Presentation is loading. Please wait.

Presentation is loading. Please wait.

CHAPTER 3 PROGRAM SECURITY.

Published byDustin Warner Modified over 7 years ago

Similar presentations

Presentation on theme: "CHAPTER 3 PROGRAM SECURITY."— Presentation transcript:

1 CHAPTER 3 PROGRAM SECURITY

2 3.1 Non-Malicious Code and Malicious Code
Unintentional Caused from a mistake done by a human such as programmers and developers Many such errors cause program malfunction but do not lead to more serious security vulnerabilities

3 3.1 Non-Malicious Code and Malicious Code
Rogue program General name for unanticipated or undesired effects in programs or program parts, caused by an agent intent on damage Behaves in an unexpected ways It can do anything any other program can such as writing a message on a computer screen, stopping a running program, generating a sound or erasing a stored file Malicious code runs under the user’s authority but without the user’s permission or even knowledge

4 3.2 Non-Malicious Program Errors
Three classic error types: Buffer overflow Incomplete mediation Time-of-check to time-of-use (TOCTTOU)

5 3.2 Non-Malicious Program Errors
3.2.1 Buffer Overflows A buffer: space in which data can be held Resides in memory; because memory is finite, a buffer’s capacity is finite For this reason, the programmer must declare the buffer’s maximum size so that the compiler can set aside that amount of space Example: char sample[10]; -> compiler set aside 10 bytes to store this buffer sample[10] = ‘A’ -> the subscript is out of bound, we have a problem

6 3.2 Non-Malicious Program Errors
3.2.2 Incomplete Mediation Consider the previous example from previous slide: 1212&parm2=2009Jan17 The two parameters looks like a telephone number and a date The question now: What would happen if parm2 were submitted as 1800Jan01? Or 1800Feb30? Or 2048Min32 or Ardvark2Many? One way to produce the problem is to try to anticipate them

7 3.2 Non-Malicious Program Errors
3.2.3 Time-of-Check to Time-of-Use (TOCTTOU) Involves synchronization Access control is a fundamental part of computer security Every requested access must be governed by an access policy stating who is allowed access to what; then the request must be mediated by an access-policy-enforcement agent But an incomplete mediation problem occurs when access is not checked universally TOCTTOU flaw concerns mediation that is performed with a “bait and switch” in the middle Also known as serialization or synchronization flaw

8 3.2 Non-Malicious Program Errors
3.2.4 Combinations of Non-malicious Program Flaws An attacker may begin a three-pronged attack by using a buffer overflow to disrupt all execution of arbitrary code on a machine The attacker then logs in as the new user and exploits an incomplete mediation flaws as common building blocks Clever attacker uses flaws as common building blocks to build a complex attack

9 3.3 Virus and Other Malicious Code
3.3.1 Why worry about Malicious Code? Malicious code can do much (harm) It can do anything any other program can such as writing a message on a computer screen, stopping a running program, generating a sound or erasing a stored file Or it can do nothing at all right now; it can be planted to lie dormant, undetected, until some event triggers the code to act Malicious code runs under the user’s authority but without the user’s permission or even knowledge

10 3.3 Virus and Other Malicious Code
3.3.2 Kinds of Malicious Code Malicious code/rogue program is the general name for unanticipated or undesired effects in programs or programs parts, caused by an agent intent on damage The agent is the writer of the program or the person who causes its distribution A virus is a program that can pass on malicious code to other non-malicious programs by modifying them A virus can be either transient or resident

11 3.3 Virus and Other Malicious Code
Transient virus Has a life that depends on the life of its host; the virus runs when its attached program executes and terminates when its attached program ends Resident virus Locates itself in memory; Then it can remain active or be activates as a stand- alone program, even after its attached program ends

12 3.3 Virus and Other Malicious Code
Types of Malicious Code Code Type Characteristics Virus Attaches itself to program and propagates copies of itself to other program Trojan horse Contains unexpected, additional functionality Logic bomb Triggers action when condition occurs Time bomb Triggers action when specified time occurs Trapdoor Allows unauthorized access to functionality Worm Propagates copies of itself through a network Rabbit Replicates itself without limit to exhaust resources

13 3.3 Virus and Other Malicious Code
3.3.3 How Viruses Attach Appended Viruses A program virus attaches itself to a program, then whenever the program is run, the virus is activated. Refer to Figure 3-4 page 118 Viruses That Surround a Program Virus that runs the original program but has control before and after its execution Refer to Figure 3-5 page 119 Integrated Viruses and Replacements Viruses replaces some of its target and integrate itself into the original code of the target Refer to Figure 3-6 page 120

14 3.3 Virus and Other Malicious Code
3.3.4 Document Viruses It is implemented within a formatted document, such as written document, database, a slide presentation or spreadsheet

15 3.3 Virus and Other Malicious Code
3.3.5 Homes For Viruses The virus writer may find these qualities appealing in a virus: It is hard to detect It is not easily destroyed or deactivated It spreads infection widely It can re-infect its home program or other programs It is easy to create It is machine independent and operating system independent

16 3.3 Virus and Other Malicious Code
3.3.6 Prevention of Virus Infection There are six techniques: Use only commercial software acquired from reliable, well-established vendors. Test all new software on an isolated computer. Open attachments only when you know them to be safe. Make a recoverable system image and store it safely Make and retain backup copies of executable system files. Use virus detectors regularly and update them daily.

17 3.3 Virus and Other Malicious Code
3.3.7 Truth and Misconceptions about viruses Viruses can infect only Microsoft Windows systems (False) Viruses can modify “hidden” or “read-only” files (True) Viruses can appear only in data files, or only in Word documents, or only in programs (False) Viruses spread only on disks or through (False) Viruses cannot remain in memory after a complete power off/power on reboot (True) Viruses cannot infect hardware (True) Viruses can be malevolent, benign, or benevolent (True)

18 3.4 Targeted Malicious Code
3.4.1 Trapdoor It is an undocumented entry point to a module Developers insert trapdoors during code development, perhaps to test the module, to provide “hooks” by which to connect future modifications or enhancements, or to allow fail in the future Can allow a programmer access to a program once it is placed in production

19 3.4 Targeted Malicious Code
3.4.1 Trapdoor Causes of Trapdoors Trapdoors can persist in production programs because the developers Forget to remove them Intentionally leave them in the program for testing Intentionally leave them in the program for maintenance of the finished program Intentionally leave them in the program as a covert means of access to the component after it becomes an accepted part of a production system

20 3.4 Targeted Malicious Code
3.4.2 Salami Attack A salami attack merges bits of seemingly inconsequential data to yield powerful results Normally, salami attack when the course code of a system is too large or complex to be audited Why Salami Attacks Persist Computer computations are notoriously subject to small errors involving rounding and truncation It is easier for programmers and users to accept a small amount of error as natural and unavoidable

21 3.4 Targeted Malicious Code
3.4.3 Covert channels: Programs that leaks Information Programs that communicate information to people who should not receive it The communication travels unnoticed, accompanying other, perfectly proper, communications Example: - A programmer who has direct access to data can usually just read the data and write it to another file or print it out - If, however, the programmer is one step removed from the data (outside the organizational owning the data), the programmer must figure how to get the data - One way --> to built-in Trojan horse (once the horse is enabled, it finds and transmits the data - In order to send the data to the others, the programmer has to arrange to extract the data more surreptitiously - Covert channels are a means of extracting the data clandestinely

22 3.5 Controls Against Program Threats
3.5.1 Development Controls It requires people to: Specify the system Design the system Implement the system Test the system Review the system Document the system Manage the system Maintain the system

23 3.5 Controls Against Program Threats
3.5.2 Operating System Controls on Use of Programs A trusted software is where we know the code has been rigorously developed and analysed To trust any program, we should look for: Functional correctness Enforcement of integrity Limited privilege Appropriate confidence level Others include: Mutual suspicion Confinement Access log

24 3.5 Controls Against Program Threats
3.5.3 Administrative Controls Standards of Program Development Administrative controls can be exercised by considering the following standards of: Design Documentation, language and coding style Programming Testing Configuration management

Download ppt "CHAPTER 3 PROGRAM SECURITY."

Similar presentations

IS 376 NOVEMBER 5, 2013 2013 DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.

IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.
Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.

Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
CPSC 6126 Computer Security Information Assurance.

CPSC 6126 Computer Security Information Assurance.
Chapter 3 (Part 1) Network Security

Chapter 3 (Part 1) Network Security
Unit 18 Data Security 1.

Unit 18 Data Security 1.
ITMS- 3153 Information Systems Security 1. Malicious Code Malicious code or rogue program is the general name for unanticipated or undesired effects in.

ITMS Information Systems Security 1. Malicious Code Malicious code or rogue program is the general name for unanticipated or undesired effects in.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]

________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Lecture 15 Overview. Kinds of Malicious Codes Virus: a program that attaches copies of itself into other programs. – Propagates and performs some unwanted.

Lecture 15 Overview. Kinds of Malicious Codes Virus: a program that attaches copies of itself into other programs. – Propagates and performs some unwanted.
Chap 3: Program Security.  Programming errors with security implications: buffer overflows, incomplete access control  Malicious code: viruses, worms,

Chap 3: Program Security.  Programming errors with security implications: buffer overflows, incomplete access control  Malicious code: viruses, worms,
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Chapter 3 – Program Security Section 3.4 Targeted Malicious Code Section 3.5 Controls Against Program Threats.

Chapter 3 – Program Security Section 3.4 Targeted Malicious Code Section 3.5 Controls Against Program Threats.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Data Security.

Data Security.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.

CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.
 a crime committed on a computer network, esp. the Internet.

 a crime committed on a computer network, esp. the Internet.

Similar presentations

Ads by Google