Recovering information from RIAs users access logs

从 RIA 用户访问日志中恢复信息

• 批准号: 490512-2015
• 负责人: Jourdan, GuyVincent
• 金额: $ 4.95万
• 依托单位: University of Ottawa
• 依托单位国家: 加拿大
• 项目类别: Collaborative Research and Development Grants
• 财政年份: 2017
• 资助国家: 加拿大
• 起止时间: 2017-01-01 至 2018-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=618819
• 关键词: Recovering; information; RIAs; users; access

Web applications, and in particular "Rich Internet Applications" (RIAs), which use advanced technologies such as JavaScript, AJAX, HTML5 etc., represent an increasingly large proportion of modern systems. Nowadays, most of the interactions we have with computers involve Web and Web applications. This tendency will increase moving forward as RIAs become increasingly mobile-friendly.For all their advantages, Web applications and RIAs are also notoriously plagued with security vulnerabilities, a problem that needs to be resolved as soon as possible. Companies such as IBM have developed a series of products and services centered on making Web applications more secure, and are now shifting their focus toward RIAs. However, these tools and services are currently limited in their ability to handle RIAs efficiently.In this research, we aim to contribute to RIAs security in two ways: first, we will mine existing usage (HTTP) logs of the application to infer a series of technical information about the application, and then use that information to automatically configure security scanners. This will allow the automatic detection of security vulnerabilities in RIAs. Second, still using HTTP logs but from a single user, we will automatically reconstruct that user session, a reconstruction that can be used by forensics investigators after a security incident has been reported; thus dramatically improving the accuracy of the investigation while significantly cutting down the time required to perform the investigation.

Web应用程序，尤其是使用JavaScript，Ajax，HTML5等的高级技术的“丰富的Internet应用程序”（RIA）代表了越来越大的现代系统。如今，我们与计算机的大多数交互都涉及Web和Web应用程序。随着RIA越来越友好的移动设备，这种趋势将提高前进。对于所有优点，Web应用程序和RIA都会受到安全漏洞的困扰，这一问题需要尽快解决这个问题。 IBM等公司开发了一系列以使Web应用程序更加安全为中心的产品和服务，现在将注意力转移到RIAS上。但是，这些工具和服务目前在其有效处理RIA的能力上受到限制。在这项研究中，我们旨在通过两种方式为RIAS安全做出贡献：首先，我们将挖掘应用程序的现有用法（HTTP）日志，以推断有关应用程序的一系列技术信息，然后使用该信息来自动配置安全扫描仪。这将允许自动检测RIAS中的安全漏洞。其次，仍然使用HTTP日志，但是从单个用户中，我们将自动重建该用户会话，该用户会话是在报告安全事件后可以由取证研究者使用的重建；因此，大大提高了调查的准确性，同时显着减少了进行调查所需的时间。