41documents trouvés
Secure architecture for information systems in avionics
M.LASTERA, E.ALATA, J.ARLAT, Y.DESWARTE, D.POWELL, B.LECONTE, C.SIMACHE
TSF, Airbus Operations, ALTRAN Sud Ouest
Manifestation avec acte : Embedded Real Time Software and Systems (ERTS2 2012), Toulouse (France), 1-3 Février 2012, 7p. , N° 12080
Diffusable
126684Observation et analyse d'attaques sur internet
I.STUDNIA, E.ALATA, M.KAANICHE, V.NICOMETTE
TSF
Rapport LAAS N°11660, Décembre 2011, 38p.
Diffusable
125964A clustering approach for web vulnerabilities detection
A.DESSIATNIKOFF, R.AKROUT, E.ALATA, M.KAANICHE, V.NICOMETTE
TSF
Manifestation avec acte : IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2011), Pasadena (USA), 12-14 Décembre 2011, pp.194-203 , N° 11343
Lien : http://hal.archives-ouvertes.fr/hal-00755212
Diffusable
Plus d'informations
Abstract
This paper presents a new algorithm aimed at the vulnerability assessment of web applications following a blackbox approach. The objective is to improve the detection efficiency of existing vulnerability scanners and to move a step forward toward the automation of this process. Our approach covers various types of vulnerabilities but this paper mainly focuses on SQL injections. The proposed algorithm is based on the automatic classification of the responses returned by the web servers using data clustering techniques and provides especially crafted inputs that lead to successful attacks when vulnerabilities are present. Experimental results on several vulnerable applications and comparative analysis with some existing tools confirm the effectiveness of our approach.
Characterization of hypervisors for security-enhanced avionics applications
M.LASTERA, E.ALATA, J.ARLAT, Y.DESWARTE, D.POWELL, B.LECONTE, C.SIMACHE
TSF, Airbus Operations
Manifestation avec acte : SAE AeroTech Congress & Exhibition 2011, Toulouse (France), 18-21 Octobre 2011, 6p. , N° 11382
Diffusable
126209Installation et description du démonstrateur
M.LASTERA, E.ALATA, J.ARLAT, Y.DESWARTE, D.POWELL, B.LECONTE, C.SIMACHE
TSF, Airbus Operations, ALTRAN Sud Ouest
Rapport de Contrat : IMAP, Octobre 2011, 12p. , N° 11530
Non diffusable
127083Développement des moyens de sécurisation de moyens mobiles
E.ALATA, M.LASTERA, J.ARLAT, Y.DESWARTE, D.POWELL
TSF
Rapport de Contrat : IMAP, Juin 2011 , N° 11303
Non diffusable
124882RRABIDS: ruby on rails anomaly based intrusion detection system
R.LUDINARD, E.TOTEL, F.TRONEL, V.NICOMETTE, M.KAANICHE, E.ALATA, R.AKROUT, Y.BACHY
TSF, SUPELEC Rennes
Rapport LAAS N°11294, Juin 2011, 20p.
Diffusable
124794Architecture sécurisée des systèmes d'information appliquée à l'avionique
M.LASTERA, J.ARLAT, E.ALATA
TSF
Manifestation avec acte : Congrès des Doctorants EDSYS 2011, Toulouse (France), 10-11 Mai 2011, 6p. , N° 11168
Diffusable
124826Evaluation des performances des hyperviseurs pour l'avionique
M.LASTERA, E.ALATA, J.ARLAT, Y.DESWARTE, B.LECONTE, D.POWELL
TSF, Airbus Operations
Manifestation sans acte : Journée Sécurité des Systèmes & Sureté des Logiciels (3SL), Saint Malo (France), 10 Mai 2011, 2p. , N° 11214
Diffusable
124529Set-up and deployment of a high-interaction honeypot: experiment and lessons learned
V.NICOMETTE, M.KAANICHE, E.ALATA, M.HERRB
TSF, 2I
Revue Scientifique : Journal in Computer Virology, Vol.7, N°2, pp.143-157, Mai 2011 , N° 09062
Lien : http://hal.archives-ouvertes.fr/hal-00762596
Diffusable
Plus d'informations
Abstract
This paper presents the lessons learned from an empirical analysis of attackers behaviours based on the deployment on the Internet of a high-interaction honeypot for more than one year. We focus in particular on the attacks performed via the SSH service and the activities performed by the attackers once they gain access to the system and try to progress in their intrusion. The first part of the paper describes: i) the global architecture of the honeypot and the mechanisms used to capture the implementation details so that we can observe attackers behaviours and ii) the details of the experiment itself (duration, data captured, overview of the attackers activity). The second part presents the results of the observation of the attackers. It includes: i) the description of the global attack process, constituted of two main steps, dictionary attacks and intrusions and ii) the detailed analysis of these two main steps.
Mots-Clés / Keywords
Security threats; Experimental analysis; Honeypots; Dictionary attack; Intrusion;