Detecting Inter-Component Vulnerabilities in Event-based Systems
Journal Title: International Journal of Advanced Computer Science & Applications - Year 2019, Vol 10, Issue 7
Abstract
Event-based system (EBS) has become popular because of its high flexibility, scalability, and adaptability. These advantages are enabled by its communication mechanism—implicit invocation and implicit concurrency between components. The communication mechanism is based on non-determinism in event processing, which can introduce inherent security vulnerabilities into a system referred to as event attacks. Event attack is a particular type of attack that can abuse, incapacitate, and damage a target system by exploiting the system's event-based communication model. It is hard to prevent event attacks because they are administered in a way that does not differ from ordinary event-based communication in general. While a number of techniques have focused on security threats in EBS, they do not appropriately resolve the event attack issues or suffer from inaccuracy in detecting and preventing event attacks. To address the risk of event attacks, I present a novel vulnerability detection technique for EBSs that are implemented by using message-oriented middleware platform. My technique has been evaluated on 25 open-source benchmark apps and eight real-world EBSs. The evaluation exhibited my technique's higher accuracy in detecting vulnerabilities on event attacks than existing techniques as well as its applicability to real-world EBSs.
Authors and Affiliations
Youn Kyu Lee
Keywords
Related Articles
- EP ID EP611188
- DOI 10.14569/IJACSA.2019.0100704
- Views 67
- Downloads 0
Development and Role of Electronic Library in Information Technology Teaching in Bulgarian Schools*
The electronic library can be considered as an interactive information space. Its creation substantially supports the communication between the teachers and the student, as well as between the teachers and the parents. T...
Efficient Image Cipher using 2D Logistic Mapping and Singular Value Decomposition
The research paper proposes an efficient image cryptosystem that depends on the utilization of two dimensional (2D) chaotic logistic map (CLM) and singular value decomposition (SVD). The encryption process starts by a co...
Understanding Customer Voice of Project Portfolio Management Software
Project Portfolio Management (PPM) has gained success in many projects due to its large number of features that covers effective scheduling, risk management, collaboration, and third-party software integrations to mentio...
Ultrafast Scalable Embedded DCT Image Coding for Tele-immersive Delay-Sensitive Collaboration
A delay-sensitive, real-time, tele-immersive collaboration for the future requires much lower end-to-end delay (EED) for good synchronization than that for existing teleconference systems. Hence, the maximum EED must be...
Ethernet Based Remote Monitoring And Control Of Temperature By Using Rabbit Processor
Networking is a major component of the processes and control instrumentation systems as the network’s architecture solves many of the Industrial automation problems. There is a great deal of benefits in the process of in...