Edgardo Montes de Oca

Timed Extended Invariants for the Passive Testing of Web Services

The service-oriented approach is becoming more and more popular to integrate highly heterogeneous systems. Web services are the natural evolution of conventional middleware technologies to support Web-based and enterprise level integration. Formal testing of such Web-based technology is a key point to guarantee its reliability. In this paper, we choose a non-intrusive approach based on monitoring to propose a conformance passive testing methodology to check that a composed Web service respects its functional requirements. This methodology is based on a set of formal invariants representing properties to be tested including data and time constraints. Passive testing of an industrial system (that uses a composition of Web services) is briefly presented to demonstrate the effectiveness of the proposed approach.

Events-Based Security Monitoring Using MMT Tool

MMT (Montimage Monitoring Tool) is a monitoring solution that combines: data capture, filtering and storage, events extraction, statistics collection, traffic analysis and reporting. In the context of the PIMI and DIAMONDS projects, Montimage is developing MMT-Security: a security analysis solution (part of MMT) that inspects network traffic against a set of security properties denoting both security rules and attacks. This tool has been applied to an industrial case study provided by Thales Group that consists of a QoS-aware ad-hoc radio communication protocol.

A passive conformance testing approach for a MANET routing protocol

In this paper we propose a passive conformance testing technique applied to a Mobile ad hoc network (MANET) routing protocol, OLSR, that is characterized by a dynamically changing topology and lack of centralized management. This makes it necessary to investigate new ways to test complex scenarios and configurations. The work here proposes a formal passive testing method to test the conformance and reliability of the protocol. The method developed has been performed on a real case study showing that the approach can be successful applied and that it allows reducing inconclusive verdicts often observed using other methods.

An advanced approach for modeling and detecting software vulnerabilities

Context: Passive testing is a technique in which traces collected from the execution of a system under test are examined for evidence of flaws in the system. Objective: In this paper we present a method for detecting the presence of security vulnerabilities by detecting evidence of their causes in execution traces. This is a new approach to security vulnerability detection. Method: Our method uses formal models of vulnerability causes, known as security goal models and vulnerability detection conditions (VDCs). The former are used to identify the causes of vulnerabilities and model their dependencies, and the latter to give a formal interpretation that is suitable for vulnerability detection using passive testing techniques. We have implemented modeling tools for security goal models and vulnerability detection conditions, as well as TestInv-Code, a tool that checks execution traces of compiled programs for evidence of VDCs. Results: We present the full definitions of security goal models and vulnerability detection conditions, as well as structured methods for creating both. We describe the design and implementation of TestInv-Code. Finally we show results obtained from running TestInv-Code to detect typical vulnerabilities in several open source projects. By testing versions with known vulnerabilities, we can quantify the effectiveness of the approach. Conclusion: Although the current implementation has some limitations, passive testing for vulnerability detection works well, and using models as the basis for testing ensures that users of the testing tool can easily extend it to handle new vulnerabilities.

An Automated Passive Testing Approach for the IMS PoC Service

Although the adoption of the IP Multimedia Subsystem (IMS) keeps growing, IMS applications are often integrated to the system without being formally tested. In this work, we are interested in the IMS Push over Cellular (PoC) service, an OMA standard. We propose a conformance passive testing approach to check that its implementation respects the main standard requirements. This approach is based on a set of formal invariants representing the most relevant expected properties to be tested. Two testing phases are applied: the verification of the invariants against the service specification and their testing on the PoC collected execution traces.

How to Evaluate Trust Using MMT

Trust evaluation is becoming a more and more active and critical area mainly for guaranteeing secure interoperation between communicating systems. One of the basic parameters used to evaluate the trust in a remote entity (user or system) is the previous experience, i.e. the interactions already performed between the truster and the trustee. However the monitoring of the trustee behavior and the analysis of the collected data and events are not an easy task. First of all, we need to define relevant patterns that describe the desired behaviors to be monitored and check them using a dedicated tool.

Monitoring and Securing New Functions Deployed in a Virtualized Networking Environment

Network operators are currently very cautious before deploying a new network equipment. This is done only if the new networking solution is fully monitored, secured and can provide rapid revenues (short Return of Investment). For example, the NDN (Named Data Networking) solution is admitted as promising but still uncertain, thus making network operators reluctant to deploy it. Having a flexible environment would allow network operators to initiate the deployment of new network solutions at low cost and low risk. The virtualization techniques, appeared a few years ago, can help to provide such a flexible networking architecture. However, with it, emerge monitoring and security issues which should be solved. In this paper, we present our secure virtualized networking environment to deploy new functions and protocol stacks in the network, with a specific focus on the NDN use-case as one of the potential Future Internet technology. As strong requirements for a network operator, we then focus on monitoring and security components, highlighting where and how they can be deployed and used. Finally, we introduce our preliminary evaluation, with a focus on security, before presenting the test bed, involving end-users consuming real contents, that we will set up for the assessment of our approach.

Testing Software and Systems

Debugging comprises the activities of fault detection, localization, and correction, which we usually consider to be carried out separately during program development. In testing and here in particular automated test case generation, the question is more on how to generate effective tests that most likely reveal bugs instead of how such tests might help to locate and fix a bug once revealed. In this talk I discuss the relationship between testing and fault localization. Besides giving an introduction into the current state of the art in debugging, I introduce a method for computing tests in order to facilitate debugging. The key idea behind the method is to construct test cases that allow distinguishing bug candidates. In the talk I introduce the basic ideas, empirical results obtained, and focus also on current research questions that has to be tackled in order to further increase automation in fault localization

An Effective Attack Detection Approach in Wireless Mesh Networks

Wireless Mesh Network (WMN) is a recent technology that is gaining significant importance among traditional wireless networks. WMN is considered a suitable solution for providing Internet access in an inexpensive, convenient, and rapid manner. Nonetheless, WMNs are exposed to various types of security threats due to their intrinsic characteristics such as open broadcast medium and decentralized architecture. For instance, a compromised node can generate malicious traffic in order to disrupt the network routing service, putting the entire mesh network at risk. In this paper, we provide an efficient method for detecting active attacks against the routing functionality of network. The approach is based on the analysis of the protocol routing behavior by processing the traces produced by each node using Mont image Monitoring Tool (MMT), which outputs routing events that are correlated between nodes to detect potential intrusions. We demonstrate the approach feasibility by using a virtualized mesh network platform that consists of virtual nodes executing Better Approach To Mobile Ad hoc Network (BATMAN) routing protocol. The experimental results show that the proposed method accurately identifies malicious routing traffic diffused by an attacker through the network.

A formal passive testing approach to test a MANET routing protocol

Conformance testing is crucial to the quality and reliability of routing protocols for pervasive communications. Most of the works are devoted to their simulations in order to study their performance in a simulated context without taking into account their formal requirements and specifications. Our work tackles the formal methods to test the conformance of a ad hoc routing protocol (i.e. OLSR) deployed in a real network. A passive testing technique is applied taking into account the OLSR formal specification, formal description of properties and collected traces of the implementation. This approach is complementary to active testing techniques allowing then to reduce the inconclusive verdicts often observed in several experiments.