AsmLx-based intrusion-aware software systems

مرکز و کتابخانه مطالعات اسلامی به زبان های اروپایی

منو

" AsmLx-based intrusion-aware software systems "
Mohammad Feroz Raihan

Document Type	:	Latin Dissertation
Language of Document	:	English
Record Number	:	53983
Doc. No	:	TL23937
Call number	:	‭MR18796‬
Main Entry	:	Mohammad Feroz Raihan
Title & Author	:	AsmLx-based intrusion-aware software systems\ Mohammad Feroz Raihan
College	:	Queen's University (Canada)
Date	:	2006
Degree	:	M.Sc.
student score	:	2006
Page No	:	146
Abstract	:	As computer and network attacks are growing rapidly, the demand for developing secure software is increasing. The current trend is to develop the core functionalities of software based on the requirements expressed in some software specification languages. Security, one of the most important aspects of software, gets little attention during the software development life cycle (SDLC). Therefore, the software remains vulnerable to attacks, which are handled by issuing patches or service packs by the software vendor. However, handling security at later stages of the software life cycle results in a number of drawbacks such as redundant and conflicting requirements (e.g., usability vs. security) and higher cost for incorporating security with an existing design. Many research directions have been proposed regarding the unification and reconciliation of software engineering and security engineering principles in order to overcome those drawbacks. New frameworks for software development and the extensions of software process models and software specification languages are examples of such directions. In this work, we use a software specification language to model attack scenarios with a view to building secure software that is aware of potential attacks. We believe that the consideration of attacks during the SDLC results in early discovery of software vulnerabilities that are exploited by those attacks. Currently, attack languages are used for describing attack scenarios. However, using the same language for software specification and security specification minimizes the gap between software developers and security engineers. We present an extension of a popular specification language called AsmL for attack descriptions. We name the extended language AsmLx. AsmLx attack signatures are compiled to generate executable signature plugins. Moreover, we develop IDSpec, an intrusion detection system based on AsmLx attack specifications. IDSpec is tested based on the data sets provided by the MIT Lincoln Laboratory covering a wide range of attacks. Experimental results show the effectiveness of our approach in terms of attack detection coverage. The broader implication of this work is a common platform on which software engineers and security professionals can work together with a common goal: building secure software.
Subject	:	Applied sciences; Computer science; 0984:Computer science
Added Entry	:	Queen's University (Canada)