An Overview of the Modern Methods of Security and Protection of Software Systems
- 10 Downloads
Security and protection of software resources are one of the most important issues in the IT industry since attackers’ actions become increasingly sophisticated and losses caused by cyberattacks are growing. Traditional methods of cyberattack prevention become inefficient; therefore, development of new methods and tools to secure software resources becomes of essential need. The studies that are based on formal methods with the use of modern algebraic theories are especially interesting and promising.
Keywordsalgebraic modeling behavior algebra cybersecurity insertion programming formal methods symbolic methods symbolic modeling vulnerability detection
Unable to display preview. Download preview PDF.
- 1.Cybercrime Magazine. URL: https://cybersecurityventures.com/.
- 2.Nwokedi Idika and Aditya P. Mathur, A Survey of Malware Detection Techniques, Department of Computer Science, Purdue University, West Lafayette, IN 47907 (2007).Google Scholar
- 3.Mohan V. Pawar and Anuradha J., “Network security and types of attacks in network,” ICCC-2015. URL: https://ac.els-cdn.com/S1877050915006353/1-s2.0-S1877050915006353-main.pdf?_tid=21866302-2e58-4f1e-88d0-7d3b9825e011&acdnat=1543497106_74f03131d7fc65a2469e9708a18cc54c.
- 4.Check Point Software Technologies Ltd., Software Blade Architecture. URL: https://ww.checkpoint.com/downloads/product-related/brochure/Software-Blades-Architecture.pdf.
- 5.DARPA, “Cyber Grand Challenge.” URL: https://www.cybergrandchallenge.com/.
- 6.S. K. Cha, T. Avgerinos, A. Rebert, and D. Brumley, “Unleashing Mayhem on binary code,” Proc. IEEE Symp. on Security and Privacy (2012), pp. 380–394.Google Scholar
- 8.Mechaphish Github Repository. URL: https://github.com/mechaphish/mecha-docs.
- 9.American Fuzzy Lop. URL: http://lcamtuf.coredump.cx/afl/.
- 10.B. Kolosnjaji, A. Zarras, G. Webster, and C. Eckert, “Deep learning for classification of malware system call sequence,” AI 2016: Advances in Artificial Intelligence, Proc. 29th Australasian Joint Conference, Hobart, TAS, Australia, December 5–8 (2016), pp. 137–149.Google Scholar
- 11.M. Cova, V. Felmetsger, and G. Banks, “Static detection of vulnerabilities in x86 executables,” 22nd Annual Computer Security Applications Conference (ACSAC’06) (2006). https://doi.org/10.1109/ACSAC.2006.50.
- 12.M. Mouzarani, B. Sadeghiyan, and M. Zolfaghari, “Detecting injection vulnerabilities in executable codes with concolic execution,” Proc. 8th IEEE Intern. Conf. on Software Engineering and Service Science (ICSESS) (2017). https://doi.org/10.1109/ICSESS.2017.8342862.
- 13.S. K. Cha, T. Avgerinos, A. Rebert, and D. Brumley, “Unleashing MAYHEM on binary code,” SP’12 Proc. IEEE Symp. on Security and Privacy (2012). https://doi.org/10.1109/SP.2012.31.
- 14.Z. Li, D. Zou, S. Xu, H. Jin, H. Qi, and J. Hu, “Vulpecker: An automated vulnerability detection system based on code similarity analysis,” Proc. 32nd Annual Conf. on Computer Security Applications, ACSAC’16 (2016), pp. 201–213.Google Scholar
- 15.H. Flake, “Structural comparison of executable objects,” Proc. IEEE Conf. on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) (2004), pp. 161–173.Google Scholar
- 17.J. Dodds, “Formal methods and the KRACK vulnerability,” Galois Inc. (2017). URL: https://galois.com/blog/2017/10/formal-methods-krack-vulnerability/.
- 18.J.-S. Coron, “Formal verification of side-channel countermeasures via elementary circuit transformations,” Proc. 16th Intern. Conf., ACNS 2018, Leuven, Belgium, July 2–4 (2018), pp. 65–82. URL: https://eprint.iacr.org/2017/879.pdf/.
- 19.S. Jha, O. Sheyner, and J. Wing, “Two formal analyses of attack graphs,” Proc. 15th IEEE Computer Security Foundations Workshop (2002). URL: https://ieeexplore.ieee.org/document/1021806.
- 20.K. Bhargavan et al., “Formal methods for analyzing crypto protocols: Using legacy crypto: From attacks to proofs,” URL: https://cyber.biu.ac.il/wp-content/uploads/2018/02/Biu-bhargavan-part1-slides.pdf.
- 21.V. Ferman, D. Hutter, and R. Monroy, “A model checker for the verification of browser based protocols,” Comp. y Sist. Vol. 21, No. 1 (2017). URL: http://www.scielo.org.mx/pdf/cys/v21n1/1405-5546-cys-21-01-00101.pdf.
- 22.M. Bugliesi, S. Calzavara, and R. Focardi, “Formal methods for web security,” Universitá Ca’ Foscari Venezia. URL: https://www.researchgate.net/publication/308004472_Formal_methods_for_Web_security.
- 23.L. Tobarra, D. Cazorla, F. Cuartero, and G. Diaz, “Application of formal methods to the analysis of web services security,” URL: https://www.semanticscholar.org/paper/Application-of-formal-methods-to-the-analysis-of-tobarra-cazorla/544d181da33da5439efcf49f31d50116355410d9.
- 24.D. Ray and J. Ligatti, “Defining injection attacks,” Technical Report #CSE-TR-081114, University of South Florida, Department of Computer Science and Engineering. URL: http://www.cse.usf.edu/~ligatti/papers/broniestr.pdf.
- 25.S. Calzavara, “Formal methods for web session security,” Universitá Ca’ Foscari Venezia, Dipartimento di Scienze Ambientali, Informatica e Statistica. URL: http://sysma.imtlucca.it/cina/lib/exe/fetch.php?media=calzavara.pdf.
- 26.C. Bansal, K. Bhargavan, A. Delignat-Lavaud, and S. Maffeis, “Keys to the cloud: Formal analysis and concrete attacks on encrypted web storage,” URL: http://antoine.delignat-lavaud.fr/doc/post13.pdf. URL: https://hal.inria.fr/hal-00863375/file/keys-to-the-cloud-post13.pdf/.
- 27.D. Gilbert and A. Letichevsky, “Model for interaction of agents and environments,” in: Bert D., Choppy C. (Eds.).Recent Trends in Algebraic Development Technique, Wadt 1999. LNCS, Vol. 1827, Springer-Verlag, Berlin–Heidelberg (2000), pp. 311–328.Google Scholar