Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.

Published byIsmael Collins Modified over 9 years ago

Similar presentations

Presentation on theme: "Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design."— Presentation transcript:

1 Vulnerability Analysis

2 Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design but not in a system Penetration testing Attempt to violate specific constrains stated in a policy Cannot prove correctness but absence of a vulnerability Review 2

3 Penetration Testing Goals Prove the existence/absence of a previously defined flaw Find vulnerabilities under given restrictions (time, resources,...) Layering of tests External attacker with no knowledge of the system External attacker with knowledge of the system Internal attacker with knowledge of the system 3

4 Penetration Testing Procedure Information gathering Find problem areas in the specification Flaw hypothesis Derive possible flaws from the information gathered Flaw testing Verify the possible flaws (exploiting, testing) – but no harming! Flaw generalization Generalize the obtained insights Flaw elimination proposal Flaws need to be fixed but sometimes this takes time and than the tester can suggest ways to prevent the exploit 4

5 Vulnerability Scanners Automated tools to test if the network or host is vulnerable to known attacks Run in batch mode against the system Process A set of system attributes are sampled and stored The results are compared to a reference set and the deviation derived 5

6 Network Based Analysis Probing the system actively by Looking for weaknesses Derive information from system responses Two different techniques Testing by exploit – really doing the attack Interference Methods – monitoring the system for vulnerable applications 6

7 Host Based Analysis Assessing system data sources (file contents, configuration setting, status information) to determine vulnerabilities Passive assessment where the tool has legitimated access which mostly involves privilege escalation attacks Targets are password files, SUID, access permissions, anonymous FTP... 7

8 Advantage/Disadvantage Helping to document the security state of a system Regular application can spot system changes which could lead to problems A way to double-check any changes made to the system Host based are tightly bound to the environment Network based can harm the system and are more prone to false alarms Can misguide a running IDS system May violate legal prescriptions (privacy, others sphere of influence...) 8 + -

9 Outline 1.Vulnerability Analysis 2.Security Strategies 3.Attack Trees 9

10 Security Strategies 10 Least Privilege Defense in Depth Diversity of Defense Choke Point Weakest Link Fail-Safe Stance Default Deny Default Permit Universal Participation Simplicity

11 Least Privilege (LP) Every user, process,.. should only have the privileges needed to solve their tasks. Problems Difficult to achieve as an ”afterthought” Which privileges should a subject have? 11

12 Defense in Depth Do not let the security of the system stand and fall with one mechanism Total security can never be achieved, but it can be made good enough so that intrusion attempts are: too risky. too costly. 12

13 Diversity of Defense Use security systems from different suppliers Let different persons configure the systems Problems Flavors of UNIX Drawback High cost 13

14 Choke Point Force the attacker to use one channel that can be monitored and controlled Example Firewall N.B. No alternative channels may be used. 14

15 Weakest Link Try to find all the weak points in the system eliminate them monitor them Problem How do you find all the weak points in a system? There will always be a weakest point 15

16 Fail-Safe Stance A system should fail in a secure manner if a system fails it should not be easier to penetrate the system Flavors Default deny stance define what is permitted and disallow everything else Default permit stance define what is disallowed and permit everything else 16

17 Universal Participation All personnel needs to participate in order to achieve security. Flavors Voluntary explain the benefits of a secure system/organization educate the staff Mandatory e.g. force the users to change passwords every week 17

18 Simplicity You can’t know if a system is safe if you don’t understand it. ”It is easier to secure an apartment than a whole block” 18

19 Summary The security of a system is, among other things, dependent on: How the system is constructed How the system is configured How the users behave 19

20 Questions ?

Download ppt "Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design."

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.
Access Control Methodologies

Access Control Methodologies
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Building a Successful Security Infrastructure

Building a Successful Security Infrastructure
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
 Background  Penetration Studies  Example Vulnerabilities  Classification Frameworks  Theory of Penetration Analysis Computer Security: Art and Science.

 Background  Penetration Studies  Example Vulnerabilities  Classification Frameworks  Theory of Penetration Analysis Computer Security: Art and Science.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Vulnerability Analysis

Vulnerability Analysis
(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
seminar on Intrusion detection system

seminar on Intrusion detection system

Similar presentations

Ads by Google