CS526Topic 12: Web Security (2)1 Information Security CS 526 Topic 9 Web Security Part 2.

Slides:



Advertisements
Similar presentations
Nick Feamster CS 6262 Spring 2009
Advertisements

What is code injection? Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection can be used by.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
OWASP Web Vulnerabilities and Auditing
SEC835 OWASP Top Ten Project.
Security Issues and Challenges in Cloud Computing
IDAsec copyright - all rights reserved1 Web Vulnerabilities in the real world.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
It’s always better live. MSDN Events Securing Web Applications Part 1 of 2 Understanding Threats and Attacks.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
CS526Topic 9: Web Security (2)1 Information Security CS 526 Topic 9 Web Security Part 2.
Lecture 16 Page 1 CS 236 Online Cross-Site Scripting XSS Many sites allow users to upload information –Blogs, photo sharing, Facebook, etc. –Which gets.
Injection Attacks by Example SQL Injection and XSS Adam Forsythe Thomas Hollingsworth.
Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.
Handling Security Threats in Kentico CMS Karol Jarkovsky Sr. Solution Architect Kentico Software
Web Application Vulnerabilities Checklist. EC-Council Parameter Checklist  URL request  URL encoding  Query string  Header  Cookie  Form field 
 A cookie is a piece of text that a Web server can store on a user's hard disk.  Cookie data is simply name-value pairs stored on your hard disk by.
Workshop 3 Web Application Security Li Weichao March
Web Security Overview Lohika ASC team 2009
OWASP Zed Attack Proxy Project Lead
Cross-Site Scripting Vulnerabilities Adam Doupé 11/24/2014.
Lets Make our Web Applications Secure. Dipankar Sinha Project Manager Infrastructure and Hosting.
WEB SECURITY WEEK 3 Computer Security Group University of Texas at Dallas.
The OWASP Way Understanding the OWASP Vision and the Top Ten.
CSCI 6962: Server-side Design and Programming Secure Web Programming.
1-Vulnerabilities 2-Hackers 3-Categories of attacks 4-What a malicious hacker do? 5-Security mechanisms 6-HTTP Web Servers 7-Web applications attacks.
Chapter 9 Web Applications. Web Applications are public and available to the entire world. Easy access to the application means also easy access for malicious.
JavaScript, Fourth Edition
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
Chapter 8 Cookies And Security JavaScript, Third Edition.
Security Scanners Mark Shtern. Popular attack targets Web – Web platform – Web application Windows OS Mac OS Linux OS Smartphone.
CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
The attacks ● XSS – type 1: non-persistent – type 2: persistent – Advanced: other keywords (, prompt()) or other technologies such as Flash.
Web Applications Testing By Jamie Rougvie Supported by.
Building Secure Web Applications With ASP.Net MVC.
By Sean Rose and Erik Hazzard.  SQL Injection is a technique that exploits security weaknesses of the database layer of an application in order to gain.
1 Robust Defenses for Cross-Site Request Forgery Adam Barth, Collin Jackson, John C. Mitchell Stanford University 15th ACM CCS.
Deconstructing API Security
COMP9321 Web Application Engineering Semester 2, 2015 Dr. Amin Beheshti Service Oriented Computing Group, CSE, UNSW Australia Week 9 1COMP9321, 15s2, Week.
Web Security Lesson Summary ●Overview of Web and security vulnerabilities ●Cross Site Scripting ●Cross Site Request Forgery ●SQL Injection.
Copyright © The OWASP Foundation This work is available under the Creative Commons SA 2.5 license The OWASP Foundation OWASP Denver February 2012.
Module: Software Engineering of Web Applications Chapter 3 (Cont.): user-input-validation testing of web applications 1.
Intro to Web Application Security. iHostCodex Web Services - CEO Project-AG – CoFounder OWASP Panay -Chapter Leader -Web Application Pentester -Ethical.
Session 11: Cookies, Sessions ans Security iNET Academy Open Source Web Development.
The OWASP Foundation Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under.
Do not try any of the techniques discussed in this presentation on a system you do not own. It is illegal and you will get caught.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Page 1 Ethical Hacking by Douglas Williams. Page 2 Intro Attackers can potentially use many different paths through your application to do harm to your.
SECURE DEVELOPMENT. SEI CERT TOP 10 SECURE CODING PRACTICES Validate input Use strict compiler settings and resolve warnings Architect and design for.
Web Application Vulnerabilities
Intro to Web Application Security
Web Application Vulnerabilities, Detection Mechanisms, and Defenses
TOPIC: Web Security (Part-4)
Secure Software Confidentiality Integrity Data Security Authentication
Vulnerability Chaining Every Low Issue Has its big impact
Penetration Testing following OWASP
Security mechanisms and vulnerabilities in .NET
WWW安全 國立暨南國際大學 資訊管理學系 陳彥錚.
Information Security CS 526 Topic 9
Designing IIS Security (IIS – Internet Information Service)
Exploring DOM-Based Cross Site Attacks
Presentation transcript:

CS526Topic 12: Web Security (2)1 Information Security CS 526 Topic 9 Web Security Part 2

CS526Topic 12: Web Security (2)2 Readings for This Lecture Optional Reading –Bandhakavi et al.: CANDID : Preventing SQL Injection Attacks Using Dynamic Candidate EvaluationsCANDID : Preventing SQL Injection Attacks Using Dynamic Candidate Evaluations –Chen et al.: Side-Channel Leaks in Web Applications: a Reality Today, a Challenge TomorrowSide-Channel Leaks in Web Applications: a Reality Today, a Challenge Tomorrow

Other Web Threats SQL Injection –See slides by Venkat Side channel leakages –See slides from MSR Web browsing privacy: third-party cookies and browser fingerprinting CS526Topic 12: Web Security (2)3

OWASP Top 10 Application T10 Security Risks – 2013 A1 – Injection: Injection flaws, such as SQL, OS, and LDAP injection occur when untrusted data is sent to an interpreter as part of a command or query. The attacker’s hostile data can trick the interpreter into executing unintended commands or accessing data without proper authorization. A2 – Broken Authentication and Session Management : Application functions related to authentication and session management are often not implemented correctly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities. CS526Topic 12: Web Security (2)4

OWASP Top 10 Application T10 Security Risks – 2013 A3 – Cross-Site Scripting (XSS): XSS flaws occur whenever an application takes untrusted data and sends it to a web browser without proper validation or escaping. XSS allows attackers to execute scripts in the victim’s browser which can hijack user sessions, deface web sites, or redirect the user to malicious sites. A4 – Insecure Direct Object References: A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, or database key. Without an access control check or other protection, attackers can manipulate these references to access unauthorized data. CS526Topic 12: Web Security (2)5

OWASP Top 10 Application T10 Security Risks – 2013 A5 – Security Misconfiguration: Good security requires having a secure configuration defined and deployed for the application, frameworks, application server, web server, database server, and platform. Secure settings should be defined, implemented, and maintained, as defaults are often insecure. Additionally, software should be kept up to date. A6 – Sensitive Data Exposure: Many web applications do not properly protect sensitive data, such as credit cards, tax IDs, and authentication credentials. Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft, or other crimes. Sensitive data deserves extra protection such as encryption at rest or in transit, as well as special precautions when exchanged with the browser. CS526Topic 12: Web Security (2)6

OWASP Top 10 Application T10 Security Risks – 2013 A7 – Missing Function Level Access Control: Most web applications verify function level access rights before making that functionality visible in the UI. However, applications need to perform the same access control checks on the server when each function is accessed. If requests are not verified, attackers will be able to forge requests in order to access functionality without proper authorization. A8 - Cross-Site Request Forgery (CSRF): A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. This allows the attacker to force the victim’s browser to generate requests the vulnerable application thinks are legitimate requests from the victim. CS526Topic 12: Web Security (2)7

OWASP Top 10 Application T10 Security Risks – 2013 A9 - Using Components with Known Vulnerabilities: Components, such as libraries, frameworks, and other software modules, almost always run with full privileges. If a vulnerable component is exploited, such an attack can facilitate serious data loss or server takeover. Applications using components with known vulnerabilities may undermine application defenses and enable a range of possible attacks and impacts. A10 – Unvalidated Redirects and Forwards: Web applications frequently redirect and forward users to other pages and websites, and use untrusted data to determine the destination pages. Without proper validation, attackers can redirect victims to phishing or malware sites, or use forwards to access unauthorized pages. CS526Topic 12: Web Security (2)8

Browser Cookie Management Cookie Same-origin ownership –Once a cookie is saved on your computer, only the Web site that created the cookie can read it. Variations –Temporary cookies Stored until you quit your browser –Persistent cookies Remain until deleted or expire –Third-party cookies Originates on or sent to a web site other than the one that provided the current page CS526Topic 12: Web Security (2)9

Third-party cookies Get a page from merchant.com –Contains –Image fetched from DoubleClick.com DoubleClick knows IP address and page you were looking at DoubleClick sends back a suitable advertisement –Stores a cookie that identifies "you" at DoubleClick Next time you get page with a doubleclick.com image –Your DoubleClick cookie is sent back to DoubleClick –DoubleClick could maintain the set of sites you viewed –Send back targeted advertising (and a new cookie) Cooperating sites –Can pass information to DoubleClick in URL, … CS526Topic 12: Web Security (2)10

Cookie issues Cookies maintain record of your browsing habits –Cookie stores information as set of name/value pairs –May include any information a web site knows about you –Sites track your activity from multiple visits to site Sites can share this information (e.g., DoubleClick) Browser attacks could invade your “privacy” CS526Topic 12: Web Security (2)11

Browser Fingerprinting Browser sends HTTP head information, which includes –User agent: e.g., “Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/ (KHTML, like Gecko) Chrome/ Safari/537.36” –HTTP header: e.g., “text/html, */* gzip,deflate en-US,en;q=0.8” –Javascript can collect font information, installed browser-plugin information –Using canvas, e.g., how to render emoji –Can achieve high entropy. –Can be used to track users/browsers. CS526Topic 12: Web Security (2)12

CS526Topic 12: Web Security (2)13 Coming Attractions … Malware defenses

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.