COMP9313-Cyber Security Information Indexing

What is Cyber Security:
Computer security, cybersecurity or information technology security(IT security) is the protection of computer systems from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.

Security Vulnerabilities

Common examples of security vulnerabilities:

• SQL injection
• Cross-site Scripting(XSS)
• Remote Code Execution(RCE)

SQL injection
Occurs when a possibly malicious party constructs a SQL query that is executed through legitimate inputs of the system.

Allows for activities such as:

• Reading/writing data from/to database.
• Modifying data
• Delete data
• Execute admin operations

SQL injection example:

SQL injection example

Why do we have security vulnerabilities?

• Producing software that is free of vulnerabilities is uncommon and extremely difficult specially in complex software systems.
• Situation gets worse in scenarios with high requirements volatility.
• No function system is 100% secure.

Vulnerability Discovery Techniques

• Expert-based vulnerability discovery
  Involves experts in security vulnerability
  In-house or outsourced
  Example: Manual code review, Manual penetration testing.

• Machine-base vulnerability discovery
  Relies on automation for discovering vulnerability.
  Data Mining and Machine Learning, AI, etc
  Example: Static Analysis, Black-box vulnerability scanners.

• Crowd-base vulnerability discovery
  Relies on the crowd(Security Professionals)
  Organisations call for crowd collaboration to find vulnerabilities.
  Example: Organization-managed programs, Bug Bounty platforms.

Security Vulnerability Indexing and Searching

Vulners

• Vulnerability database and search engine with Open API
• Aggregates vulnerability data
• Developed by security experts, for security expert.
• Fast search engine(Elastic search)
• Machine readable data(JSON)
• API-driven development