISSP, P.E. Cyber Security and Enterprise Security Architecture 13 November 2015 Copyright 2015 Raytheon Company. All rights reserved. Customer Success Is Our Mission
More informationRiskSense Attack Surface Validation for Web Applications
RiskSense Attack Surface Validation for Web Applications 2018 RiskSense, Inc. Keeping Pace with Digital Business No Excuses for Not Finding Risk Exposure We needed a faster way of getting a risk assessment
More informationHardening Attack Vectors to cars by Fuzzing
Hardening Attack Vectors to cars by Fuzzing AESIN 2015 Ashley Benn, Regional Sales manager 29 th October, 2015 2015 Synopsys, Inc. 1 Today, there are more than 100m lines of code in cars 2015 Synopsys,
More informationBaseline Testing Services. Whitepaper Vx.x
Whitepaper Vx.x 2018-04 Table of Contents 1 Introduction... 3 2 What is Baseline Testing?... 3 3 Customer Challenge... 3 4 Project Details... 3 4.1 First Steps... 3 4.2 Project Management... 3 4.3 Software
More informationSecure Development Lifecycle
Secure Development Lifecycle Strengthening Cisco Products The Cisco Secure Development Lifecycle (SDL) is a repeatable and measurable process designed to increase Cisco product resiliency and trustworthiness.
More informationMicrosoft Office Protected-View Out-Of- Bound Array Access
Microsoft Office Protected-View Out-Of- Bound Array Access 2017-11-23 Software Microsoft Office Affected Versions Microsoft Excel 2010, 2013, 2016 (x86 and x64) CVE Reference Author Severity Vendor CVE-2017-8502
More informationCopyright
1 SECURITY TEST Data flow -- Can you establish an audit trail for data, what goes where, is data in transit protected, and who has access to it? Data storage -- Where is data stored, and is it encrypted?
More informationModule: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Program Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?
More informationDetecting and exploiting integer overflows
Detecting and exploiting integer overflows Guillaume TOURON Laboratoire Verimag, Ensimag - Grenoble INP Marie-Laure Potet, Laurent Mounier 20/05/11 1 / 18 Context Binary representation Integers misinterpretation
More informationfinding vulnerabilities
cs6 42 computer security finding vulnerabilities adam everspaugh ace@cs.wisc.edu hw1 Homework 1 will be posted after class today Due: Feb 22 Should be fun! TAs can help with setup Use Piazza as first step
More informationSource Code Patterns of Buffer Overflow Vulnerabilities in Firefox
H. Langweg, H. Langweg, M. Meier, M. Meier, B.C. B.C. Witt, Witt, D. Reinhardt D. Reinhardt et al. (Hrsg.): Sicherheit 2018, Lecture Lecture Notes Notes in in Informatics (LNI), (LNI), Gesellschaft für
More informationI run a Linux server, so we re secure
Silent Signal vsza@silentsignal.hu 18 September 2010 Linux from a security viewpoint we re talking about the kernel, not GNU/Linux distributions Linux from a security viewpoint we re talking about the
More informationMBFuzzer - MITM Fuzzing for Mobile Applications
MBFuzzer - MITM Fuzzing for Mobile Applications Fatih Özavcı Mentor of MBFuzer @ yakindanegitim.org fatih.ozavci at gamasec.net gamasec.net/fozavci Scope Yakindan Egitim Project Security Vulnerabilities
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationBuffer Overflows: Attacks and Defenses for the Vulnerability of the Decade Review
Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka September 24, 2011. 1 Introduction to the topic
More informationGenerating String Attack Inputs Using Constrained Symbolic Execution. presented by Kinga Dobolyi
Generating String Attack Inputs Using Constrained Symbolic Execution presented by Kinga Dobolyi What is a String Attack? Web applications are 3 tiered Vulnerabilities in the application layer Buffer overruns,
More informationQuestion No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output:
Volume: 75 Questions Question No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output: Which of the following is occurring? A. A ping sweep B. A port scan
More informationSoftware Security and CISQ. Dr. Bill Curtis Executive Director
Software Security and CISQ Dr. Bill Curtis Executive Director Why Measure IT Applications? Six Digit Defects now affect Board of Directors CEO, COO, CFO Business VPs Corporate Auditors CIO accountable
More informationOWASP InfoSec Romania 2013
OWASP InfoSec Romania 2013 Secure Development Lifecycle, The good, the bad and the ugly! October 25 th 2013 Martin Knobloch OWASP Netherlands Chapter Leader Applications are about information! 3 pillars
More informationLessons Learned in Static Analysis Tool Evaluation. Providing World-Class Services for World-Class Competitiveness
Lessons Learned in Static Analysis Tool Evaluation 1 Overview Lessons learned in the evaluation of five (5) commercially available static analysis tools Topics Licensing Performance Measurement Limitations
More informationIBM Security AppScan Enterprise v9.0.1 Importing Issues from Third Party Scanners
IBM Security AppScan Enterprise v9.0.1 Importing Issues from Third Party Scanners Anton Barua antonba@ca.ibm.com October 14, 2014 Abstract: To manage the challenge of addressing application security at
More informationTiger Scheme QST/CTM Standard
Tiger Scheme QST/CTM Standard Title Tiger Scheme Qualified Security Tester Team Member Standard Version 1.2 Status Public Release Date 21 st June 2011 Author Professor Andrew Blyth (Tiger Technical Panel)
More informationSOAP: SENSITIVE OPERATIONAL ATTRIBUTE PATTERN BASED VULNERABILITY ANALYSIS FOR BUSINESS INTELLIGENCE USING RULE SETS
SOAP: SENSITIVE OPERATIONAL ATTRIBUTE PATTERN BASED VULNERABILITY ANALYSIS FOR BUSINESS INTELLIGENCE USING RULE SETS 1 S. SENTHIL KUMAR, 2 DR.M.PRABHAKARAN 1 Research Scholar, Department of Computer Science,
More informationVerification and Validation. Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1
Verification and Validation Ian Sommerville 2004 Software Engineering, 7th edition. Chapter 22 Slide 1 Verification vs validation Verification: "Are we building the product right?. The software should
More informationIEEE Sec Dev Conference
IEEE Sec Dev Conference #23, Improving Attention to Security in Software Design with Analytics and Cognitive Techniques Jim Whitmore (former) IBM Distinguished Engineer Carlisle, PA jjwhitmore@ieee.org
More informationProduct Security Briefing
Product Security Briefing Performed on: Adobe ColdFusion 8 Information Risk Management Plc 8th Floor Kings Building Smith Square London SW1 P3JJ UK T +44 (0)20 7808 6420 F +44 (0)20 7808 6421 Info@irmplc.com
More informationA Supply Chain Attack Framework to Support Department of Defense Supply Chain Security Risk Management
A Supply Chain Attack Framework to Support Department of Defense Supply Chain Security Risk Management D r. J o h n F. M i l l e r T h e M I T R E C o r p o r a t i o n P e t e r D. K e r t z n e r T h
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationDetection of Logic Flaws in Web Applications
Detection of Logic Flaws in Web Applications Davide Balzarotti Giancarlo Pellegrino Distributed, Service-oriented, Web-based applications Seller Inc. Bank Inc. U S P Order item I Transfer value(i) to S
More informationMinimum CANoe version to execute test units built with a specific version of vteststudio
For test units built with vteststudio 1.0 and 1.1 always a matching minimum CANoe version has to be used - independent of the commands used within the tests. For test units built with vteststudio 2.0 or
More information(Early) Memory Corruption Attacks
(Early) Memory Corruption Attacks CS-576 Systems Security Instructor: Georgios Portokalidis Fall 2018 Fall 2018 Stevens Institute of Technology 1 Memory Corruption Memory corruption occurs in a computer
More informationAutomotive Security: Challenges and Solutions
Automotive Security: Challenges and Solutions 8 th Vector Congress 30 th November 2016 V2.01.00 2016-11-22 Agenda Introduction Services Embedded Security Mechanisms Tools Summary 2 Introduction Vehicle
More informationIIRA and RAMI 4.0 Secure IIoT Applications Need Secure Application Code Mark.Richardson@ldra.com IIRA: Industrial Internet Reference Architecture RAMI: Reference Architecture Model for Industrie IIoT:
More informationIn-Memory Fuzzing in JAVA
Your texte here. In-Memory Fuzzing in JAVA 2012.12.17 Xavier ROUSSEL Summary I. What is Fuzzing? Your texte here. Introduction Fuzzing process Targets Inputs vectors Data generation Target monitoring Advantages
More informationForeword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1
Brief Contents Foreword by Katie Moussouris.... xv Acknowledgments... xvii Introduction...xix Chapter 1: The Basics of Networking... 1 Chapter 2: Capturing Application Traffic... 11 Chapter 3: Network
More informationFinding media bugs in Android using file format fuzzing. Costel Maxim Intel OTC Security
Finding media bugs in Android using file format fuzzing Costel Maxim Intel OTC Security 1 Agenda File format fuzzing Generate high-quality corpus of files Fuzzing the Stagefright Framework Logging & Triage
More informationHugbúnaðarverkefni 2 - Static Analysis
vulnerability/veila buffer overflow/yfirflæði biðminnis Server down? Again! Hugbúnaðarverkefni 2 - Static Analysis Fyrirlestrar 15 & 16 Buffer overflow vulnerabilities safe? safe? C code 11/02/2008 Dr
More informationAddressing Future Challenges in the Development of Safe and Secure Software Components The MathWorks, Inc. 1
Addressing Future Challenges in the Development of Safe and Secure Software Components 2016 The MathWorks, Inc. 1 Cybersecurity Emerging Topic in the Auto Industry Vehicle-to-Infrastructure Wifi Hotspot
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationDetection and Mitigation of Web Application Vulnerabilities Based on Security Testing *
Detection and Mitigation of Web Application Vulnerabilities Based on Security Testing * Taeseung Lee 1, Giyoun Won 2, Seongje Cho 2, Namje Park 3, and Dongho Won 1,** 1 College of Information and Communication
More informationCVE :
CVSS: 5.0 CVE-2014-3505: https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3505 Double free vulnerability in d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n,
More informationEURECOM 6/2/2012 SYSTEM SECURITY Σ
EURECOM 6/2/2012 Name SYSTEM SECURITY 5 5 5 5 5 5 5 5 10 50 1 2 3 4 5 6 7 8 9 Σ Course material is not allowed during the exam. Try to keep your answers precise and short. You will not get extra points
More informationRBS S Pocketnet Tech MediaViewer ActiveX Control Multiple Buffer Overflow Vulnerabilities of 14
RBS 2014 005 3S Pocketnet Tech MediaViewer ActiveX Control Multiple Buffer Overflow Vulnerabilities 2015 05 06 1 of 14 Table of Contents Table of Contents 2 About Risk Based Security 3 Company History
More informationEURECOM 6/2/2012 SYSTEM SECURITY Σ
EURECOM 6/2/2012 Name SYSTEM SECURITY 5 5 5 5 5 5 5 5 5 5 50 1 2 3 4 5 6 7 8 9 10 Σ Course material is not allowed during the exam. Try to keep your answers precise and short. You will not get extra points
More informationSoftware Vulnerabilities August 31, 2011 / CS261 Computer Security
Software Vulnerabilities August 31, 2011 / CS261 Computer Security Software Vulnerabilities...1 Review paper discussion...2 Trampolining...2 Heap smashing...2 malloc/free...2 Double freeing...4 Defenses...5
More informationLecture 4: Threats CS /5/2018
Lecture 4: Threats CS 5430 2/5/2018 The Big Picture Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures. Once Upon a Time Bugs "bug":
More informationAnnouncements. assign0 due tonight. Labs start this week. No late submissions. Very helpful for assign1
Announcements assign due tonight No late submissions Labs start this week Very helpful for assign1 Goals for Today Pointer operators Allocating memory in the heap malloc and free Arrays and pointer arithmetic
More informationRBS Asante VMS ActiveXCoat ActiveX Control ConnectToVMS() Method Heap Buffer Overflow of 7
RBS 2014 003 Asante VMS ActiveXCoat ActiveX Control ConnectToVMS() Method Heap Buffer Overflow 2015 04 29 1 of 7 Table of Contents Table of Contents 2 About Risk Based Security 3 Mission 3 Background 3
More information113 BSIMM Activities at a Glance
113 BSIMM Activities at a Glance (Red indicates most observed BSIMM activity in that practice) Level 1 Activities Governance Strategy & Metrics (SM) Publish process (roles, responsibilities, plan), evolve
More informationIntroduction to software exploitation ISSISP 2017
Introduction to software exploitation ISSISP 2017 1 VM https://drive.google.com/open?id=0b8bzf4ybu s1kltjsnlnwqjhss1e (sha1sum: 36c32a596bbc908729ea9333f3da10918e24d767) Login / pass: issisp / issisp 2
More information