Design of a Secure Shield for Internet and Web-Based Services Using Software Reflection
作者: Ana R. Cavalli , Antonio M. Ortiz , Georges Ouffoué , Cesar A. Sanchez , Fatiha Zaïdi
DOI: 10.1007/978-3-319-94289-6_30
关键词:
摘要: This paper presents a new methodology using software reflection to prevent, detect, and mitigate internal attacks running Internet Web server. is very suitable design such systems as secure by default, that is, when designing the some parts are marked secured, any change/modification of these will be an unexpected behavior needs analyzed. If changes turn out attacks, then remediation techniques activated, in order guarantee system continue work even presence attack. In addition providing methodology, we show how this technique has been used basis develop real information system. Our experiments convincing argue for complex facilitate their protection, help prevent intrusions.
springer.com
sci-hub.st 参考文章(22)
Wim T.L.P. Lavrijsen, Pere Mato, Massimo Marino, Jacek Generowicz, Reflection-Based Python-C++ Bindings Lawrence Berkeley National Laboratory. ,(2004) , 10.5170/CERN-2005-002.441
S. Vinoski, A time for reflection [software reflection] IEEE Internet Computing. ,vol. 9, pp. 86- 89 ,(2005) , 10.1109/MIC.2005.3
Wei Wang, Xiangliang Zhang, Georgios Pitsilis, Abstracting audit data for lightweight intrusion detection international conference on information systems security. pp. 201- 215 ,(2010) , 10.1007/978-3-642-17714-9_15
Maryam Razavian, Antony Tang, Rafael Capilla, Patricia Lago, In two minds: how reflections influence software design thinking Journal of Software: Evolution and Process. ,vol. 28, pp. 394- 426 ,(2016) , 10.1002/SMR.1776
K. S. Trivedi, B. B. Madan, Security modeling and quantification of intrusion tolerant systems using attack-response graph Journal of High Speed Networks. ,vol. 13, pp. 297- 308 ,(2004) , 10.5555/1085412.1085416
Diomidis Spinellis, Reflection as a mechanism for software integrity verification ACM Transactions on Information and System Security. ,vol. 3, pp. 51- 62 ,(2000) , 10.1145/353323.353383
Frank Jose Affonso, Elisa Yumi Nakagawa, A Reference Architecture Based on Reflection for Self-Adaptive Software 2013 VII Brazilian Symposium on Software Components, Architectures and Reuse. pp. 129- 138 ,(2013) , 10.1109/SBCARS.2013.24
R. Guerraoui, A. Schiper, Software-based replication for fault tolerance IEEE Computer. ,vol. 30, pp. 68- 74 ,(1997) , 10.1109/2.585156
Marco Platania, Daniel Obenshain, Thomas Tantillo, Ricky Sharma, Yair Amir, Towards a Practical Survivable Intrusion Tolerant Replication System symposium on reliable distributed systems. pp. 242- 252 ,(2014) , 10.1109/SRDS.2014.16
Bachar Wehbi, Edgardo Montes de Oca, Michel Bourdelles, Events-Based Security Monitoring Using MMT Tool international conference on software testing verification and validation. pp. 860- 863 ,(2012) , 10.1109/ICST.2012.188