Abstract
Security and protection of software resources are one of the most important issues in the IT industry since attackers’ actions become increasingly sophisticated and losses caused by cyberattacks are growing. Traditional methods of cyberattack prevention become inefficient; therefore, development of new methods and tools to secure software resources becomes of essential need. The studies that are based on formal methods with the use of modern algebraic theories are especially interesting and promising.
Article PDF
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Avoid common mistakes on your manuscript.
References
Cybercrime Magazine. URL: https://cybersecurityventures.com/.
Nwokedi Idika and Aditya P. Mathur, A Survey of Malware Detection Techniques, Department of Computer Science, Purdue University, West Lafayette, IN 47907 (2007).
Mohan V. Pawar and Anuradha J., “Network security and types of attacks in network,” ICCC-2015. URL: https://ac.els-cdn.com/S1877050915006353/1-s2.0-S1877050915006353-main.pdf?_tid=21866302-2e58-4f1e-88d0-7d3b9825e011&acdnat=1543497106_74f03131d7fc65a2469e9708a18cc54c.
Check Point Software Technologies Ltd., Software Blade Architecture. URL: https://ww.checkpoint.com/downloads/product-related/brochure/Software-Blades-Architecture.pdf.
DARPA, “Cyber Grand Challenge.” URL: https://www.cybergrandchallenge.com/.
S. K. Cha, T. Avgerinos, A. Rebert, and D. Brumley, “Unleashing Mayhem on binary code,” Proc. IEEE Symp. on Security and Privacy (2012), pp. 380–394.
A. Nguyen-Tuong, D. Melski, J. W. Davidson, M. Co, W. Hawkins, J. D. Hiser, D. Morris, D. Nguen, and E. Rizzi, “Xandra: An autonomous cyber battle system for the cyber grand challenge,” IEEE Security & Privacy, Vol. 16, No. 2, 42–53 (2008).
Mechaphish Github Repository. URL: https://github.com/mechaphish/mecha-docs.
American Fuzzy Lop. URL: http://lcamtuf.coredump.cx/afl/.
B. Kolosnjaji, A. Zarras, G. Webster, and C. Eckert, “Deep learning for classification of malware system call sequence,” AI 2016: Advances in Artificial Intelligence, Proc. 29th Australasian Joint Conference, Hobart, TAS, Australia, December 5–8 (2016), pp. 137–149.
M. Cova, V. Felmetsger, and G. Banks, “Static detection of vulnerabilities in x86 executables,” 22nd Annual Computer Security Applications Conference (ACSAC’06) (2006). https://doi.org/10.1109/ACSAC.2006.50.
M. Mouzarani, B. Sadeghiyan, and M. Zolfaghari, “Detecting injection vulnerabilities in executable codes with concolic execution,” Proc. 8th IEEE Intern. Conf. on Software Engineering and Service Science (ICSESS) (2017). https://doi.org/10.1109/ICSESS.2017.8342862.
S. K. Cha, T. Avgerinos, A. Rebert, and D. Brumley, “Unleashing MAYHEM on binary code,” SP’12 Proc. IEEE Symp. on Security and Privacy (2012). https://doi.org/10.1109/SP.2012.31.
Z. Li, D. Zou, S. Xu, H. Jin, H. Qi, and J. Hu, “Vulpecker: An automated vulnerability detection system based on code similarity analysis,” Proc. 32nd Annual Conf. on Computer Security Applications, ACSAC’16 (2016), pp. 201–213.
H. Flake, “Structural comparison of executable objects,” Proc. IEEE Conf. on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA) (2004), pp. 161–173.
G. Lee, “How to formally model features of network security protocols,” Intern. J. of Security and Its Applications, Vol. 8, No. 1, 423–432 (2014). URL: formal.hknu.ac.kr/Publi/ijsia.pdf.
J. Dodds, “Formal methods and the KRACK vulnerability,” Galois Inc. (2017). URL: https://galois.com/blog/2017/10/formal-methods-krack-vulnerability/.
J.-S. Coron, “Formal verification of side-channel countermeasures via elementary circuit transformations,” Proc. 16th Intern. Conf., ACNS 2018, Leuven, Belgium, July 2–4 (2018), pp. 65–82. URL: https://eprint.iacr.org/2017/879.pdf/.
S. Jha, O. Sheyner, and J. Wing, “Two formal analyses of attack graphs,” Proc. 15th IEEE Computer Security Foundations Workshop (2002). URL: https://ieeexplore.ieee.org/document/1021806.
K. Bhargavan et al., “Formal methods for analyzing crypto protocols: Using legacy crypto: From attacks to proofs,” URL: https://cyber.biu.ac.il/wp-content/uploads/2018/02/Biu-bhargavan-part1-slides.pdf.
V. Ferman, D. Hutter, and R. Monroy, “A model checker for the verification of browser based protocols,” Comp. y Sist. Vol. 21, No. 1 (2017). URL: http://www.scielo.org.mx/pdf/cys/v21n1/1405-5546-cys-21-01-00101.pdf.
M. Bugliesi, S. Calzavara, and R. Focardi, “Formal methods for web security,” Universitá Ca’ Foscari Venezia. URL: https://www.researchgate.net/publication/308004472_Formal_methods_for_Web_security.
L. Tobarra, D. Cazorla, F. Cuartero, and G. Diaz, “Application of formal methods to the analysis of web services security,” URL: https://www.semanticscholar.org/paper/Application-of-formal-methods-to-the-analysis-of-tobarra-cazorla/544d181da33da5439efcf49f31d50116355410d9.
D. Ray and J. Ligatti, “Defining injection attacks,” Technical Report #CSE-TR-081114, University of South Florida, Department of Computer Science and Engineering. URL: http://www.cse.usf.edu/~ligatti/papers/broniestr.pdf.
S. Calzavara, “Formal methods for web session security,” Universitá Ca’ Foscari Venezia, Dipartimento di Scienze Ambientali, Informatica e Statistica. URL: http://sysma.imtlucca.it/cina/lib/exe/fetch.php?media=calzavara.pdf.
C. Bansal, K. Bhargavan, A. Delignat-Lavaud, and S. Maffeis, “Keys to the cloud: Formal analysis and concrete attacks on encrypted web storage,” URL: http://antoine.delignat-lavaud.fr/doc/post13.pdf. URL: https://hal.inria.fr/hal-00863375/file/keys-to-the-cloud-post13.pdf/.
D. Gilbert and A. Letichevsky, “Model for interaction of agents and environments,” in: Bert D., Choppy C. (Eds.).Recent Trends in Algebraic Development Technique, Wadt 1999. LNCS, Vol. 1827, Springer-Verlag, Berlin–Heidelberg (2000), pp. 311–328.
A. Letichevsky, O. Letychevskyi, and V. Peschanenko, “Insertion modeling and its applications,” Computer Sci. J. of Moldova, Vol. 24, Issue 3, 357–370 (2016).
Author information
Authors and Affiliations
Corresponding author
Additional information
Translated from Kibernetika i Sistemnyi Analiz, No. 5, September–October, 2019, pp. 156–169.
Rights and permissions
About this article
Cite this article
Letychevskyi, O.O., Peschanenko, V.S., Hryniuk, Y.V. et al. An Overview of the Modern Methods of Security and Protection of Software Systems. Cybern Syst Anal 55, 840–850 (2019). https://doi.org/10.1007/s10559-019-00194-9
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10559-019-00194-9