-
AIM: Automated Input Set Minimization for Metamorphic Security Testing
Authors:
Nazanin Bayati Chaleshtari,
Yoann Marquer,
Fabrizio Pastore,
Lionel C. Briand
Abstract:
Although the security testing of Web systems can be automated by generating crafted inputs, solutions to automate the test oracle, i.e., distinguishing correct from incorrect outputs, remain preliminary. Specifically, previous work has demonstrated the potential of metamorphic testing; indeed, security failures can be determined by metamorphic relations that turn valid inputs into malicious inputs…
▽ More
Although the security testing of Web systems can be automated by generating crafted inputs, solutions to automate the test oracle, i.e., distinguishing correct from incorrect outputs, remain preliminary. Specifically, previous work has demonstrated the potential of metamorphic testing; indeed, security failures can be determined by metamorphic relations that turn valid inputs into malicious inputs. However, without further guidance, metamorphic relations are typically executed on a large set of inputs, which is time-consuming and thus makes metamorphic testing impractical.
We propose AIM, an approach that automatically selects inputs to reduce testing costs while preserving vulnerability detection capabilities. AIM includes a clustering-based black box approach, to identify similar inputs based on their security properties. It also relies on a novel genetic algorithm able to efficiently select diverse inputs while minimizing their total cost. Further, it contains a problem-reduction component to reduce the search space and speed up the minimization process. We evaluated the effectiveness of AIM on two well-known Web systems, Jenkins and Joomla, with documented vulnerabilities. We compared AIM's results with four baselines. Overall, AIM reduced metamorphic testing time by 84% for Jenkins and 82% for Joomla, while preserving vulnerability detection. Furthermore, AIM outperformed all the considered baselines regarding vulnerability coverage.
△ Less
Submitted 21 February, 2024; v1 submitted 16 February, 2024;
originally announced February 2024.
-
The TeamPlay Project: Analysing and Optimising Time, Energy, and Security for Cyber-Physical Systems
Authors:
Benjamin Rouxel,
Christopher Brown,
Emad Ebeid,
Kerstin Eder,
Heiko Falk,
Clemens Grelck,
Jesper Holst,
Shashank Jadhav,
Yoann Marquer,
Marcos Martinez De Alejandro,
Kris Nikov,
Ali Sahafi,
Ulrik Pagh Schultz Lundquist,
Adam Seewald,
Vangelis Vassalos,
Simon Wegener,
Olivier Zendra
Abstract:
Non-functional properties, such as energy, time, and security (ETS) are becoming increasingly important in Cyber-Physical Systems (CPS) programming. This article describes TeamPlay, a research project funded under the EU Horizon 2020 programme between January 2018 and June 2021. TeamPlay aimed to provide the system designer with a toolchain for develo** embedded applications where ETS properties…
▽ More
Non-functional properties, such as energy, time, and security (ETS) are becoming increasingly important in Cyber-Physical Systems (CPS) programming. This article describes TeamPlay, a research project funded under the EU Horizon 2020 programme between January 2018 and June 2021. TeamPlay aimed to provide the system designer with a toolchain for develo** embedded applications where ETS properties are first-class citizens, allowing the developer to reflect directly on energy, time and security properties at the source code level. In this paper we give an overview of the TeamPlay methodology, introduce the challenges and solutions of our approach and summarise the results achieved. Overall, applying our TeamPlay methodology led to an improvement of up to 18% performance and 52% energy usage over traditional approaches.
△ Less
Submitted 1 June, 2023;
originally announced June 2023.
-
A Hole in the Ladder: Interleaved Variables in Iterative Conditional Branching (Extended Version)
Authors:
Yoann Marquer,
Tania Richmond,
Pascal VĂ©ron
Abstract:
The iterative conditional branchings appear in various sensitive algorithms, like the modular exponentiation in the RSA cryptosystem or the scalar multiplication in ellipticcurve cryptography. In this paper, we abstract away the desirable security properties achieved by the Montgomery ladder, and formalize systems of equations necessary to obtain what we call the semi-interleaved and fully-interle…
▽ More
The iterative conditional branchings appear in various sensitive algorithms, like the modular exponentiation in the RSA cryptosystem or the scalar multiplication in ellipticcurve cryptography. In this paper, we abstract away the desirable security properties achieved by the Montgomery ladder, and formalize systems of equations necessary to obtain what we call the semi-interleaved and fully-interleaved ladder properties. This fruitful approach allows us to design novel fault-injection attacks, able to obtain some/all bits of the secret against different ladders, including the common Montgomery ladder. We also demonstrate the generality of our approach by applying the ladder equations to the modular exponentiation and the scalar multiplication, both in the semi-and fully-interleaved cases, thus proposing novel and more secure algorithms.
△ Less
Submitted 8 March, 2021;
originally announced March 2021.