Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Application Vulnerabilities, Detection Mechanisms, and Defenses

Published byNigel Hardy Modified over 6 years ago

Similar presentations

Presentation on theme: "Web Application Vulnerabilities, Detection Mechanisms, and Defenses"— Presentation transcript:

1 Web Application Vulnerabilities, Detection Mechanisms, and Defenses
Shamaria Engram University of South Florida Systems Security

2 Outline Web Application Vulnerabilities Injection
Detection Mechanisms Defenses Broken Authentication and Session Management Cross-Site Scripting

3 Top 10 Web Application Vulnerabilities
Injection Broken Authentication and Session Management Cross-Site Scripting Insecure Direct Object References Security Misconfiguration Sensitive Data Exposure Missing Function Level Access Control Cross-Site Request Forgery (CSRF) Using Known Vulnerable Components Unvalidated Redirects and Forwards

4 Injection OS Can include calls to the operating system via system calls LDAP Lightweight Directory Access Protocol Runs over internet transport protocols such as TCP Similar to SQL Injection SQL One of the most widespread injection attacks

5 LDAP & SQL Injection

6 Detection Mechanisms for Injection Attacks
Compare user input with possible known attack patterns Reconstruct all user supplied input into a known safe input Mechanisms that learn normal database accesses

7 Defenses against Injection
Defensive programming Fault injection/Fuzzying testing Input Validation Dynamic Checks and Static Source Code Analysis Filter variables before constructing queries to be executed by server or database Validate outgoing data Restrict the access level of the web application to the minimum required

8 Broken Authentication and Session Management
A vulnerability as a result of incorrectly implemented application functions for authentication or session management allowing attackers to masquerade as an authorized user Most common authentication method for web applications are usernames and passwords that generate session IDs upon successful login Vulnerable application components Unencrypted connection Predictable login credentials Session ID value does not timeout or does not become invalid after logging out User authentication credentials are not protected when stored Session ID values are used in the URL

9 Detection Mechanisms for Broken Authentication and Session Management
Hard to detect an attack as it is happening Web applications are tested thoroughly before deployment

10 Defenses against Broken Authentication and Session Management
Encrypt all connections between client and web server Enforce strong passwords and unpredictable usernames Session ID should be valid only for a certain amount of time and should become invalid after logging out Salt, hash, and encrypt all stored user credentials Avoid including session ids in the URL

11 Cross-Site Scripting Attacks
Common attack method that involves injecting malicious code into a vulnerable web application Two types: Stored and Reflected

12 Stored Cross-Site Scripting Attack

13 Reflected Cross-Site Scripting Attack

14 Detection Mechanisms for Cross-Site Scripting Attacks
String Analysis E.g., Check the source code for the script tag Bounded Model Checking E.g., Satisfiability states Fault Injection E.g., Fuzzy testing Taint Propagation E.g., data flow analysis Comparing User Input with Known Untrusted Scripts

15 Detection Mechanisms for Cross-Site Scripting Attacks
Browser-Enforced Embedded Policies Syntactic Structure Analysis Lattice Based Approach Proxy Based Approach And Many More…

16 Defenses against Cross-Site Scripting Attacks
Properly escape all untrusted data based on the HTML context Validate the length, characters, format, and business rules on the data before accepting the input Use auto-sanitization libraries such as OWASP’s AntiSamy or the Java HTML Sanitizer Project Content Security Policy (CSP) to defend against XSS

17 Thank you! Questions

Download ppt "Web Application Vulnerabilities, Detection Mechanisms, and Defenses"

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!

Don’t get Stung (An introduction to the OWASP Top Ten Project) Barry Dorrans Microsoft Information Security Tools NEW AND IMPROVED!
SEC835 OWASP Top Ten Project.

SEC835 OWASP Top Ten Project.
A Demo of and Preventing XSS in.NET Applications.

A Demo of and Preventing XSS in.NET Applications.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.

Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.

It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.

Introduction to the OWASP Top 10. Cross Site Scripting (XSS)  Comes in several flavors:  Stored  Reflective  DOM-Based.
Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.

Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.
The 10 Most Critical Web Application Security Vulnerabilities

The 10 Most Critical Web Application Security Vulnerabilities
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 

Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
Workshop 3 Web Application Security Li Weichao March 14 2014.

Workshop 3 Web Application Security Li Weichao March
Web Security Overview Lohika ASC team 2009

Web Security Overview Lohika ASC team 2009
OWASP Zed Attack Proxy Project Lead

OWASP Zed Attack Proxy Project Lead
Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.

Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.
+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.

+ Websites Vulnerabilities. + Content Expand of The Internet Use of the Internet Examples Importance of the Internet How to find Security Vulnerabilities.
The OWASP Way Understanding the OWASP Vision and the Top Ten.

The OWASP Way Understanding the OWASP Vision and the Top Ten.
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Similar presentations

Ads by Google