Evil Pickles: DoS attacks based on object-Graph engineering
Loading...
Date
2017-05-13
DOI
Open Access Location
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Rights
© Jens Dietrich, Kamil Jezek, Shawn Rasheed, Amjed Tahir, and Alex Potanin;
licensed under Creative Commons Attribution 3.0 Germany (CC BY 3.0 DE)
Abstract
This artefact demonstrates the effects of the serialisation
vulnerabilities described in the companion
paper. It is composed of three components:
scripts, including source code, for Java, Ruby and
C# serialisation-vulnerabilities, two case studies
that demonstrate attacks based on the vulnerabilities,
and a contracts-based mitigation strategy
for serialisation-based attacks on Java applications.
The artefact allows users to witness how
the serialisation-based vulnerabilities result in behavior
that can be used in security attacks. It
also supports the repeatability of the case study
experiments and the benchmark for the mitigation
measures proposed in the paper. Instructions for
running the tasks are provided along with a description
of the artefact setup.
Description
Keywords
Citation
2017