Abstract
Event-based system (EBS) has become popular because of its high flexibility, scalability, and adaptability. These advantages are enabled by its communication mechanism—implicit invocation and implicit concurrency between components. The communication mechanism is based on non-determinism in event processing, which can introduce inherent security vulnerabilities into a system referred to as event attacks. Event attack is a particular type of attack that can abuse, incapacitate, and damage a target system by exploiting the system's event-based communication model. It is hard to prevent event attacks because they are administered in a way that does not differ from ordinary event-based communication in general. While a number of techniques have focused on security threats in EBS, they do not appropriately resolve the event attack issues or suffer from inaccuracy in detecting and preventing event attacks. To address the risk of event attacks, I present a novel vulnerability detection technique for EBSs that are implemented by using message-oriented middleware platform. My technique has been evaluated on 25 open-source benchmark apps and eight real-world EBSs. The evaluation exhibited my technique's higher accuracy in detecting vulnerabilities on event attacks than existing techniques as well as its applicability to real-world EBSs.
Highlights
Event-based systems (EBSs) implemented by using MOM platforms are widely used
Eos is used in the extraction phase to extract published event types (PET) and consumed event types (CET) from target EBS
While event-based communication model enables highly decoupled, scalable, and easy-to-evolve systems, the nondeterminism in event processing can be exploited by event attacks
Summary
Event-based systems (EBSs) implemented by using MOM platforms are widely used. They are implemented in various types of systems such as web apps or SOA-based systems by using different types of MOM platforms such as Prism-MW [1], Java Message Service [3], and Siena [10]. Existing vulnerable-flow analysis techniques do not support implicit invocation between components and are not scalable to analyzing systems comprising large numbers of components [6,7,12]. My solution statically inspects target EBS in order to identify security vulnerabilities that expose the system to event attacks It performs vulnerable-flow analysis and pattern matching on event communication channels between components. My technique is distinguished from prior works because (1) it detects potential risks of event attack in EBSs more accurately than existing techniques, (2) it supports multiple types of MOM platform, and (3) it enables a scalable analysis of EBSs comprising a large number of components and methods.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
