Print Email Facebook Twitter Leveraging Fine-grained Telemetry Data for the Detection and Prevention of Vulnerability Exploits Title Leveraging Fine-grained Telemetry Data for the Detection and Prevention of Vulnerability Exploits Author Ponichtera, Konrad (TU Delft Electrical Engineering, Mathematics and Computer Science) Contributor Proksch, S. (mentor) van Deursen, A. (graduation committee) Decouchant, Jérémie (graduation committee) Degree granting institution Delft University of Technology Programme Computer Science Date 2024-06-25 Abstract In the modern digital landscape, cybersecurity threats are a significant concern, particularly for publicly accessible computer systems. Vulnerabilities, or flaws in system design, can be exploited by malicious actors to compromise system security and integrity. This paper explores the challenges of handling vulnerabilities in software dependencies from the perspective of system operators, responsible for managing and monitoring infrastructure. The investigation is structured into two main steps. First, a detailed exploration of DevOps methodologies and current vulnerability handling techniques reveals key limitations and areas for improvement. Based on these insights, a new solution is proposed to enhance system operators’ capabilities in terms of awareness, impact assessment, and actionability. To validate the proposed solution, semi- structured interviews were conducted with ten experienced software engineers. The analysis of these interviews, using grounded theory methods, helped to refine the proposed system’s concepts and assess its potential impact on industry practices. In the second step, a fully functional prototype was developed, featuring the ability to monitor and mitigate vulnerability triggers in Java services through instrumentation. The evaluation of the prototype shows that the proposed solution effectively increases the granularity of vulnerability handling and is feasible for practical implementation from the resource utilization perspective. Subject operatorvulnerabilityimpactmitigationinstrumentationdistributed tracingservice meshtelemetrygrounded theorycodingusability To reference this document use: http://resolver.tudelft.nl/uuid:03f20024-29ed-4091-b884-55447c303233 Bibliographical note https://doi.org/10.5281/zenodo.11809584 Source code of prototype implementation and experimental setup https://doi.org/10.5281/zenodo.11621468 Transcripts and questionnaire responses from the conducted interviews Part of collection Student theses Document type master thesis Rights © 2024 Konrad Ponichtera Files PDF Konrad_Ponichtera_-_MSc_T ... ersion.pdf 4.51 MB Close viewer /islandora/object/uuid:03f20024-29ed-4091-b884-55447c303233/datastream/OBJ/view