• Corpus ID: 16546853

Creating Attack- Aware Software Applications Real-Time Defenses

@inproceedings{Coates2011CreatingAA,
  title={Creating Attack- Aware Software Applications Real-Time Defenses},
  author={Michael Coates},
  year={2011}
}
Attack-aware software applications provide attack detection and real-time defensive response with a very low false-positive rate. This technique allows an application to detect and neutralize a threat before the attacker exploits a known or unknown vulnerability. The approach is especially suited to soft- ware applications with high information assurance requirements such as in the defense, critical national infrastructure, and financial service sectors to protect against cyber espionage, fraud… 

Tables from this paper

Application-Level Unsupervised Outlier-Based Intrusion Detection and Prevention
TLDR
This paper presents their approach to immune applications through application-level, unsupervised, outlier-based intrusion detection and prevention, which allows tracking application domain objects all along the processing lifecycle and defines features to be independent from the variable structure of method invocation parameters and returned values, while preserving security-relevant information.
Scalable and Reusable Attack Aware Software
TLDR
Modern software architecture technology, such as Spring Framework, and the new deployment paradigm of cloud computing infrastructure services can help with the challenge of maintaining software security systems.
Reducing software assurance risks for security-critical and safety-critical systems
  • C. Axelrod
  • Computer Science
    IEEE Long Island Systems, Applications and Technology (LISAT) Conference 2014
  • 2014
TLDR
There has to be a major overhaul in how software is developed, especially with respect to the requirements and testing phases of the SDLC (Software Development Lifecycle), and it is suggested that the current preventative approaches are inadequate and that greater reliance should be placed upon avoidance and deterrence.
Using Neural Network to Propose Solutions to Threats in Attack Patterns
TLDR
A tool based on Neural Network for proposing solutions in form of security patterns to threats in attack patterns matching attacking patterns is proposed and it is found that the neural network was able to match attack patterns to security patterns that can mitigate the threat in the attack pattern.
A Taxonomy of Approaches for Integrating Attack Awareness in Applications
TLDR
A taxonomy illustrating how existing attack awareness techniques can be integrated into applications is proposed, providing a guide for security researchers and developers, aiding them when choosing the approach which best fits the needs of their application.

References

SHOWING 1-10 OF 15 REFERENCES
Pentagon Seeks $500 Million for Cyber Technologies
  • Issue Submission Deadline: Oct
  • 2011
AppSensor Implementation Planning Workbook, OWASP
  • <http://www.owasp.org/index.php/File:Appsensor-planning.zip>
  • 2010
About the Open Web Application Security Project. <http://www.owasp.org/index.php/ About_OWASP> 2
  • The Open Web Application Security Project (OWASP)
  • 2008
Summer of Code
  • 2008
AppSensor - Detect and Respond to Attacks from Within the Application
  • v1.1, OWASP. Paperback,
  • 2000
<http://www.owasp.org/index.php/ Category:OWASP_Enterprise_Security_API> 12. OWASP. AppSensor Response Actions
  • <http://www.owasp.org/index.php/ Category:OWASP_Enterprise_Security_API> 12. OWASP. AppSensor Response Actions
AppSensor -Detect and Respond to Attacks from Within the Application, v1.1, OWASP. <https://www.owasp.org/images/2/2f/OWASP_AppSensor_Beta_1
  • AppSensor -Detect and Respond to Attacks from Within the Application, v1.1, OWASP. <https://www.owasp.org/images/2/2f/OWASP_AppSensor_Beta_1
AppSensor -Detect and Respond to Attacks from Within the Application, v1.1, OWASP. Paperback, 48 pages
AppSensor Detection Points
AppSensor Developer Guide
  • AppSensor Developer Guide
...
1
2
...