Detection of logic flaws in multi-party business applications via security testing

Abstract : Multi-party business applications are distributed computer programs implementing collaborative business functions. These applications are one of the main target of attackers who exploit vulnerabilities in order to perform malicious activities. The most prevalent classes of vulnerabilities are the consequence of insufficient validation of the user-provided input. However, the less-known class of logic vulnerabilities recently attracted the attention of researcher. According to the availability of software documentation, two testing techniques can be used: design verification via model checking, and black-box security testing. However, the former offers no support to test real implementations and the latter lacks the sophistication to detect logic flaws. In this thesis, we present two novel security testing techniques to detect logic flaws in multi-party business applicatons that tackle the shortcomings of the existing techniques. First, we present the verification via model checking of two security protocols. We then address the challenge of extending the results of the model checker to automatically test protocol implementations. Second, we present a novel black-box security testing technique that combines model inference, extraction of workflow and data flow patterns, and an attack pattern-based test case generation algorithm. Finally, we discuss the application of the technique developed in this thesis in an industrial setting. We used these techniques to discover previously-unknown design errors in SAML SSO and OpenID protocols, and ten logic vulnerabilities in eCommerce applications allowing an attacker to pay less or shop for free.
Keywords : SSO Model checking
Document type :
Theses
Complete list of metadatas

https://pastel.archives-ouvertes.fr/tel-01194884
Contributor : Abes Star <>
Submitted on : Monday, September 7, 2015 - 5:17:21 PM
Last modification on : Friday, May 17, 2019 - 12:33:54 PM
Long-term archiving on : Wednesday, April 26, 2017 - 6:35:08 PM

File

ThesePellegrinoV2.pdf
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01194884, version 1

Citation

Giancarlo Pellegrino. Detection of logic flaws in multi-party business applications via security testing. Cryptography and Security [cs.CR]. Télécom ParisTech, 2013. English. ⟨NNT : 2013ENST0064⟩. ⟨tel-01194884⟩

Share

Metrics

Record views

372

Files downloads

916