TY - GEN
T1 - Improving Penetration Testing Methodologies for Security-Based Risk Assessment
AU - Dawson, Joel
AU - Todd McDonald, J.
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2016/7/2
Y1 - 2016/7/2
N2 - The crisis of insecure software has resulted in a drastic increase in the frequency and impact of cyber attacks on businesses and individual users alike. The discipline of secure software engineering has evolved as a response to this trend, with the aim of producing software with fewer coding bugs or design flaws that result in exploitable vulnerabilities. However, secure software engineering is a young discipline, and many software artifacts in current use were created before, or in ignorance of, its development. Software practitioners would benefit greatly from a rigorous methodology for analyzing and validating software that has already entered its maintenance lifecycle. In this paper, we present a combined penetrating testing methodology that incorporates strengths of several existing approaches, with the goal to understand their utility and benefit for analyzing security of existing software programs. We exercise this methodology through a case study applied to a popular tool used by many network security practitioners: Wireshark. As a contribution, our study illustrates the benefits of a combined approach and outlines recommendations for a holistic method that will improve security-based risk assessment. Specifically, we show how application of rigorous test-driven threat modeling can produce better abuse cases, which can in turn be used to inform and more precisely define penetration testing activities.
AB - The crisis of insecure software has resulted in a drastic increase in the frequency and impact of cyber attacks on businesses and individual users alike. The discipline of secure software engineering has evolved as a response to this trend, with the aim of producing software with fewer coding bugs or design flaws that result in exploitable vulnerabilities. However, secure software engineering is a young discipline, and many software artifacts in current use were created before, or in ignorance of, its development. Software practitioners would benefit greatly from a rigorous methodology for analyzing and validating software that has already entered its maintenance lifecycle. In this paper, we present a combined penetrating testing methodology that incorporates strengths of several existing approaches, with the goal to understand their utility and benefit for analyzing security of existing software programs. We exercise this methodology through a case study applied to a popular tool used by many network security practitioners: Wireshark. As a contribution, our study illustrates the benefits of a combined approach and outlines recommendations for a holistic method that will improve security-based risk assessment. Specifically, we show how application of rigorous test-driven threat modeling can produce better abuse cases, which can in turn be used to inform and more precisely define penetration testing activities.
KW - Abuse cases
KW - Academic case studies
KW - Penetration testing
KW - Risk assessment
KW - Secure software engineering
UR - http://www.scopus.com/inward/record.url?scp=85022344253&partnerID=8YFLogxK
U2 - 10.1109/CYBERSEC.2016.016
DO - 10.1109/CYBERSEC.2016.016
M3 - Conference contribution
AN - SCOPUS:85022344253
T3 - Proceedings - 2016 Cybersecurity Symposium, CYBERSEC 2016
SP - 51
EP - 58
BT - Proceedings - 2016 Cybersecurity Symposium, CYBERSEC 2016
A2 - de Leon, Daniel Conte
A2 - Sarathchandra, Dilshani
A2 - Haltinner, Kristin
A2 - Chang, Kevin
A2 - Mercaldo, Francesco
A2 - Song, Jia
A2 - Haney, Michael
A2 - Alves-Foss, Jim
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 3rd Cybersecurity Symposium, CYBERSEC 2016
Y2 - 18 April 2016 through 20 April 2016
ER -