188documents trouvés
A clustering approach for web vulnerabilities detection
A.DESSIATNIKOFF, R.AKROUT, E.ALATA, M.KAANICHE, V.NICOMETTE
TSF
Manifestation avec acte : IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2011), Pasadena (USA), 12-14 Décembre 2011, pp.194-203 , N° 11343
Lien : http://hal.archives-ouvertes.fr/hal-00755212
Diffusable
Plus d'informations
Abstract
This paper presents a new algorithm aimed at the vulnerability assessment of web applications following a blackbox approach. The objective is to improve the detection efficiency of existing vulnerability scanners and to move a step forward toward the automation of this process. Our approach covers various types of vulnerabilities but this paper mainly focuses on SQL injections. The proposed algorithm is based on the automatic classification of the responses returned by the web servers using data clustering techniques and provides especially crafted inputs that lead to successful attacks when vulnerabilities are present. Experimental results on several vulnerable applications and comparative analysis with some existing tools confirm the effectiveness of our approach.
It all depends, and increasingly so
M.KAANICHE, AadVAN MOORSEL
TSF, Newcastle
Revue Scientifique : IEEE Security & Privacy, Vol.9, N°6, pp.56-57, Novembre 2011 , N° 11851
Diffusable
127087Modeling aircrafts operational reliability
K.TIASSOU, K.KANOUN, M.KAANICHE, C.SEGUIN, C.PAPADOPOULOS
TSF, ONERA, Airbus Op. Ltd
Manifestation avec acte : International Conference on Computer Safety, Reliability ans Security (SAFECOMP 2011), Naples (Italie), 19-22 Septembre 2011, pp.157-170 , N° 11199
Diffusable
125419Software dependability modeling using AADL (Architecture Analysis and Design Language)
A.E.RUGINA, K.KANOUN, M.KAANICHE
TSF, EADS-ASTRIUM Tlse
Revue Scientifique : International Journal of Performability Engineering, Vol.7, N°4, pp.313-325, Juillet 2011 , N° 11704
Diffusable
126179The HIDENETS holistic approach for the analysis of large critical mobile systems
A.BONDAVALLI, O.HAMOUDA, M.KAANICHE, P.LOLLINI, I.MAJZIK, H.P.SCHWEFEL
CNR-ISTI, TSF, BME Hungary, AAU
Revue Scientifique : IEEE Transactions on Mobile Computing, Vol.10, N°6, pp.783-796, Juin 2011 , N° 10558
Diffusable
124856RRABIDS: ruby on rails anomaly based intrusion detection system
R.LUDINARD, E.TOTEL, F.TRONEL, V.NICOMETTE, M.KAANICHE, E.ALATA, R.AKROUT, Y.BACHY
TSF, SUPELEC Rennes
Rapport LAAS N°11294, Juin 2011, 20p.
Diffusable
124794Operational reliability of an aircraft with adaptive missions
K.TIASSOU, K.KANOUN, M.KAANICHE, C.SEGUIN, C.PAPADOPOULOS
TSF, ONERA, Airbus Op. Ltd
Manifestation avec acte : European Workshop on Dependable Computing (EWDC 2011), Pise (Italie), 11-12 Mai 2011, 5p. , N° 11125
Diffusable
124567Identification de vulnérabilités et évaluation de systèmes de détection d'intrusion pour les applications web
R.AKROUT, M.KAANICHE, V.NICOMETTE
TSF
Manifestation avec acte : Congrès des Doctorants EDSYS 2011, Toulouse (France), 10-11 Mai 2011, 6p. , N° 11325
Diffusable
124824Modélisation de la fiabilité opérationnelle d'un avion
K.TIASSOU, K.KANOUN, C.SEGUIN, M.KAANICHE
ONERA, TSF
Manifestation avec acte : Congrès des Doctorants EDSYS 2011, Toulouse (France), 10-11 Mai 2011, 7p. , N° 11710
Diffusable
126197Set-up and deployment of a high-interaction honeypot: experiment and lessons learned
V.NICOMETTE, M.KAANICHE, E.ALATA, M.HERRB
TSF, 2I
Revue Scientifique : Journal in Computer Virology, Vol.7, N°2, pp.143-157, Mai 2011 , N° 09062
Lien : http://hal.archives-ouvertes.fr/hal-00762596
Diffusable
Plus d'informations
Abstract
This paper presents the lessons learned from an empirical analysis of attackers behaviours based on the deployment on the Internet of a high-interaction honeypot for more than one year. We focus in particular on the attacks performed via the SSH service and the activities performed by the attackers once they gain access to the system and try to progress in their intrusion. The first part of the paper describes: i) the global architecture of the honeypot and the mechanisms used to capture the implementation details so that we can observe attackers behaviours and ii) the details of the experiment itself (duration, data captured, overview of the attackers activity). The second part presents the results of the observation of the attackers. It includes: i) the description of the global attack process, constituted of two main steps, dictionary attacks and intrusions and ii) the detailed analysis of these two main steps.
Mots-Clés / Keywords
Security threats; Experimental analysis; Honeypots; Dictionary attack; Intrusion;