Next Seminar on 15.02.2023
Written on 10.02.2023 15:58 by Niklas Medinger
The next seminar(s) take place on 15.02.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-14:30)
Meeting-ID: 967 8620 5841
Session B: (14:00-15:30)
Daniel Berresheim, Osama Altamar, Kristian Metzler
Meeting-ID: 990 2598 9421
14:00 - 14:30
Speaker: Tim Recktenwald
Type of talk: Bachelor Final
Advisor: Dr. Giancarlo Pellegrino
Title: Chikara: Combining Web Application Crawling With Forced Execution
Research Area: 5
Abstract: The modern web continues to evolve in a rapid pace, with web applications becoming ever-more-complex pieces of software. While users are relying on online services on a daily basis, their scale makes them increasingly prone to security vulnerabilities. Due to their automated vulnerability detection capabilities, web application scanners hence play an important part in keeping up with this development. These tools are, however, strongly dependent on the effectiveness of their crawling component.
At the same time, prior research works have showcased the successful application of forced execution, a dynamic code analysis technique, to related areas of web security. Yet, the integration of forced execution into web crawling has not been studied thus far. Motivated by this, we design and implement Chikara, a novel web application crawler that selectively applies forced execution analysis to guide its exploration process. Based on its development, we identify the collection of event handler code as one of the underlying key challenges of our approach.
Moreover, we evaluate the impact of our forced execution strategy by comparing Chikara’s code and URL coverage to the state-of-the-art scanner Black Widow. According to our measurements, we find that Chikara mostly exhibits a lower total coverage than its competitors. Nevertheless, the code coverage reports show that our forced execution approach discovers a small set of server-side code branches missed by the other crawlers. Our analysis reveals that the code snippets are partly related to error handling functionality. With these findings, we address a former research gap in web application crawling and lay the foundation for future work involving forced execution.
14:00 - 14:30
Speaker: Daniel Berresheim
Type of talk: Bachelor Intro
Advisor: Dr. Nils Ole Tippenhauer
Title: Protecting Motor Control Firmware against Manipulation
Research Area: RA3
Abstract: The firmware used to control vehicles is becoming increasingly complex, as devices are connected to the internet through Wi-Fi, Bluetooth, or peripherals and can receive firmware updates. This creates various new opportunities for attackers to compromise these devices. Furthermore, those physical devices can even become the target of the hardware owners themselves, which aim to tune their vehicle to exceed the legal speed limit enforced by the firmware. With so many components that need to be individually protected, it becomes important to implement security measures that ensure safety even if an attacker successfully breaches the security of the OS or Kernel.
We investigate whether Trusted Execution Environments (TEEs) can be used to protect motor control code in the presence of parallel running attacker code. We focus on analyzing the feasibility of detecting manipulation and whether it is possible to guarantee that the system can terminate its operation in a safe state in response to these manipulations. Additionally, we discuss a proof-of-concept implementation of motor control code and monitoring code protected by ARM Trustzone.
14:30 - 15:00
Speaker: Osama Altamar
Dynamic analysis of chrome extensions is crucial for evaluating the security of these
software programs as it analyzes their behavior during runtime. This method enhances
the effectiveness of static analysis by detecting malicious behavior and vulnerabilities that
may not be immediately apparent.This presentation highlights the importance dynamic
analysis in evaluating the security of chrome extensions.
I will also outline my methodology for implementing the dynamic analysis tool, which
involves injecting code into the extension components to collect data which will be
analyzed to identify potential vulnerabilities or malicious behavior. The tool will allow
for a comprehensive evaluation of the extension’s security, including Universal XSS
vulnerabilities, and its behavior under different conditions. The main steps involved in
dynamic analysis are acquiring the extension, setting up the environment, analyzing the
code, executing the code, and finally, analyzing the results.
15:00 - 15:30
Speaker: Kristian Metzler
Title: Swapping Coins Privately
Type: Bachelor intro
You may have used or heard of atomic swaps if you have ever used cryptocurrencies. These protocols, as the name implies, are used to exchange coins, typically between two different blockchains,
without the use of a centralized intermediary (with full control of the coins). As a result, atomic swaps have become extremely important in the world of cryptocurrencies.
Even though they are extremely valuable, they are not without flaws. The majority of atomic swap protocols can only be used with blockchains that support scripts or contracts.
They also do not guarantee privacy. Sweep-UC was created to address these shortcomings. It is a novel protocol that allows coins to be exchanged between ledgers in a fair and private manner
without the use of special scripts or contracts.
The goal of this work would be to implement this protocol and then evaluate its practicability and performance using that implementation.