Learn about MASC, an advanced tool designed for evaluating crypto-detectors, identifying crypto-API misuse, and enhancing software security.
Authors: Amit Seal Ami, Computer Science Department, William & Mary Williamsburg, Virginia, USA, and this author contributed equally to this paper ; Syed Yusuf Ahmed, Institute for Information Technology, University of Dhaka Dhaka, Bangladesh, and this author contributed equally to this paper ; Radowan Mahmud Redoy, Institute for Information Technology, University of Dhaka Dhaka, Bangladesh, and this author contributed equally to this paper ; Nathan Cooper, Computer Science Department,...
, we evaluated nine major crypto-detectors, and discovered 19 unique, undocumented flaws. We designed , it internally leveraged 12 generalizable, usage-based mutation operators to instantiate mutations of crypto-API misuse cases for Java. The mutation operators were designed based on the design principles of Java Cryptographic Architecture and a threat model that consisted of users of varying skills and intentions .
framework with focus on extensibility, ease of use, and maintainability to the stakeholders of crypto-detectors, such as security researchers, developers, and users. To elaborate, because of the newly developed plug-in architecture, ’s workflow automated by leveraging the de-facto SARIF formatted output of crypto-detectors. Furthermore, we have created a web-based front-end of
. With these additions and enhancements, we hope that the current, open-source implementation of can be used to evaluate crypto-detectors in an end-to-end automated workflow within the Main Scope. Customizable Evaluation of Crypto-detectors: A user can customize the evaluation of crypto-detectors by specifying the mutation operators for creating crypto-API misuse instances. Plug-in Architecture for Custom Operators:
framework, scripts and results of evaluating crypto-detectors, as described in the original paper , are available in the 3 Design Goals 3 Design Goals 4 Implementation of 6 Future Work and Conclusion, Acknowledgments, and References 6 Future Work and Conclusion, Acknowledgments, and References ABSTRACT While software engineers are optimistically adopting crypto-API misuse detectors in their software development cycles, this momentum must be accompanied by a rigorous understanding of crypto-detectors’ effectiveness at finding cryptoAPI misuses in practice.
Code: https://github.com/Secure-Platforms-Lab-W-M/ injects these mutated misuse cases in Java or Android-based apps at three mutation scopes , namely Similarity Scope , Exhaustive Scope , and its independently developed Main Scope, thus creating mutated applications that contain crypto-API misuse. We demonstrated the practicality of prototype implementation of
users can now create their own mutation operators that can be easily plugged into ’s implementation for the users to reduce the barrier to entry. Finally, we restructured and refactored the open-source codebase of will be used in finding flaws in, and thus helping to improve, existing crypto-detectors. Contribution : We present
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Syntax Error-Free and Generalizable Tool Use for LLMs: ToolDec Enables Generalizable Tool SelectionResearchers propose TOOLDEC, a finite-state machine-guided decoding for LLMs, reducing errors and improving tool use.
Read more »
Planet Of The Apes' Simian Flu Explained: Origin, Effects & MutationRobert Pitman is a Movies/TV features writer for ScreenRant and loves all things nerdy. He has had experience with editing and SEO in his time working at WVUA 90.7 FM, the University of Alabama&039;s official student radio station.
Read more »
FDA Chief Tells Senate Agency Is Preparing for Bird Flu MutationThe Food and Drug Administration (FDA) informed legislators on Wednesday that the agency is making preparatory measures in case the current avian flu is able to mutate and transmit to humans on a massive scale.
Read more »
TMNT Makes Permanent Change to Their Origin, As Donatello Causes Their MutationTMNT&39;s Donatello with an explosion of color behind him.
Read more »
Genetic mutation gives cats a 'salty liquorice' coat colourResearchers have discovered the gene variant responsible for a distinctive colour pattern seen in cats in Finland, named salmiak after a variety of liquorice
Read more »
Genetic mutation responsible for new coat pattern in cats in Finland identifiedA team of geneticists and animal welfare specialists from the U.K. and one from the U.S. has identified the genetic mutation responsible for a newly discovered cat coat color pattern in Finland. In their study, published in the journal Animal Genetics, the group sequenced the genomes of two of the cats.
Read more »