Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chap 20. Vulnerability Analysis

Published byDina Dean Modified over 6 years ago

Similar presentations

Presentation on theme: "Chap 20. Vulnerability Analysis"— Presentation transcript:

1 Chap 20. Vulnerability Analysis
Yoon Haerim Distributed Computing & Communication Lab. (URL: Dept. of Computer Engineering & Science Sogang University Seoul, Korea

2 Contents Introduction Penetration Studies Vulnerability Classification
Frameworks Summary

3 { System characteristics, environment, and state }
Introduction Definition of Vulnerability Failure of security policies, procedures, and controls that allow a subject to commit an action that violates the security policy Techniques for detecting vulnerabilities Formal Verification Penetration Testing { Preconditions } | Program { Postconditions } { System characteristics, environment, and state } Program or system { System state }

4 Penetration Studies (1/7)
Goals Attempt to violate specific constraints in security and/or integrity policy Example: subsystem designed to allow owner to require others to give password before accessing file (i.e., password protect files) Goal: test this control Metric: did testers get access either without a password or by gaining unauthorized access to a password?

5 Penetration Studies (2/7)
Goals (cont’d) Find some number of vulnerabilities, or vulnerabilities within a period of time Example: vendor gets confidential documents, 30 days later publishes them on web Goal: obtain access to such a file; you have 30 days Alternate goal: gain access to files; no time limit (a Trojan horse would give access for over 30 days)

6 Penetration Studies (3/7)
Layering of Tests External attacker with no knowledge of system Locate system, learn enough to be able to access it External attacker with access to system Can log in, or access network servers Often try to expand level of access Internal attacker with access to system Testers are authorized users with restricted accounts Typical goal is to gain unauthorized privileges or information

7 Penetration Studies (4/7)
Layering of Tests (cont’d) Studies conducted from attacker’s point of view Environment is that in which attacker would function If information about a particular layer irrelevant, layer can be skipped Example: penetration testing during design, development skips layer 1 Example: penetration test on system with guest account usually skips layer 2

8 Penetration Studies (5/7)
Flaw Hypothesis Methodology Information gathering If a flaw does not exist Flaw hypothesis Flaw testing Flaw generalization Flaw elimination

9 Penetration Studies (6/7)
Flaw Hypothesis Methodology (cont’d) [1] Flaw hypothesis The effectiveness of FHM relies heavily on this step Deviational techniques are one approach to improve the process of the flaw hypothesis generation Hypothesize that some aspects of a system differs from normal and the analyst is invited to consider the perturbed system

10 Penetration Studies (7/7)
Flaw Hypothesis Methodology (cont’d) [1] Deviational techniques (cont’d) Deviational Techniques Use Case Model Zonal Requirement Formal elements Actor’s intent Association Use case description

11 Vulnerability Classification (1/5)
Describe security flaws from various perspectives Exploit-oriented Hardware, software, interface-oriented Goals Specify, design, implement a computer system without vulnerabilities Analyze a computer system to detect vulnerabilities Address any vulnerabilities introduced during the operation of the computer system Detect attempted exploitations of vulnerabilities

12 Vulnerability Classification (2/5)
Two Security Flaws in the UNIX xterm Emulates terminal under X11 window system Must run as root user Log feature: user can log all input, output to file User name file If file does not exist, xterm creates it, makes owner the user If file exists, xterm checks user can write to it, and if so opens file to append log to it

13 Vulnerability Classification (3/5)
Two Security Flaws in the UNIX (cont’d) xterm (cont’d) Check that user can write to file requires special system call if(access(“/usr/tom/X”, W_OK) == 0) { if((fd = open(“/usr/tom/X”, O_WRONLY|O_APPEND)) < 0) { /* handle error: cannot open file */ }

14 Vulnerability Classification (4/5)
Two Security Flaws in the UNIX (cont’d) fingerd (finger daemon) Exploited by Internet Worm of 1988 The finger protocol obtains information about the users of a remote system Request is name of at most 512 characters But, server does not check the length of the name

15 Vulnerability Classification (5/5)
Two Security Flaws in the UNIX (cont’d) fingerd (finger daemon) (cont’d) If the entire 536-byte buffer is sent to the daemon, excess 24 bytes overwrite the stack locations in which the caller’s return address and status word are stored

16 Frameworks Goals: Dictate the framework’s structure
Examples guide development of attack detection tool Aid the software development process Following schemes classify vulnerability as n-tuple, each element of n-tuple being classes into which vulnerability falls

17 Frameworks Research Into Secure Operating Systems (RISOS)
Goals: aid computer, system managers in understanding security issues in OSes, and help determine how much effort required to enhance system security The investigators classified flaws into seven general classes

18 Frameworks RISOS (cont’d) Classification Scheme
Incomplete parameter validation Inconsistent parameter validation Implicit sharing f privileged/confidential data Asynchronous validation/inadequate serialization Inadequate identification/authentication/authorization Violable prohibition/limit Exploitable logic error

19 Summary Classification schemes requirements
Decision procedure for classifying vulnerability Each vulnerability should have unique classification Above schemes do not meet these criteria Inconsistent among different levels of abstraction Point of view affects classification

20 Reference [1] Thitima Srivatanakul, John A. Clark, Fiona Polack. Stressing Security Requirements: Exploiting the Flaw Hypothesis Method with Deviational Techniques. In SREIS, 2005. [2] Thitima Srivatanakul, John A. Clark, Fiona Polack. Effective Security Requirements Analysis: HAZOP and Use Cases.

Download ppt "Chap 20. Vulnerability Analysis"

Similar presentations

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.

Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.
Access Control Methodologies

Access Control Methodologies
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
1 Vulnerability Analysis CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 26, 2004.

1 Vulnerability Analysis CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 26, 2004.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Introducing Computer and Network Security

Introducing Computer and Network Security
Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.

Chapter 15 – Part 2 Networks The Internal Operating System The Architecture of Computer Hardware and Systems Software: An Information Technology Approach.
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
.NET Mobile Application Development Remote Procedure Call.

.NET Mobile Application Development Remote Procedure Call.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.

Information Systems CS-507 Lecture 40. Availability of tools and techniques on the Internet or as commercially available software that an intruder can.
Operating Systems Protection & Security.

Operating Systems Protection & Security.
Vulnerability Analysis

Vulnerability Analysis
Computers Are Your Future Tenth Edition Chapter 12: Databases & Information Systems Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall1.

Computers Are Your Future Tenth Edition Chapter 12: Databases & Information Systems Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall1.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
A Framework for Automated Web Application Security Evaluation

A Framework for Automated Web Application Security Evaluation

Similar presentations

Ads by Google