| Type of Document |
Master's Thesis |
| Author |
Gegick, Michael , |
| Author's Email Address |
mcgegick@ncsu.edu |
| URN |
etd-08202004-171053 |
| Title |
Analyzing Security Attacks to Generate Signatures from Vulnerable Architectural Patterns |
| Degree |
Master of Science |
| Graduate Program |
Computer Science |
| Advisory Committee |
| Advisor Name |
Title |
| Dr. Laurie Williams |
Committee Chair |
| Dr. Annie Anton |
Committee Member |
| Dr. Julie Earp |
Committee Member |
|
| Keywords |
- Security
- system design
- regular expressions
|
| Date of Defense |
2004-07-27 |
| Availability |
unrestricted |
Abstract
Current techniques for software security vulnerability identification include the use of abstract, graph-based models to represent information about an attack. These models can be in the form of attack trees or attack nets and can be accompanied with a supporting text-based profile. Matching the abstract models to specific system architectures for effective vulnerability identification can be a challenging process. This thesis suggests that abstract regular expressions can be used to represent events of known attacks for the identification of security vulnerabilities in future applications. The process of matching the events in the regular expression to a sequence of components in a system design may facilitate the means of identifying vulnerabilities. Performing the approach in the design phase of a software process encourages security to be integrated early into a software application. Students in an undergraduate security course demonstrated a strong ability to accurately match regular expressions to a system design. The identification of vulnerabilities is limited to known attacks of other systems and does not offer descriptions of what new attacks are possible to a future application. Extending the approach to incorporate new attacks is an avenue of future work.
|
| Files |
| Filename |
Size |
Approximate Download Time
(Hours:Minutes:Seconds)
|
| 28.8 Modem |
56K Modem |
ISDN (64 Kb) |
ISDN (128 Kb) |
Higher-speed Access |
| |
etd.pdf |
1.62 Mb |
00:07:29 |
00:03:51 |
00:03:22 |
00:01:41 |
00:00:08 |
|
