The goal of this project is to develop practical tools and an experimental
know-how in order to help increase user awareness in the area of Internet
security. Internet protocols and applications widely suffer from security
exposures due to programming errors or bugs exploited by hackers. Because
of the diversity of these errors, the security solutions to these problems
do not lend themselves to a systematic approach.
The project first aims at gaining a good understanding of known
exposures in selected areas: attacks on IP and TCP, exposures with
HTTP, web servers, and Java. Dynamic information and demonstration package
for each area including vulnerability test tools for well-known
attacks are designed and developed.
Internet Security Architecture.
Computer Networks & ISDN Systems Journal, 31, April 1999.
- Inventory and analysis of security exposures with Java, WWW and IP
- Vulnerability test tools for Java browsers and web servers
- Evaluation of network scanners: Nmap, Nessus, Satan
- Design and implementation of an enhanced network scanner. A network
scanning tool was developed that integrates modules from existing tools
and allows for incremental addition of protocol specific scanning
techniques as plug-ins. This tool also aims at stealth discovery.
- Evaluation of a commercial intrusion detection product.
Generation of malicious TCP/IP traffic from a high-level definition of
attack scenarios. A mixed graphical and textual tool was developed for the
design of new attack scenarios on TCP/IP. For each new input scenario,
the tool generates a traffic generating program. Malicious traffic
patterns can be used as software components.
- Deployment of public key infrastructures
- Firewall based Java filtering tool