RASPunzel
Project RASPunzel aims to deliver an automated and scalable runtime application self-protection (RASP) solution for Java.
RASPunzel
RASPunzel
Project RASPunzel aims to deliver an automated and scalable runtime application self-protection (RASP) solution for Java.
Project Overview
How it works
Project RASPunzel brings RASP to the next level by synthesizing lightweight security monitors that can run along a production application and prevent attacks in real-time.
Key challenges
When it comes to security, there is no one-size-fits-all solution. RASPunzel, aims to continuously synthesize, update, and deploy custom RASP monitors based on data collected from the applications themselves.
Different vulnerabilities also call for different monitors and synthesis strategies. Our current research focus is regular expression, and grammar inference applied to the synthesis of lightweight deserialization and injection (e.g. SQLi, XML, and others) monitors.