Network Attack Injection.

      Аннотация: The increasing reliance on networked computer systems demands for high levels of dependability. Unfortunately, new threats and forms of attack are constantly emerging to exploit flaws in these systems, compromising their correctness. An intrusion in a network server may affect its users and have serious repercussions in other services, possibly leading to other security breaches that can be exploited by further attacks. Software testing is the first line of defense against these attacks because it can support the discovery and removal of vulnerabilities. However, searching for flaws is a difficult and error-prone task and has been known to miss the detection of critical vulnerabilities. This book presents a novel methodology for the discovery of vulnerabilities that systematically generates and injects attacks, while monitoring and analyzing the target system. Several innovative solutions related to this approach are covered, including ways to infer a specification of the protocol implemented by the server, the generation of a comprehensive set of attacks, the injection and monitoring of the target system, and the automatic analysis of results.

Ключевые слова: monitoring, network security, Network Servers, Vulnerabilities, Attack Injection, Protocol Reverse Engineering, Test case generation, Behavioral Inference