Automatic Discovery of Software Attacks via Backward Reasoning

2015 IEEE/ACM 1st International Workshop on Software Protection Pub Date : 2015-05-16 DOI:10.1109/SPRO.2015.17

C. Basile, D. Canavese, Jérôme d'Annoville, B. D. Sutter, Fulvio Valenza

{"title":"Automatic Discovery of Software Attacks via Backward Reasoning","authors":"C. Basile, D. Canavese, Jérôme d'Annoville, B. D. Sutter, Fulvio Valenza","doi":"10.1109/SPRO.2015.17","DOIUrl":null,"url":null,"abstract":"Security risk management and mitigation are two of the most important items on several companies' agendas. In this scenario, software attacks pose a major threat to the reliable execution of services, thus bringing negative effects on businesses. This paper presents a formal model that allows the identification of all the attacks against the assets embedded in a software application. Our approach can be used to perform the identification of the threats that loom over the assets and help to determine the potential countermeasures, that is the protections to deploy for mitigating the risks. The proposed model uses a Knowledge Base to represent the software assets, the steps that can be executed to mount an attack and their relationships. Inference rules permit the automatic discovery of attack step combinations towards the compromised assets that are discovered using a backward programming methodology. This approach is very usable as the attack discovery is fully automatic, once the Knowledge Base is populated with the information regarding the application to protect. In addition, it has been proven highly efficient and exhaustive.","PeriodicalId":338591,"journal":{"name":"2015 IEEE/ACM 1st International Workshop on Software Protection","volume":"100 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE/ACM 1st International Workshop on Software Protection","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPRO.2015.17","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 9

Abstract

Security risk management and mitigation are two of the most important items on several companies' agendas. In this scenario, software attacks pose a major threat to the reliable execution of services, thus bringing negative effects on businesses. This paper presents a formal model that allows the identification of all the attacks against the assets embedded in a software application. Our approach can be used to perform the identification of the threats that loom over the assets and help to determine the potential countermeasures, that is the protections to deploy for mitigating the risks. The proposed model uses a Knowledge Base to represent the software assets, the steps that can be executed to mount an attack and their relationships. Inference rules permit the automatic discovery of attack step combinations towards the compromised assets that are discovered using a backward programming methodology. This approach is very usable as the attack discovery is fully automatic, once the Knowledge Base is populated with the information regarding the application to protect. In addition, it has been proven highly efficient and exhaustive.

查看原文本刊更多论文

基于逆向推理的软件攻击自动发现

安全风险管理和缓解是许多公司议程上最重要的两个项目。在这种情况下，软件攻击对服务的可靠执行构成重大威胁，从而给业务带来负面影响。本文提出了一个正式的模型，该模型允许识别针对软件应用程序中嵌入的资产的所有攻击。我们的方法可用于识别笼罩资产的威胁，并帮助确定潜在的对策，即为减轻风险而部署的保护措施。建议的模型使用知识库来表示软件资产、可以执行的发起攻击的步骤以及它们之间的关系。推理规则允许自动发现针对使用反向编程方法发现的受损资产的攻击步骤组合。这种方法非常有用，因为一旦知识库中填充了与要保护的应用程序有关的信息，攻击发现就会完全自动化。此外，它已被证明是高效和详尽的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2015 IEEE/ACM 1st International Workshop on Software Protection

自引率

0.00%

发文量