“Using Attack Injection to Discover New Vulnerabilities”
in Proceedings of the International Conference on Dependable Systems and Networks (DSN), Philadelphia, USA, June 2006., Jun. 2006.
Abstract: Due to our increasing reliance on computer systems, security incidents and their causes are important problems that need to be addressed. To contribute to this objective, the paper describes a new tool for the discovery of security vulnerabilities on network connected servers. The AJECT tool uses a speci?cation of the server?s communication protocol to automatically generate a large number of attacks accordingly to some prede?ned test classes. Then, while it performs these attacks through the network, it monitors the behavior of the server both from a client perspective and inside the target machine. The observation of an incorrect behavior indicates a successful attack and the potential existence of a vulnerability. To demonstrate the usefulness of this approach, a considerable number of experiments were carried out with several IMAP servers. The results show that AJECT can discover several kinds of vulnerabilities, including a previously unknown vulnerability.
Research line(s): Fault And Intrusion Tolerance in Open Distributed Systems (FIT)