Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM

Slides:

Advertisements

Similar presentations

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview

Advertisements

Vulnerability, Attack, Defense Split Tunneling Cross-Site Request Forgery And You Mary Henthorn OIT Senior Technology Analyst February 8, 2007.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

By Hiranmayi Pai Neeraj Jain

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Lesson 4: Web Browsing.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

© SANS Institute SANS Internet Storm Center WMF workarounds and patches

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

System Security Scanning and Discovery Chapter 14.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

A Security Analysis of the PHP language By Jonas Heineson Mattias Österberg.

Firewall Vulnerabilities Presented by Vincent J. Ohm.

Web server security Dr Jim Briggs WEBP security1.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

Instant Messaging Security Flaws By: Shadow404 Southern Poly University.

Chapter Nine Maintaining a Computer Part III: Malware.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

Security Risks of Instant Messaging in the Workplace Imtiaz Paniwala Instructor: Dr. Yang Date: March 24, 2004.

Botnets An Introduction Into the World of Botnets Tyler Hudak

MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.

Outline  Infections  1) r57 shell  2) rogue software  What Can We Do?  1) Seccheck  2) Virus total  3) Sandbox  Prevention  1) Personal Software.

32-1 Internet Safety/Security Issues Trojan/Virus precautions When you run an executable program from an untrusted source you’re opening yourself.

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),

W HAT DOES EXPLOIT MEAN ? A ND THE S ASSER WORM Seminar on Software Engineering, Short Presentation Christian Gruber.

Honeypot and Intrusion Detection System

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

BY OLIVIA WILSON AND BRITTANY MCDONALD Up Your Shields with Shields Up!

Intrusion Detection and Prevention. Objectives ● Purpose of IDS's ● Function of IDS's in a secure network design ● Install and use an IDS ● Customize.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.

CIS 450 – Network Security Chapter 7 – Buffer Overflow Attacks.

Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.

ANTIVIRUS SOFTWARE.  Antivirus software is the most widespread mechanism for defending individual hosts against threats associated with malicious software,

1 Firewalls G53ACC Chris Greenhalgh. 2 Contents l Attacks l Principles l Simple filters l Full firewall l Books: Comer ch

Semantics for Cybersecurity and Privacy Tim Finin, UMBC Joint work with Anupam Joshi, Karuna Joshi, Zareen Syed andmany UMBC graduate students

Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.

Grid Chemistry System Architecture Overview Akylbek Zhumabayev.

Recent Internet Viruses & Worms By Doppalapudi Raghu.

A Tale of Two Bugs. This Fall has been bad Let’s look at two CVE AKA “Shellshock” CVE AKA “Drupalgeddon”

CIS 450 – Network Security Chapter 14 – Specific Exploits for UNIX.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Android WebKit browser exploit 報告者：劉旭哲. Nov, Alert Logic Researcher M.J.Keith show a exploit in the Webkit in the Android. This exploit could lead to.

4061 Session 26 (4/19). Today Network security Sockets: building a server.

Presented By: Chandra Kollipara. Cross-Site Scripting: Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected.

CNIT 124: Advanced Ethical Hacking Ch 10: Client-Side Exploitation.

17 Establishing Dial-up Connection to the Internet Using Windows 9x 1.Install and configure the modem 2.Configure Dial-Up Adapter 3.Configure Dial-Up Networking.

Bahasa Inggris 3 Arranged by Pikir Wisnu Wijayanto, M.Hum Aris Hermansyah, S.S. Prodi D3 Manajemen Informatika Fakultas Ilmu Terapan Universitas Telkom.

Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.

1 Figure 9-3: Webserver and E-Commerce Security Browser Attacks  Take over a client via the browser Interesting information on the client Can use browser.

Windows Administration How to protect your computer.

Software Security. Bugs Most software has bugs Some bugs cause security vulnerabilities Incorrect processing of security related data Incorrect processing.

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

NETWORK SECURITY LAB 1170 REHAB ALFALLAJ CT1406. Introduction There are a number of technologies that exist for the sole purpose of ensuring that the.

@Yuan Xue Worm Attack Yuan Xue Fall 2012.

Common System Exploits Tom Chothia Computer Security, Lecture 17.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

TMG Client Protection 6NPS – Session 7.

Backdoor Attacks.

Lesson 4: Web Browsing.

A Distributed DoS in Action

Implementing Client Security on Windows 2000 and Windows XP Level 150

Lesson 4: Web Browsing.

Presentation transcript:

Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM

The Plan ● Network Based Attacks ● Client-based Applications Attacks ● Potential Solutions ● Conclusion

Network Based Attacks ● Attacks that are carried out 'remotely' – Internet or another machine on the LAN ● Most literature cover attacking applications that are server based – Always listening on specific port numbers – i.e. Web, mail, ftp, etc ● Attacks are essentially in the form of buffer overflows or (that can trigger) DoS

Network Based Attacks (2) ● Clients-based applications attacks are increasingly popular ● Exploit – Web Browsers – Instant Messengers – Mail Clients

Examples in 2005 ● Yahoo! Messenger ymsgr URI Arbitrary Command Execution ● Yahoo! Messenger Offline Mode Status Remote Overflow ● Gaim Away Message Processing Remote Overflow ● Mozilla Firefox IFRAME Width Overflow ● Opera Command Line URL Shell Command Injection ● Microsoft Windows Shimgvw.dll SETABORTPROC Function Crafted WMF Arbitrary Code Execution

Typical Scenario ● User use vulnerable browser to surf net – Firewall allows this ● User clicks on site with malicious code ● Browser execute code and (maybe) payload – Payload may contain worm that leads to other problems, cause DoS etc

The Issues (1) ● Attack techniques are more or less the same – buffer overflow, just different target ● Typically use – Some form of social engineering ● User click on the URL ● Need more than basic perimeter protection – Firewall and IDS ● Policy enforcement – How do you make sure that all of the 5000 Pcs in your network uses the updated version of Browser XYZ

Potential Solutions ● IDS / IPS – What if malicious attacker is on the same LAN ? ● Patch management – Large user base? – Different types of software, tied to policy ● OS level – Stack protection in the case of buffer overflow based attacks – What if network is open to all (hotspot) ● Antivirus

Conclusion ● Attacks don't just target server based programs ● Client-based applications are just as vulnerable and targeted by attackers ● Complexity in defending the user en-masse ● Multiple approaches need to be used to defend the network successfully.