Presentation is loading. Please wait.

Presentation is loading. Please wait.

 Background  Penetration Studies  Example Vulnerabilities  Classification Frameworks  Theory of Penetration Analysis Computer Security: Art and Science.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: " Background  Penetration Studies  Example Vulnerabilities  Classification Frameworks  Theory of Penetration Analysis Computer Security: Art and Science."— Presentation transcript:

1  Background  Penetration Studies  Example Vulnerabilities  Classification Frameworks  Theory of Penetration Analysis Computer Security: Art and Science ©2004 Matt Bishop

2  System architecture: based on strict file typing  Entities: ordinary users, privileged users, privileged programs, OS tasks ▪ Ordinary users tightly restricted ▪ Other 3 can access file data without restriction but constrained from compromising integrity of system  No assemblers; compilers output executable code  Data files, executable files have different types ▪ Only compilers can produce executables ▪ Writing to executable or its attributes changes its type to data  Class exercise: obtain status of privileged user  Layer 3 exercise Computer Security: Art and Science ©2004 Matt Bishop

3  System had tape drives  Writing file to tape preserved file contents  Header record indicates file attributes including type  Data could be copied from one tape to another Computer Security: Art and Science ©2004 Matt Bishop

4  System cannot detect change to executable file if that file is altered off-line Computer Security: Art and Science ©2004 Matt Bishop

5  Consider a file “privileged.exe” that can only be executed by privileged users.  Write small program to change type of any file from data to executable (data-2-exe.exe)  Compiled, but could not be used yet as it would alter file attributes, making target a data file  Write this to tape  Write a small utility to copy contents of tape 1 to tape 2(copy-and-change-type.exe)  Utility also changes header record of contents to indicate file was a compiler (and so could output executables) Computer Security: Art and Science ©2004 Matt Bishop

6  Run copy program (copy-and-change-type.exe)  As header record copied, type of data-2-exe.exe becomes “compiler”  Reinstall data-2-exe.exe program as a new compiler  Compile and create privileged.exe normally, and change machine code to give privileges to anyone calling it (this makes it data, of course)  Now use new compiler(data-2-exe.exe) to change privileged.exe type from data to executable  Write third program to call privileged.exe  Now you have privileges Computer Security: Art and Science ©2004 Matt Bishop

7  Prevent unprivileged users from loading executables off tape. Computer Security: Art and Science ©2004 Matt Bishop

8  Goal: determine whether corporate security measures were effective in keeping external attackers from accessing system  Layer 1  Testers focused on policies and procedures  Both technical and non-technical Computer Security: Art and Science ©2004 Matt Bishop

9  Searched Internet  Got names of employees, officials  Got telephone number of local branch, and from them got copy of annual report  Constructed much of the company’s organization from this data  Including list of some projects on which individuals were working Computer Security: Art and Science ©2004 Matt Bishop

10  Corporate directory would give more needed information about structure  Tester impersonated new employee ▪ Learned two numbers needed to have something delivered off-site: employee number of person requesting shipment, and employee’s Cost Center number  Testers called secretary of executive they knew most about ▪ One impersonated an employee, got executive’s employee number ▪ Another impersonated auditor, got Cost Center number  Had corporate directory sent to off-site “subcontractor” Computer Security: Art and Science ©2004 Matt Bishop

11  Controls blocking people giving passwords away not fully communicated to new employees  Testers impersonated secretary of senior executive ▪ Called appropriate office ▪ Claimed senior executive upset he had not been given names of employees hired that week ▪ Got the names Computer Security: Art and Science ©2004 Matt Bishop

12  Testers called newly hired people  Claimed to be with computer center  Provided “Computer Security Awareness Briefing” over phone  During this, learned: ▪ Types of computer systems used ▪ Employees’ numbers, logins, and passwords  Called computer center to get modem numbers  These bypassed corporate firewalls  Success Computer Security: Art and Science ©2004 Matt Bishop

Download ppt " Background  Penetration Studies  Example Vulnerabilities  Classification Frameworks  Theory of Penetration Analysis Computer Security: Art and Science."

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.

Vulnerability Analysis. Formal verification Formally (mathematically) prove certain characteristics Proves the absence of flaws in a program or design.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
CSUF Chapter 3.2 1. CSUF Operating Systems Security 2.

CSUF Chapter CSUF Operating Systems Security 2.
Section 3.2: Operating Systems Security

Section 3.2: Operating Systems Security
Malicious Logic What is malicious logic Types of malicious logic Defenses Computer Security: Art and Science ©2002-2004 Matt Bishop.

Malicious Logic What is malicious logic Types of malicious logic Defenses Computer Security: Art and Science © Matt Bishop.
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.

Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
Irwin/McGraw-Hill Copyright © 2004 The McGraw-Hill Companies. All Rights reserved Whitten Bentley DittmanSYSTEMS ANALYSIS AND DESIGN METHODS6th Edition.

Irwin/McGraw-Hill Copyright © 2004 The McGraw-Hill Companies. All Rights reserved Whitten Bentley DittmanSYSTEMS ANALYSIS AND DESIGN METHODS6th Edition.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Network security policy: best practices

Network security policy: best practices
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.

Auditing Logical Access in a Network Environment Presented By, Eric Booker and Mark Ren New York State Comptroller’s Office Network Security Unit.
Bina Nusantara 2 C H A P T E R INFORMATION SYSTEM BUILDING BLOCKS.

Bina Nusantara 2 C H A P T E R INFORMATION SYSTEM BUILDING BLOCKS.

Similar presentations

Ads by Google