Project: Towards an Integrated Platform for Simulating, Monitoring, and Analytics of SAP Software (Second Phase)

Team: Prof. Dr. Christoph Meinel, Feng Cheng, Andrey Sapegin, Amir Azodi, David Jaeger, Marian Gawron

Research institution: HPI Potsdam

Abstract: Along with the rapid development of IT Hardware and infrastructures, e.g., faster and many/multicore supported CPU, larger and more reliable main memory, etc., Computer Software as well as software attacks and countermeasures become more and more complicated. The growing size of Software, especially such large scale business software as SAP software, requires more traffic to be transmitted over the network and meanwhile increases heavily the number of events which are relevant to the operation and security of the software. Additionally, the new cloud-based software delivery model introduces new complexity and attack vectors. In this project, we propose to build based on the resource provided by HPI FutureSoC lab an integrated SAP Software platform on which further test, attacks, and analytics can be carried out. We plan to design a self-contained scenario and set up accordingly a SAP environment. Based on this environment, such approaches as simulation, honeypot, penetration testing, attack modeling, and security analytics lab (SAL) will be explored and if possible, enforced. It is expected that this platform can integrate most popular and useful security auditing and analytics methods and be further used to analyze and evaluate the SAP software. Within this project, we also expect to explore and create monitoring and analytics solutions specifically suitable for SAP software. In the first phase of this project starting from April 2013, we have setup a preliminary test-bed with a self-contained scenario where some SAP software and some popular application are installed. We proposed a unified log format by which most of application logs can be normalized. We also designed and implemented an HANA-based vulnerability database, so-called HPIVDB for hosting unified and well-structured vulnerability information. With this proposal, we highly expect to extend the project for the next phase so that we can carry out the next step work planned in our original proposal.

Link to the previous project: public/20131022

Last modified 6 years ago Last modified on Sep 30, 2013 3:51:21 PM