research-article

Availability state transition model

Authors:

Shalini Chandra,

Raees Ahmad KhanAuthors Info & Claims

ACM SIGSOFT Software Engineering Notes, Volume 36, Issue 3

Pages 1 - 3

https://doi.org/10.1145/1968587.1968603

Published: 05 May 2011 Publication History

Get Access

Abstract

Several security mechanisms such as digital signature, timestamp audits and trails, encryption, throttling, filtering, protect secrets etc. are available. These security mechanisms are not completely able to stop malicious attacks. For malicious hackers and attackers it is comparatively easy to exploit security loopholes at the user's end side. Behind such type of problem the main reason is bad software design and its implementation without proper risk analysis and mitigation. So, an idea to model availability states an Availability State Transition Model (ASTM) has been proposed in this article. In ASTM methodology, only design level details is required which can be easily retrieved from the software's design.

References

[1]

Vineet Kumar Maurya, Santhosh Babu G, Jangam Ebenezer, Muni Sekhar V, Asoke K Talukder, Alwyn Roshan Pais, "Suraksha: A Security Designers' Workbench", presented in Hack.in 2009, IIT Kanpur, India, 17-19 March 2009.

Google Scholar

[2]

Asoke K Talukder, Vineet Kumar Maurya, Santhosh Babu G, Jangam Ebenezer, Muni Sekhar V, Jevitha K P, Saurabh Samanta, Alwyn Roshan Pais, "Security-aware Software Development Life Cycle (SaSDLC) -- Processes and Tools", presented in WOCN 2009, Cairo, Egypt, 28-30 April 2009.

Digital Library

Google Scholar

[3]

Bharat B. Madan, Katerina Goseva-Popstojanova, Kalyanaraman Vaidyanathan and Kishor S. Trivedi "Modeling and Quantification of Security Attributes of Software Systems", Proceedings of the International Conference on Dependable Systems and Networks (DSN'02), IEEE, 2002, pp: 505--514.

Digital Library

Google Scholar

Cited By

View all

Gupta SGupta BChaudhary P(2020)Designing a XSS Defensive Framework for Web Servers Deployed in the Existing Smart City InfrastructureJournal of Organizational and End User Computing10.4018/JOEUC.202010010532:4(85-111)Online publication date: 1-Oct-2020
https://dl.acm.org/doi/10.4018/JOEUC.2020100105
(2019)SPHERESInternational Journal of Information and Computer Security10.5555/3302723.330272611:1(33-60)Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.5555/3302723.3302726
Chaudhary PGupta SGupta B(2018)Auditing Defense Against XSS Worms in Online Social Network-Based Web ApplicationsApplication Development and Design10.4018/978-1-5225-3422-8.ch038(879-909)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-3422-8.ch038
Show More Cited By

Recommendations

A Survey on XSS Attack Detection and Prevention in Web Applications
ICMLC '20: Proceedings of the 2020 12th International Conference on Machine Learning and Computing

With the popularity of web technology, web applications become more increasingly vulnerable and are exposed to malicious attacks. Cross Site Scripting(XSS) is a typical attack in web applications. When a vulnerability is exploited, an attacker may ...
Detecting Blind Cross-Site Scripting Attacks Using Machine Learning
SPML '18: Proceedings of the 2018 International Conference on Signal Processing and Machine Learning

Cross-site scripting (XSS) is a scripting attack targeting web applications by injecting malicious scripts into web pages. Blind XSS is a subset of stored XSS, where an attacker blindly deploys malicious payloads in web pages that are stored in a ...
Unified threat model for analyzing and evaluating software threats

Design-level vulnerabilities are a major source of security problems in software programs. For the purpose of improving the trustworthiness of software designs, this paper presents a unified threat model for representing, analyzing, and evaluating ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGSOFT Software Engineering Notes

ACM SIGSOFT Software Engineering Notes Volume 36, Issue 3

May 2011

89 pages

ISSN:0163-5948

DOI:10.1145/1968587

Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 May 2011

Published in SIGSOFT Volume 36, Issue 3

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
116
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Gupta SGupta BChaudhary P(2020)Designing a XSS Defensive Framework for Web Servers Deployed in the Existing Smart City InfrastructureJournal of Organizational and End User Computing10.4018/JOEUC.202010010532:4(85-111)Online publication date: 1-Oct-2020
https://dl.acm.org/doi/10.4018/JOEUC.2020100105
(2019)SPHERESInternational Journal of Information and Computer Security10.5555/3302723.330272611:1(33-60)Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.5555/3302723.3302726
Chaudhary PGupta SGupta B(2018)Auditing Defense Against XSS Worms in Online Social Network-Based Web ApplicationsApplication Development and Design10.4018/978-1-5225-3422-8.ch038(879-909)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-3422-8.ch038
Gupta BGupta SChaudhary P(2018)Enhancing the Browser-Side Context-Aware Sanitization of Suspicious HTML5 Code for Halting the DOM-Based XSS Vulnerabilities in CloudApplication Development and Design10.4018/978-1-5225-3422-8.ch009(216-247)Online publication date: 2018
https://doi.org/10.4018/978-1-5225-3422-8.ch009
(2018)RAJIVEInternational Journal of Innovative Computing and Applications10.1504/IJICA.2018.0908229:1(13-36)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1504/IJICA.2018.090822
O.S. JMary Saira Bhanu S(2018)A Survey on Code Injection Attacks in Mobile Cloud Computing Environment2018 8th International Conference on Cloud Computing, Data Science & Engineering (Confluence)10.1109/CONFLUENCE.2018.8443032(1-6)Online publication date: Jan-2018
https://doi.org/10.1109/CONFLUENCE.2018.8443032
Kaur GPande BBhardwaj ABhagat GGupta S(2018)Defense Against HTML5 XSS Attack Vectors: A Nested Context-Aware Sanitization Technique2018 8th International Conference on Cloud Computing, Data Science & Engineering (Confluence)10.1109/CONFLUENCE.2018.8442855(442-446)Online publication date: Jan-2018
https://doi.org/10.1109/CONFLUENCE.2018.8442855
Sarmah UBhattacharyya DKalita J(2018)A survey of detection methods for XSS attacksJournal of Network and Computer Applications10.1016/j.jnca.2018.06.004118(113-143)Online publication date: Sep-2018
https://doi.org/10.1016/j.jnca.2018.06.004
Gupta BGupta SChaudhary P(2017)Enhancing the Browser-Side Context-Aware Sanitization of Suspicious HTML5 Code for Halting the DOM-Based XSS Vulnerabilities in CloudInternational Journal of Cloud Applications and Computing10.4018/IJCAC.20170101017:1(1-31)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.4018/IJCAC.2017010101
Chaudhary PGupta SGupta B(2016)Auditing Defense against XSS Worms in Online Social Network-Based Web ApplicationsHandbook of Research on Modern Cryptographic Solutions for Computer and Cyber Security10.4018/978-1-5225-0105-3.ch010(216-245)Online publication date: 2016
https://doi.org/10.4018/978-1-5225-0105-3.ch010
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Recommendations

A Survey on XSS Attack Detection and Prevention in Web Applications

Detecting Blind Cross-Site Scripting Attacks Using Machine Learning

Unified threat model for analyzing and evaluating software threats

Comments

Information

Published In

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations