Naaliel Mendes

Learn More
The injection of interface faults through API parameter corruption is a technique commonly used in experimental dependability evaluation. Although the interface faults injected by this approach can be considered as a possible consequence of actual software faults in real applications, the question of whether the typical exceptional inputs and invalid(More)
This paper presents an approach to assess security of Web servers. This method can be used to compare the security features of different Web servers installations and to determine how secure a given Web server configuration is. The assessment is done by applying a set of tests designed to check if the system under evaluation fulfils a set of security(More)
The security of software-based systems is one of the most difficult issues when accessing the suitability of systems to most application scenarios. However, security is very hard to evaluate and quantify, and there are no standard methods to benchmark the security of software systems. This work proposes a novel methodology for benchmarking the security of(More)
The impact of software faults present in components to the larger system is currently a relevant and still open research topic. Web-based applications are simultaneously a relevant type of system for our society and are typically exposed to many software components in the server side. The impact of faults in these components to the web servers is an(More)
This paper proposes a methodology and a tool to evaluate the security risk presented when using software components or systems. The risk is estimated based on known vulnerabilities existing on the software components. An automated tool is used to extract and aggregate information on vulnerabilities reported by users and available on public databases (e.g.,(More)
The AMBER Raw Data Repository is a repository of field data and raw results from resilience assessment experiments. Its goal is to grant both the research and IT industry communities with an infrastructure to gather, analyze and share field data resulting from resilience assessments of systems and services, stimulating a better coordination of high quality(More)
  • 1