Presentation is loading. Please wait.

Presentation is loading. Please wait.

Please insert a figure in the master transparency. KIT – University of the State of Baden-Wuerttemberg and National Research Center of the Helmholtz Association.

Published byEdgar McKenzie Modified over 8 years ago

Similar presentations

Presentation on theme: "Please insert a figure in the master transparency. KIT – University of the State of Baden-Wuerttemberg and National Research Center of the Helmholtz Association."— Presentation transcript:

1 Please insert a figure in the master transparency. KIT – University of the State of Baden-Wuerttemberg and National Research Center of the Helmholtz Association Certifiable Trustworthy IT Systems www.kit.edu flickr.com/photos/85638163@N00/4627233065/sizes/l/in/photostream/ SPaCiTE – Web Application Testing Engine Matthias Büchler, Johan Oudinet, and Alexander Pretschner April 21, 2012

2 M. Büchler, J. Oudinet, A. Pretschner 2 SPaCiTE – Web Application Testing Engine Motivation / Purpose of the Tool Secure Model: M ⊨ φ Is Web Application Secure ? Web Application How does a secure model help to answer this question?

3 M. Büchler, J. Oudinet, A. Pretschner 3 SPaCiTE – Web Application Testing Engine Motivation / Purpose of the Tool Client SideServer Side

4 M. Büchler, J. Oudinet, A. Pretschner 4 SPaCiTE – Web Application Testing Engine Motivation / Purpose of the Tool

5 M. Büchler, J. Oudinet, A. Pretschner 5 SPaCiTE – Web Application Testing Engine SPaCiTE Workflow How SPaCiTE executes test cases (attack traces) based on secure models

6 M. Büchler, J. Oudinet, A. Pretschner 6 SPaCiTE – Web Application Testing Engine The Secure Model – Abstract Messages

7 M. Büchler, J. Oudinet, A. Pretschner 7 SPaCiTE – Web Application Testing Engine The Secure Model – Horn Clauses

8 M. Büchler, J. Oudinet, A. Pretschner 8 SPaCiTE – Web Application Testing Engine The Secure Model – The Honest User

9 M. Büchler, J. Oudinet, A. Pretschner 9 SPaCiTE – Web Application Testing Engine The Secure Model – The Server

10 M. Büchler, J. Oudinet, A. Pretschner 10 SPaCiTE – Web Application Testing Engine The Secure Model – Secrecy Goal

11 M. Büchler, J. Oudinet, A. Pretschner 11 SPaCiTE – Web Application Testing Engine Model-Based Flaw Injection Library isAuthorizedTo*

12 M. Büchler, J. Oudinet, A. Pretschner 12 SPaCiTE – Web Application Testing Engine Model Checking SATMC CL-ATSE OFMC Reuse AVANTSSAR Backends

13 M. Büchler, J. Oudinet, A. Pretschner 13 SPaCiTE – Web Application Testing Engine Abstract Attack Trace ->*webServer : login(tom,password(tom,webServer)) webServer-> : listStaffOf(tom) *->webServer : viewProfileOf(jerry) webServer*->* : profileOf(jerry)

14 M. Büchler, J. Oudinet, A. Pretschner 14 SPaCiTE – Web Application Testing Engine Transform AAT to WAAL Configuration Information How are abstract messages translated into actions How is a viewProfileOf message generated in the browser?

15 M. Büchler, J. Oudinet, A. Pretschner 15 SPaCiTE – Web Application Testing Engine Transform AAT to WAAL How are abstract messages translated into actions

16 M. Büchler, J. Oudinet, A. Pretschner 16 SPaCiTE – Web Application Testing Engine Transform AAT to WAAL Translate WAAL actions to Java source code Embed them into a test execution engine skeleton

17 M. Büchler, J. Oudinet, A. Pretschner 17 SPaCiTE – Web Application Testing Engine Execution Execute the test case Recovery actions might be needed

18 M. Büchler, J. Oudinet, A. Pretschner 18 SPaCiTE – Web Application Testing Engine Example of a Recovery Action

19 M. Büchler, J. Oudinet, A. Pretschner 19 SPaCiTE – Web Application Testing Engine

20 M. Büchler, J. Oudinet, A. Pretschner 20 SPaCiTE – Web Application Testing Engine Verdict

21 M. Büchler, J. Oudinet, A. Pretschner 21 SPaCiTE – Web Application Testing Engine Conclusion Semi-automatic security testing of web applications Automatic at browser level May request help from a test expert at HTTP level Interesting abstract attack traces were generated by injecting relevant source code level faults into the model Relevant fault = known vulnerability that have been exploited to violate any security goal in the secure model. We were able to reproduce all 4 Abstract Attack Traces coming from 2 RBAC and 2 XSS models

22 M. Büchler, J. Oudinet, A. Pretschner 22 SPaCiTE – Web Application Testing Engine Future Work Target different vulnerabilities and security goals Address side effects during recovery actions Extend the tool when global observation is not possible Integration work as part of SPaCiOS EU project www.spacios.eu * Demo on request, or visit: http://zvi.ipd.kit.edu/26_500.php

23 M. Büchler, J. Oudinet, A. Pretschner 23 SPaCiTE – Web Application Testing Engine Model-Based Flaw Injection Library Mutation Operator represent vulnerabilities at model level They combine a security property and a vulnerability

24 M. Büchler, J. Oudinet, A. Pretschner 24 SPaCiTE – Web Application Testing Engine Assumptions and Limitations Secure model must exist → If not, try to make use of model inference Each abstract message must be mappable to WAAL actions that means every abstract message must be expressed in terms of generating and/or verifying actions at browser level that doesn’t imply that action must be performed in browser → see Recovery Actions → If not, WAAL actions can be bypassed and abstract message is directly mapped to protocol level messages (no guidance by SPaCiTE) Used model checker considers the Dolev Yao Model for the intruder behavior Intruder is the network (Every component must be wrapped by a Proxy to have global observation property) No side effects during recovery actions Deterministic system

Download ppt "Please insert a figure in the master transparency. KIT – University of the State of Baden-Wuerttemberg and National Research Center of the Helmholtz Association."

Similar presentations

Hossain Shahriar Mohammad Zulkernine. One of the worst vulnerabilities in web applications It involves the generation of dynamic HTML contents with invalidated.

Hossain Shahriar Mohammad Zulkernine. One of the worst vulnerabilities in web applications It involves the generation of dynamic HTML contents with invalidated.
JD Edwards Service JD Edwards Service SAP Service SAP Service Java Appl. Service Java Appl. Service.Net Appl. Service.Net Appl. Service CICS Service.

JD Edwards Service JD Edwards Service SAP Service SAP Service Java Appl. Service Java Appl. Service.Net Appl. Service.Net Appl. Service CICS Service.
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.

Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Web Trust Boundaries and Security Vulnerabilities Haris Volos and Hidayat Teonadi CS739 – Distributed Systems.

Web Trust Boundaries and Security Vulnerabilities Haris Volos and Hidayat Teonadi CS739 – Distributed Systems.
 Copyright Wipro Technologies JSP Ver 1.0 Page 1 Talent Transformation Java Server Pages.

 Copyright Wipro Technologies JSP Ver 1.0 Page 1 Talent Transformation Java Server Pages.
EDUCAUSE Security Professionals Conference 2007 Monkey-in-the-Middle Attacks on Campus Networks Andrew J. KortySean KrulewitchIndiana University April.

EDUCAUSE Security Professionals Conference 2007 Monkey-in-the-Middle Attacks on Campus Networks Andrew J. KortySean KrulewitchIndiana University April.
Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.

Abhinn Kothari, 2009CS10172 Parth Jaiswal 2009CS10205 Group: 3 Supervisor : Huzur Saran.
Common Exploits Aaron Cure Cypress Data Defense. SQL Injection.

Common Exploits Aaron Cure Cypress Data Defense. SQL Injection.
Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.

Deeper Security Analysis of Web-based Identity Federation Apurva Kumar IBM Research – India.
WebGoat & WebScarab “What is computer security for $1000 Alex?”

WebGoat & WebScarab “What is computer security for $1000 Alex?”
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
Why Security Testing Is Hard by Herbert H. Thompson presented by Carlos Hernandez.

Why Security Testing Is Hard by Herbert H. Thompson presented by Carlos Hernandez.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
©2009 Justin C. Klein Keane PHP Code Auditing Session 6 Auditing Strategies & Demonstration Justin C. Klein Keane

©2009 Justin C. Klein Keane PHP Code Auditing Session 6 Auditing Strategies & Demonstration Justin C. Klein Keane
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.

The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Aaron Blankstein and Michael J. Freedman Princeton University Tuan Tran.

Aaron Blankstein and Michael J. Freedman Princeton University Tuan Tran.
Introduction to InfoSec – Recitation 10 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 10 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

W3af LUCA ALEXANDRA ADELA – MISS 1. w3af  Web Application Attack and Audit Framework  Secures web applications by finding and exploiting web application.

Similar presentations

Ads by Google