Presentation is loading. Please wait.

Presentation is loading. Please wait.

Text Book: Security in Computing

Published byDeddy Agusalim Modified over 5 years ago

Similar presentations

Presentation on theme: "Text Book: Security in Computing"— Presentation transcript:

1 Text Book: Security in Computing
Program Security Text Book: Security in Computing Charles P. Pfleeger From Charles P. Pfleeger, Security in Computing, 2nd Edition, Prentice Hall, 1996

2 Program Security Objectives Defined the concept of secured program
differentiate malicious and non-malicious code identify and describe programming errors with security implication list and explain different types of viruses, how and where it attack and how it gain controls explain virus signature identify the impact of viruses to the computing system discuss and explain various policies, procedures and technical controls against virus threats

3 Program/Code Security (cont.)
Protecting programs is at the heart of computer security because they constitute so much of a computing system s.a. (OS, Device drivers, Network infrastructure, DBMS, … etc) Two important questions: 1. How do we keep programs free from flaws? 2. How do we protect computing resources against programs that contain flaws?

4 Secure Program Security implies some degree of trust that the program enforces expected confidentiality, integrity and availability. The meaning of secure software is likely to get difference answer from different people. This difference occurs because the importance of the characteristics depends on who is analyzing the software.

5 Flaws, faults, and failures
A flaw is a problem with a program A program security flaw is an undesired program behavior caused by a program vulnerability A security flaw is a problem that affects security in some way Confidentiality, integrity, availability Flaws come in two types: faults and failures 2-5

6 Flaws, faults, and failures
A fault is a mistake “behind the scenes” An error in the code, data, specification, process, etc. A fault is a potential problem A failure is when something actually goes wrong You log in to the library’s web site, and it shows you someone else’s account “Goes wrong” means a deviation from the desired behaviour, not necessarily from the specified behaviour! The specification itself may be wrong A fault is the programmer/specifier/inside view A failure is the user/outside view 2-6

7 Finding and fixing faults
How do you find a fault? If a user experiences a failure, you can try to work backwards to uncover the underlying fault What about faults that haven’t (yet) led to failures? Intentionally try to cause failures, then proceed as above Remember to think like an attacker! 2-7

8 Bug, Error, Fault, and Failure
Bug in software is a term that can mean many different things depending on context. For example, it can be a mistake in interpreting a requirement or a syntax error in a piece of code. Error is a human mistake in performing some software activity that may lead to a fault in a computer program. A fault may cause a failure (which is a departure from the system's required behavior). a fault is an inside view of the system, seen by the developers, whereas a failure is an outside view seen by the user.

9 Types of Flaws Intentional - Malicious - Non-malicious
Inadvertent (Unintentional) - validation error domain error: controlled access to data serialization and aliasing: program flow order inadequate identification and authentication boundary condition violation other exploitable logic errors.

10 Types of security flaws
One way to divide up security flaws is by genesis (where they came from) Some flaws are intentional Malicious flaws are intentionally inserted to attack systems, either in general, or certain systems in particular If it’s meant to attack some particular system, we call it a targeted malicious flaw. 2- 12

11 Types of security flaws
Nonmalicious (but intentional) flaws are often features that are meant to be in the system, and are correctly implemented, but nonetheless can cause a failure when used by an attacker Most security flaws are caused by unintentional program errors 2- 12

12 Nonmalicious Program Errors
Human make many mistakes, most of which are unintentional and nonmalicious. Many such errors cause program malfunction but do not lead to more serious security vulnerabilities. 3 main concern : Buffer Overflows Incomplete Mediation Time-of-Check to Time-of-Use Errors 2- 12

13 Non-malicious Program Errors
1. Buffer Overflows All program and data elements are in memory during execution, sharing space with the operating system, other code, and resident routines. Therefore, the effect of the overflows data depends on where it is go in the memory; It may affect the user data, user code, system data, or system code.

14 Buffer Overflows buffer (or array or string) is a space in which data can be held. Because memory is finite, a buffer’s capacity is finite. For this reason in many programming languages, the programmer must declare the buffer’s maximum size so that the compiler can set aside the amount of space. Buffer overflow: when user input exceeds max buffer size Extra input goes into unexpected memory locations Attacker can run desired code, hijack program

15 Malicious user enters > 1024 chars, but buf can only store chars; extra chars overflow buffer void get_input() { char buf[1024]; gets(buf); } void main(int argc, char*argv[]){ get_input();

16 Buffer Flows (cont) Example 1 : Declare : char sample[10];
Run : sample[10] = ‘A’; Error : Subscript is out of bounds. Example 2 : Declare : sample[ i ] = ‘A’ Run : for ( i=0; i<=9; i++ ) sample[ i ] sample[10] = ‘B’ Error : Overwrites an existing variable value.

17 Defences against buffer overflows
How might one protect against buffer overflows? Use a language with bounds checking And catch those exceptions! Non-executable stack “W⊕X” (memory page is either writable or executable, but never both) 2- 26

18 Non-malicious Program Errors (cont.)
2. Incomplete mediation Inputs to programs are often specified by untrusted users Web-based applications are a common example Users sometimes mistype data in web forms Phone number: iang#cs.uwaterloo.ca The web application needs to ensure that what the user has entered constitutes a meaningful request This is called mediation 2- 29

19 Non-malicious Program Errors (cont.)
2. Incomplete mediation Incomplete Mediation : routine’s failing on a data type error. Another possibility is that the receiving program would continue to execute but would generate the very wrong result. One way to address the potential problems is to anticipate them – written code to check for correctness on the client’s side, program can restrict choice only to a valid ones. 2- 29

20 Incomplete mediation Example 1 : Declare : int number;
Run : number = “two”; Error : Wrong value in specified format Example 2 : Declare : in database we declare name length as 10 character Run : We enter name = Christopher Columbus Error : Database error Incomplete mediation occurs when the application accepts incorrect data from the user

21 Non-malicious Program Errors (cont.)
3. Time-of-Check to Time-of-Use Errors : Definition : instruction that appear to be adjacent may not actually be executed immediately after each other, either because of intentionally changed order or because of the effects of other processes in concurrent execution. (A delay between checking permission to perform certain operations and using this permission may enable the operations to be changed)

22 Non-malicious Program Errors (cont.)
3. Time-of-Check to Time-of-Use Errors : Example: 1.User attempts to write 100 bytes at end of file “abc”. Description of operation is stored in a data structure. 2.OS checks user’s permissions on copy of data structure. 3.While user’s permissions are being checked, user changes data structure to describe operation to delete file “xyz”.

23 Non-malicious Program Errors (cont.)
3. Time-of-Check to Time-of-Use Errors : A delay between the time the access was checked and the time the result of the check was used, a change occurred, invalidating the result of the check. Example: Changing the file name that checked for a deletion access.

Download ppt "Text Book: Security in Computing"

Similar presentations

Lectures on File Management

Lectures on File Management
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson

CSc 352 Programming Hygiene Saumya Debray Dept. of Computer Science The University of Arizona, Tucson
Chapter 3 (Part 1) Network Security

Chapter 3 (Part 1) Network Security
Week 5 - Wednesday.  What did we talk about last time?  Attacks on hash functions.

Week 5 - Wednesday.  What did we talk about last time?  Attacks on hash functions.
Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.

Stack-Based Buffer Overflows Attacker – Can take over a system remotely across a network. local malicious users – To elevate their privileges and gain.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
Chap 3: Program Security.  Programming errors with security implications: buffer overflows, incomplete access control  Malicious code: viruses, worms,

Chap 3: Program Security.  Programming errors with security implications: buffer overflows, incomplete access control  Malicious code: viruses, worms,
Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.

Buffer Overflow Attacks. Memory plays a key part in many computer system functions. It’s a critical component to many internal operations. From mother.
2-1 Last time What is our goal in this course? What is security? What is privacy? Who are the adversaries? Assets, vulnerabilities, threats, attacks and.

2-1 Last time What is our goal in this course? What is security? What is privacy? Who are the adversaries? Assets, vulnerabilities, threats, attacks and.
Lecture 12 Overview.

Lecture 12 Overview.
Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.

Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-

Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.

An anti-hacking guide.  Hackers are kindred of expert programmers who believe in freedom and spirit of mutual help. They are not malicious. They may.
Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.

Chapter 6 Buffer Overflow. Buffer Overflow occurs when the program overwrites data outside the bounds of allocated memory It was one of the first exploited.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.

BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.
Buffer Overflows Lesson 14. Example of poor programming/errors Buffer Overflows result of poor programming practice use of functions such as gets and.

Buffer Overflows Lesson 14. Example of poor programming/errors Buffer Overflows result of poor programming practice use of functions such as gets and.
OSI and TCP/IP Models And Some Vulnerabilities AfNOG 12 30 th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.

OSI and TCP/IP Models And Some Vulnerabilities AfNOG th May 2011 – 10 th June 2011 Tanzania By Marcus K. G. Adomey.
CHAPTER 3 Program Security 1. Objectives 2  Defined the concept of secured program  differentiate malicious and non-malicious code  identify and describe.

CHAPTER 3 Program Security 1. Objectives 2  Defined the concept of secured program  differentiate malicious and non-malicious code  identify and describe.

Similar presentations

Ads by Google