Vulnerability Discovery with Attack Injection

Abstract
The increasing reliance put on networked computer systems demands higher levels of dependability. This is even more relevant as new threats and forms of attack are constantly being revealed, compromising the security of systems. This paper addresses this problem by presenting an attack injection methodology for the automatic discovery of vulnerabilities in software components. The proposed methodology, implemented in AJECT, follows an approach similar to hackers and security analysts to discover vulnerabilities in network-connected servers. AJECT uses a specification of the servers communication protocol and predefined test case generation algorithms to automatically create a large number of attacks. Then, while it injects these attacks through the network, it monitors the execution of the server in the target system and the responses returned to the clients. The observation of an unexpected behavior suggests the presence of a vulnerability that was triggered by some particular attack (or group of attacks). This attack can then be used to reproduce the anomaly and to assist the removal of the error. To assess the usefulness of this approach, several attack injection campaigns were performed with 16 publicly available POP and IMAP servers. The results show that AJECT could effectively be used to locate vulnerabilities, even on well-known servers tested throughout the years.

Existing System
Software rejuvenation is meant to mitigate the effects of the phenomenon and impact of the software aging. While not being concerned with the actual cause of the aging effects (e.g., a memory leak or an unreleased file lock), software rejuvenation is very successful in proactively removing the effects of software aging by restarting or rebooting the system or part of it. However, after the system is rejuvenated, the vulnerabilities that caused or sped up the aging effects are typically not removed, and thus, the problem will eventually arise again.

Disadvantages
The typical process of manually searching for new vulnerabilities is often slow and tedious The component, failing to properly process the offending attack Server needs to handle after process of attacks

Proposed System
The project describes an attack injection methodology that can be used for vulnerability detection and removal. It mimics the behaviour of an adversary by injecting attacks against a target system while inspecting its execution to determine if any of the attacks has caused a failure. The observation of some abnormal behaviour indicates that an attack was successful in triggering an existing flaw. After the identification of the problem, traditional debugging techniques can be employed, for instance, by examining the applications control flow while processing the offending attacks, to locate the origin of the vulnerability and to proceed with its elimination.

Advantages
Continuously reinjecting all attacks without restarting the server Automatic Attack Identifying and blocking It blocks runtime itself

System Specification Hardware Requirements

Processor Ram Hard Disk Compact Disk Input device Output device : : : : : : Any Processor above 500 MHz 128Mb 10 Gb 650 Mb Standard Keyboard and Mouse VGA and High Resolution Monitor

Software Requirements
Operating System Language Data Bases Front End Server : : : : : Windows Family. J2EE (JSP, Servlets) Microsoft SQL Server or MySQL HTML, JSP Tomcat 5.5

Modules Client Attack Process

The Target System is composed by the target application and its execution environment, which includes the operating system, middleware libraries and hardware configuration. The target application is typically some service that can be invoked remotely from client programs (e.g., a mail or FTP server). In addition, it can also be a local daemon supporting a given task of the operating system. In both cases, the target application uses a well-known protocol to communicate with the clients, and these clients can carry out attacks by transmitting malicious packets. If the packets are not correctly processed, the target can suffer various kinds of errors with distinct consequences, ranging, for instance, from a slow down to a crash. The Target Protocol Specification component provides a graphical interface for the specification of the communication protocol used by the target application.

Attack Injector
The Attack Injector, or simply the Injector, is responsible for the generation and execution of the attacks, and for receiving the responses returned by the target. It also does some analysis on the information acquired during the attack, to determine if vulnerability was exposed. The main objective of the Monitor is to observe and gather data about the target system execution, which requires a careful synchronization with the Injector.

Network Server Monitor

The architecture was defined to achieve two main purposes, the automatic injection of attacks and the data collection for analysis. However, its design was done in such a way that there is a clear separation between the implementation of these two goals. On one hand, in order to obtain extensive information about the execution, a proximity relation between AJECT and the target is necessary. Therefore, the Monitor needs to run in the same machine as the target, where it can use the low level operating system functions to get, for example, statistics about the CPU and memory usage. On the other hand, the injection of attacks can usually be performed from a different machine. In fact this is a desirable situation, since it is convenient to maintain the target as independent as possible from the Injector, so that interference is kept to a minimal level.

System Flow Diagram