SETC: A Vulnerability Telemetry Collection Framework

• URL: http://arxiv.org/abs/2406.05942v1
• Date: Mon, 10 Jun 2024 00:13:35 GMT
• Title: SETC: A Vulnerability Telemetry Collection Framework
• Authors: Ryan Holeman, John Hastings, Varghese Mathew Vaidyan,
• Abstract summary: This paper introduces the Security Exploit Telemetry Collection (SETC) framework. SETC generates reproducible vulnerability exploit data at scale for robust defensive security research. This research enables scalable exploit data generation to drive innovations in threat modeling, detection methods, analysis techniques, and strategies.
• Score: 0.0
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: As emerging software vulnerabilities continuously threaten enterprises and Internet services, there is a critical need for improved security research capabilities. This paper introduces the Security Exploit Telemetry Collection (SETC) framework - an automated framework to generate reproducible vulnerability exploit data at scale for robust defensive security research. SETC deploys configurable environments to execute and record rich telemetry of vulnerability exploits within isolated containers. Exploits, vulnerable services, monitoring tools, and logging pipelines are defined via modular JSON configurations and deployed on demand. Compared to current manual processes, SETC enables automated, customizable, and repeatable vulnerability testing to produce diverse security telemetry. This research enables scalable exploit data generation to drive innovations in threat modeling, detection methods, analysis techniques, and remediation strategies. The capabilities of the framework are demonstrated through an example scenario. By addressing key barriers in security data generation, SETC represents a valuable platform to support impactful vulnerability and defensive security research.

Related papers

• Physical and Software Based Fault Injection Attacks Against TEEs in Mobile Devices: A Systemisation of Knowledge [5.6064476854380825]
  Trusted Execution Environments (TEEs) are critical components of modern secure computing. They provide isolated zones in processors to safeguard sensitive data and execute secure operations. Despite their importance, TEEs are increasingly vulnerable to fault injection (FI) attacks.
  arXiv  Detail & Related papers  (2024-11-22T11:59:44Z)
• Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
  We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC) ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic. We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
  arXiv  Detail & Related papers  (2024-11-21T18:26:05Z)
• CRepair: CVAE-based Automatic Vulnerability Repair Technology [1.147605955490786]
  Software vulnerabilities pose significant threats to the integrity, security, and reliability of modern software and its application data. To address the challenges of vulnerability repair, researchers have proposed various solutions, with learning-based automatic vulnerability repair techniques gaining widespread attention. This paper proposes CRepair, a CVAE-based automatic vulnerability repair technology aimed at fixing security vulnerabilities in system code.
  arXiv  Detail & Related papers  (2024-11-08T12:55:04Z)
• Static Detection of Filesystem Vulnerabilities in Android Systems [18.472695251551176]
  We present PathSentinel, which overcomes the limitations of previous techniques by combining static program analysis and access control policy analysis. By unifying program and access control policy analysis, PathSentinel identifies attack surfaces accurately and prunes many impractical attacks. To streamline vulnerability validation, PathSentinel leverages large language models (LLMs) to generate targeted exploit code.
  arXiv  Detail & Related papers  (2024-07-15T23:10:52Z)
• Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
  We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
  arXiv  Detail & Related papers  (2024-05-03T07:18:45Z)
• A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
  The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure. This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus. We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
  arXiv  Detail & Related papers  (2024-01-19T14:52:04Z)
• Ensemble Defense System: A Hybrid IDS Approach for Effective Cyber Threat Detection [0.0]
  An Ensemble Defense System (EDS) is a cybersecurity framework aggregating multiple security tools to monitor and alert an organization during cyber attacks. The proposed EDS leverages a comprehensive range of Intrusion Detection System (IDS) capabilities by introducing a hybrid of signature-based IDS and anomaly-based IDS tools. The effectiveness of the EDS is evaluated through a payload from a bash script that executes various attacks, including port scanning, privilege escalation, and Denial-of-Service (DoS)
  arXiv  Detail & Related papers  (2024-01-07T14:07:00Z)
• HW-V2W-Map: Hardware Vulnerability to Weakness Mapping Framework for Root Cause Analysis with GPT-assisted Mitigation Suggestion [3.847218857469107]
  We presentHW-V2W-Map Framework, which is a Machine Learning (ML) framework focusing on hardware vulnerabilities and Internet of Things (IoT) security. The architecture that we have proposed incorporates an Ontology-driven Storytelling framework, which automates the process of updating the Ontology. Our proposed framework utilized Generative Pre-trained Transformer (GPT) Large Language Models (LLMs) to provide mitigation suggestions.
  arXiv  Detail & Related papers  (2023-12-21T02:14:41Z)
• Leveraging Traceability to Integrate Safety Analysis Artifacts into the Software Development Process [51.42800587382228]
  Safety assurance cases (SACs) can be challenging to maintain during system evolution. We propose a solution that leverages software traceability to connect relevant system artifacts to safety analysis models. We elicit design rationales for system changes to help safety stakeholders analyze the impact of system changes on safety.
  arXiv  Detail & Related papers  (2023-07-14T16:03:27Z)
• Dataset Security for Machine Learning: Data Poisoning, Backdoor Attacks, and Defenses [150.64470864162556]
  This work systematically categorizes and discusses a wide range of dataset vulnerabilities and exploits. In addition to describing various poisoning and backdoor threat models and the relationships among them, we develop their unified taxonomy.
  arXiv  Detail & Related papers  (2020-12-18T22:38:47Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.