News
Next Seminar on 27.09.2023
Written on 23.09.2023 00:02 by Mang Zhao
Dear All,
The next seminar(s) take place on 27.09.2023 at 14:00 (Session A) and 14:00 (Session B).
Session A: (14:00-15:30)
Gleb Rostanin, Lennard Tworeck, Florian Romann
https://cispa-de.zoom.us/j/96786205841?pwd=M3FOQ3dSczRabDNLb3F1czVXVUpvdz09
Meeting-ID: 967 8620 5841
Kenncode: BT!u5=
Session B: (14:00-15:30)
Björn Karthein, Ahmad Hajy Omar, Moaz Airan
https://cispa-de.zoom-x.de/j/64797489563?pwd=MFliNGNpSWRoTEtmNC9HUkNVN2ZNUT09
Session A:
14:00 - 14:30
Speaker: Gleb Rostanin
Advisor: Nils Ole Tippenhauer
Research Area: RA3
No information is provided.
14:30 - 15:00
Speaker: Lennard Tworeck
Type of talk: Bachelor Intro
Advisor: Robert Künnemann, Kevin Morio
Title: A parser for the spthy protocol modeling language
Research Area: RA2
Abstract:
Security protocols ensure the confidentiality, integrity and authentication of transmitted data between two or more parties and are the basis of secure communication. Protocol verifiers like Tamarin, which is a tool for symbolic modeling and analysis of such protocols, have been developed to prove the correctness of those. It uses a security protocol model to specify the protocol, the environment and the security properties. These are specified in the so-called security protocol theory (spthy) file format, which has been developed for Tamarin.
In this thesis, we will create an independent parser that allows parsing such files for third party tools or Tamarin extensions. The goal is a flexible parser with few dependencies and bindings to different languages including Python, Go and Haskell. We use a parser generator to create the parser, which allows us to first define a grammar that accepts the syntax of spthy files. We then use that grammar as an input to the parser generator to create the parser.
The syntax of the file format is partially documented in the Tamarin manual, but there is no entire description of it. With this method, we do not just build a parser for spthy files, but also document its syntax.
We aim to create a reusable tool that allows for an easier development of Tamarin extensions.
15:00 - 15:30
Speaker: Florian Romann
Type of talk: Bachelor Intro
Advisor: Aleksei Stafeev, Giancarlo Pellegrino
Title: Time Travel Crawling: Measuring the impact of state changing actions
Research Area: RA5: Empirical and Behavioural Security
Abstract:
Automated Web vulnerability scanners are essential to achieve security at scale. However, before scanning a web application, it needs to be explored using a crawler component. By interacting with the web application, crawlers potentially irreversibly add, modify or delete content, thus not exploring the whole application.
In this thesis we present Time Travel Crawling, a crawling technique that manages the whole state of applications with the ability to revert arbitrary state changes, using virtual machine technology. We compare the impact of state changing actions, both quantitatively and qualitatively, by comparing depth- and breadth-first crawlers with their respective time traveling versions.
Session B:
14:00 - 14:30
Speaker: Björn Karthein
Type of talk: Master Intro
Advisors: Prof. Dr. Andreas Zeller, Dr. Cristian Staicu
Title: Exploring Input Invariants for Automated Testing of Web Forms
Research Area: RA5
Abstract:
Web applications are omnipresent in today's world. Web applications often rely heavily on user input to interact and get information from the end-user, which naturally creates a big attack surface. Thoroughly testing these possible attack points is crucial to finding potentially security relevant bugs. Most modern websites employ client-side validation to verify user inputs directly inside the browser. This improves responsiveness and accessibility of the website, but does not suffice as a security measure against malicious users. In this thesis we present an approach that fully automatically generates input values for any web form and tests the application. The client-side's source code is analysed and constraints on the form input values are extracted. The constraints are presented to the tester in a human-readable format and can easily be altered or extended with predefined templates. The solution uses these constraints to generate explicit input values that either adhere to the specification or purposely violate it. Lastly, the application's response is inspected and a report is generated that summarizes any interesting behavior.
14:30 - 15:00
Speaker: Ahmad Hajy Omar
Type of talk: Bachelor Final
Advisor: Dr. Cristian-Alexander Staicu, Dr. Dolière Francis Somé
Title: Analysis of Content Security Policy in different browsers settings, including Desktop and Mobile browsers.
Research Area: RA3
Abstract: Content Security Policy (CSP) serves as a critical security mechanism to thwart attacks such as cross-site scripting (XSS) and data injection. Using Playwright, a Node.js tool for browser automation, an examination was conducted across various browser settings, including desktop and mobile environments. The evaluation revealed inconsistencies in how browsers enforce CSP, highlighting potential security vulnerabilities. Emphasis was also placed on the significance of accurate CSP configuration and regular updates to guard against evolving threats. We delved deeper into how CSP enforcement is affected by variations in user agents and accept language headers. Specifically, it probes into how websites respond when presented with malformed or absent user agents, or unconventional accept language headers. Surprisingly, certain websites failed to correctly enforce CSP under these conditions, leading to possible security gaps. Another focal point was the potential for nonce duplication within CSP. By comparing nonce values between main pages and their sub-pages, the research discovered a possibility of nonce value repetition after two website visits, creating another security concern.
15:00 - 15:30
Speaker: Moaz Airan
Type of talk: Bachelor Intro
Advisor: Dr. Cristian-Alexandru Staicu
Title: Exploring User Data Protection Provided by Firefox-based Web Browsers
Research Area: RA3
Abstract: User sensitive data stored by browsers should be properly secured and protected from stealing attacks such as cross-site scripting (XSS) for stealing cookies and Man-in-the-Middle attack for stealing passwords. Browsers implement different security mechanisms and encryption algorithms to manage eliminating these types of attacks, where the attacker try to steal data from a running browser session on the victim machine, in other words the attacker is connected "online" to the victim. A different way to reach the sensitive data is if a malware was installed on the user machine. This opens a lot of possibilities to steal and manipulate the data "offline" directly from the victim machine bypassing most of the protection provided by browsers. This thesis explores different exploitations and methods that could lead to leaking sensitive data like passwords and session tokens. Focusing on Firefox-based browsers, we also examine how the user data gets stored and how these browsers interact with operating systems, in our case it's Windows.