BlackWatch: Increasing Attack Awareness within Web Applications

Hall, Calum C.; Shepherd, Lynsay A.; Coull, Natalie

doi:10.3390/fi11020044

Cited by 5 publications

(5 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This could also help to identify if application frameworks provide useful artifacts, e.g., event or exception classes, that can be utilized for logging and monitoring purposes. This could complement related research on automatically modelling security incidents for logging [47] and application intrusion detection approaches to create attack-aware software applications [53], [26], [55].…”

Section: Discussionmentioning

confidence: 87%

Measuring Developers’ Web Security Awareness from Attack and Defense Perspectives

Şahin¹,

Unlu

Hebert³

et al. 2022

2022 IEEE Security and Privacy Workshops (SPW)

Self Cite

View full text Add to dashboard Cite

Web applications are the public-facing components of information systems, which makes them an easy entry point for various types of attacks. While it is often the responsibility of web developers to implement the proper security controls, it remains a challenge for them to develop a good understanding of the whole attack surface.This paper aims to understand the developers' familiarity with a number of web attack and defense mechanisms. In particular, we conduct two different experiments: First, we employ a questionnaire to understand the perceived attack surface and the types of security controls that are often considered. Second, we design a Capture the Flag challenge that aims to push the participants to discover as many attack points as possible on a given web application. Among several other observations, we find that one third of developers are not aware of the client's ability to intercept and modify all parts of an HTTP request. Moreover, developers' attack awareness focus on a limited set of attacks (such as Crosssite scripting and SQL injection), overlooking a large part of the attack surface.

show abstract

Section: Discussionmentioning

confidence: 87%

Measuring Developers’ Web Security Awareness from Attack and Defense Perspectives

Şahin¹,

Unlu

Hebert³

et al. 2022

2022 IEEE Security and Privacy Workshops (SPW)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Work by Kerschbaum et al [16] provides an example of code triggers usage to detect network-based attacks within the OpenBSD kernel, and application-specific attacks from within Sendmail. The AppSensor framework [31], and BlackWatch [11] are further examples which apply the code trigger variant.…”

Section: Related Workmentioning

confidence: 99%

“…Solutions like the AppSensor framework [31] and Black-Watch [11] rely on the hypothesis that an attacker can be detected by monitoring application-specific invariants (properties that must always hold while the application is executed).…”

Section: A Manual Integrationmentioning

confidence: 99%

“…It is the developers responsibility to put the security controls in place, however there is a chance that the placement is neglected due to a lack of priority or time spent on nonsecurity tasks, leading to areas of the application which are not covered. In the worst case, this approach will not be accepted by the developers as it can be seen as an additional effort which needs to be completed on top of others tasks [11] [34]. Due to this issue, integration approaches should utilize proven development techniques e.g.…”

Section: A Manual Integrationmentioning

confidence: 99%

See 1 more Smart Citation

A Taxonomy of Approaches for Integrating Attack Awareness in Applications

Unlu

Shepherd

Coull

et al. 2020

2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security)

Self Cite

View full text Add to dashboard Cite

Software applications are subject to an increasing number of attacks, resulting in data breaches and financial damage. Many solutions have been considered to help mitigate these attacks, such as the integration of attack-awareness techniques. In this paper, we propose a taxonomy illustrating how existing attack awareness techniques can be integrated into applications. This work provides a guide for security researchers and developers, aiding them when choosing the approach which best fits the needs of their application.

show abstract

“…Solutions like the AppSensor framework [31] and Black-Watch [11] rely on the hypothesis that an attacker or malicious behavior can be detected by knowing the 'normal' behavior of the target application, and by being able to monitor deviations from such behavior. Application developers are therefore ideal candidates to apply this integration approach as they have specified, designed and implemented the application, and know where to strategically place security controls.…”

Section: A Manual Integrationmentioning

confidence: 99%

A Taxonomy of Approaches for Integrating Attack Awareness in Applications

Ünlü,

Shepherd,

Coull

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

BlackWatch: Increasing Attack Awareness within Web Applications

Cited by 5 publications

References 12 publications

Measuring Developers’ Web Security Awareness from Attack and Defense Perspectives

Measuring Developers’ Web Security Awareness from Attack and Defense Perspectives

A Taxonomy of Approaches for Integrating Attack Awareness in Applications

A Taxonomy of Approaches for Integrating Attack Awareness in Applications

Contact Info

Product

Resources

About