Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerability Analysis

Published byMorris McDowell Modified over 6 years ago

Similar presentations

Presentation on theme: "Vulnerability Analysis"— Presentation transcript:

1 Vulnerability Analysis
허영일

2 1. Introduction 2. Penetration Studies 3
1. Introduction 2. Penetration Studies 3. Vulnerability Classification 4. Frameworks

3 1. Introduction Definition - computer system : the policies, procedures, and organization under which that hardware and software is used. - Vulnerability(security flaw) : someone breaks into a computer system, that person takes advantage allowing unauthorized access or action. Penetration testing - Preconditions : state of the system in which the hypothesized security flaw can be exploited(System characteristics, environment, and state) - Postconditions : result of the testing(System state) - if the security policy and the postconditions are inconsistent ⇒ hypothesis is correct

4 2. Penetration Studies - Penetration study : test for evaluating the strengths of all security controls on the computer system Goals an authorized attempt to violate specific constraints stated in the form of a security or integrity policy example : subsystem designed to provide password protection for user files owner require a password to gaining access to that file goal : test these controls metric : either by not using a password or by gaining unauthorized access to a password

5 2. Penetration Studies 2. to find some number of vulnerabilities or to find vulnerabilities within a set period of time example : company obtain confidential document from vendor and, after 30 days, publishes them on the web site goal – obtain that file in 30 days alternative goal : gain access to any of these file(no time limit)

6 2. Penetration Studies Layering of Test External attacker with no knowledge of the system tester need to have enough information to access the system 2. External attacker with access to the system can access the system or log in network service tester try to get more privileged account 3. Internal attacker with access to the system act as authorized user tester try to gain unauthorized privileges or informaition for reaching the goal information about specific layer is irrelevant and that layer can be skipped

7 2. Penetration Studies Flaw Hypothesis Methodology Information gathering examine the system’s design, implementation, operating procedures, and its use 2. Flaw hypothesis on knowledge gained in the 1step, of vulnerabilities in other systems, tester hypothesize flaws of the system 3. Flaw testing tester test their hypothesized flaws (if a flaw does not exist, go back to step 2) 4. Flaw generalization generalize the vulnerability and find others similar to it 5. Flaw elimination suggest ways to eliminate the flaw or to use procedural controls to ameliorate it

8 2. Penetration Studies Example Penetration of the Michigan Terminal System. Goal : acquire access to the terminal control structures 1. information gathering - segment 0 to 4 contain the supervisor, system programs, and system state and were protected by hardware mechanisms. - segment 5 are a system work area(privilege level information) - segment 6 and higher contain user process information and the process can alter them - segment 5 was protected by a virtual memory protection system system mode : can access(alter) its segment user mode : not present in the address space of the process and cannot be modified

9 2. Penetration Studies 2. Flaw hypothesis - focus on the switch from user to system mode - discover an element of the parameter list could point to a location within the parameter list X X X X is the address of the parameter list, and location X, X+1, X+2 contain addresses of the actual parameters. location X contains the address X+2, X X+2 ····

10 2. Penetration Studies 3. Flaw testing - take two parameters, alter at least one, and could be made to change the parameter to any of a specific set of value - set up the parameter list so that the address for storing the line number - find out the address of system segment 4. Flaw generalization - test realized the full implications of this flaw (privilege level in segment 5 can control ability of the process to issue supervisor call) - if tester can find a call which turn off the hardware protection for segments 0 to 4, then he can access any data in those segment

11 3. Vulnerability Classification
- classifying the techniques used to exploit them - software and hardware components and interface Goal of vulnerability analysis 1. ability to specify, design, and implement a computer system without vulnerability 2. ability to analyze a computer system to detect vulnerability 3. ability to address any vulnerability introduced during the operation of the computer system 4. ability to detect attempter exploitations of vulnerability before we present several different framework, discuss two security flaws

12 3. Vulnerability Classification
Two Security Flaws 1. xterm program that emulate a terminal under the X11 window run as the omnipotent user root user log all input and output to a log file if file not exist : create it and assign ownership to the user file exist : check the user can write to it before open the file after access but before open, attacker delete the file and links a system file(password file) to name of the deleted file, he appends logging output to the password file if(access(“/usr/tom/X”, W_OK)==0){ if((fd=open(“.usr/tom/X”, 0_WRONLY|0_APPEND))<0){ /* handle error: cannot open file */ }

13 3. Vulnerability Classification
2. finger obtain information about the users of a remote system receive a name of at most 512 characters server does not check the length of the name attack sent byte next 24 byte make return to input buffer attacker has access to the system

14 4. Frameworks Goal - dictate the framework’s structure - example · guide the development of an attack detection tool · aid the software development process each frameworks classifies a vulnerability as an n-tuple, each elements of the n-tuple being the specific classes into which the vulnerability falls

15 4. Frameworks The RISOS Study - Research Into Secure Operating Systems - aid computer and system managers and information processing specialists in understanding issues in operating systems and to help them determine the level of effort required to enhance their system security Incomplete parameter validation 2. Inconsistent parameter validation 3. Implicit sharing of privileged/confidential data 4. Asynchronous validation/inadequate serialization 5. Inadequate identification/authentication/authorization 6. Violable prohibition/limit 7. Exploitable logic error

16 4. Frameworks Protection Analysis Model(PA) - break the operating system protection problem into smaller, more manageable pieces Improper protection domain initialization and enforcement a. Improper choice of initial protection domain (domain) b. Improper isolation of implementation detail (exposed representations) c. Improper change (consistency of data over time) d. Improper naming (naming) e. Improper deallocation or deletion (residuals) 2. Improper validation (validation of operands, queue management dependencies) 3. Improper synchronization a. Improper indivisibility (interripted atomic operations) b. Improper sequencing (serialization) 4. Improper choice of operand or operation ( critical operator selection errors)

17 4. Frameworks The NRL Taxonomy - how did the flaw enter the system - when did it enter the system - where in the system is it manifest nonreplicating Trojan horse replicating malicious trapdoor intentional Logic/time bomb storage genesis Covert channel nonmalicious timing other inadvertent

18 4. Frameworks Requirement/ specification/design development
Source code Time of introduction maintenance Object code operation Operation system software support location application hardware

19 4. Frameworks Aslam’s Model - a classification scheme for security flaws that categorized fault and grouped similar faults together coding fault a. synchronization error b. validation error 2. emergent fault a. configuration error b. environment fault

20 4. Frameworks Comparison and analysis - view of three process : flawed process, attacker process, operating system service routine - any of these processes may differ from the view of the other two the xterm log file flaw PA taxonomy · xterm process : improper change name changed between check and use · attacker process : improper deallocation or deletion file and link are deleted · operation system : improper indivisibility open the file should atomically check when access is allowed

21 4. Frameworks 2. the fingerd buffer overflow flaw RISOS taxonomy · fingerd process : violable prohibition/limit limit on input data to be sent can be ignored · attacker process : incomplete parameter validation failure to check parameter (allowing the buffer to overflow) · operation system : inadequate identification/authentication/authorization user allowed to write directly in the space of the process flaw classification is not consistent refine the flaws, then flaws may shift class, so if overlap of the flaw classification, we can ameliorate.

22 Vulnerability taxonomy in Internet software

23 보안업체의 penetration test 과정 현재의 추세 Penetration testing and penetration tester are obsolete. Originally, pen testing was a simulation of what real attackers would do. Then it became more about validating vulnerabilities scan/assessment result. Vulnerability assessment pretty much no longer requires a skilled tester. There are now and have been for a while appliances and (products which can schedule) and automate vulnerability scans. There are a limited number of really skilled testers who can do what real attackers can do. A large number of pen test companies employ people who know how to run tools but not much more than that.

Download ppt "Vulnerability Analysis"

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
Chapter 3 (Part 1) Network Security

Chapter 3 (Part 1) Network Security
A Taxonomy of Computer Program Security Flaws C. E. Landwehr, A. R. Bull, J. P. McDermott and W.S. Choi -- Presented by: Feng Hui Luo ACM Computing Surveys,

A Taxonomy of Computer Program Security Flaws C. E. Landwehr, A. R. Bull, J. P. McDermott and W.S. Choi -- Presented by: Feng Hui Luo ACM Computing Surveys,
1 Vulnerability Analysis CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 26, 2004.

1 Vulnerability Analysis CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 26, 2004.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Chap 3: Program Security.  Programming errors with security implications: buffer overflows, incomplete access control  Malicious code: viruses, worms,

Chap 3: Program Security.  Programming errors with security implications: buffer overflows, incomplete access control  Malicious code: viruses, worms,
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Operating Systems Protection & Security.

Operating Systems Protection & Security.
Vulnerability Analysis

Vulnerability Analysis
CSCE 548 Secure Software Development Risk-Based Security Testing.

CSCE 548 Secure Software Development Risk-Based Security Testing.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
A Framework for Automated Web Application Security Evaluation

A Framework for Automated Web Application Security Evaluation
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
Chapter 13 Processing Controls. Operating System Integrity Operating system -- the set of programs implemented in software/hardware that permits sharing.

Chapter 13 Processing Controls. Operating System Integrity Operating system -- the set of programs implemented in software/hardware that permits sharing.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
CSCE 522 Lecture 12 Program Security Malicious Code.

CSCE 522 Lecture 12 Program Security Malicious Code.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.

APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
G53SEC 1 Reference Monitors Enforcement of Access Control.

G53SEC 1 Reference Monitors Enforcement of Access Control.

Similar presentations

Ads by Google