exploiting insecurity to secure software update systems
play

Exploiting Insecurity to Secure Software Update Systems Justin - PowerPoint PPT Presentation

Feb 11, 2024 •316 likes •431 views

Exploiting Insecurity to Secure Software Update Systems Justin Cappos Department of Computer Science and Engineering University of Washington Introduction software update system -- a piece of software that installs, updates, removes, or

  1. Exploiting Insecurity to Secure Software Update Systems Justin Cappos Department of Computer Science and Engineering University of Washington

  2. Introduction software update system -- a piece of software that installs, updates, removes, or patches software or firmware on a device by retrieving information (software updates) from a trusted, external source (repository) Software update systems are widely insecure [Bellissimo HotSec 06, Cappos CCS 08] Software update systems are ubiquitous

  3. But security is simple, right? Just use HTTPS Common errors in how certificates are handled Online data becomes single point of weakness ... and add signatures to the software updates Attackers can perform a replay attack ... and add version numbers to the software updates Attackers can launch freeze attacks

  4. But security is simple, right? (cont.) ...... and add a quorum of keys signature system for the root of trust, add signing by different compartmentalized key types, use online keys only to provide freeze attack protection and bound their trust window, etc. [Thandy software updater for Tor] We still found 8 design or implementation flaws Having each developer build their own "secure" software update system will fail

  5. Is there a practical risk? PlanetLab uses YUM -- updates come both from Fedora 9 and PLC Lease a server and have it listed as an official Fedora mirror Ensure that PlanetLab nodes contact only your mirror Find existing exploit code for an old version of a package that isn't installed Change the package metadata so the old version of the package is installed with any update After the PlanetLab node does an update, remotely exploit it A knowledgable attacker can root any system on PlanetLab today!

  6. Our approach for new systems Build a client library that provides security for software update systems Build a repository library that correctly signs developer updates

  7. Our approach for legacy systems Must retain functionality of existing system Intercept traffic from insecure software update systems to transparently force it through the client library Provide feedback to the user / system administrator

  8. Proposal Overview Work with the Tor project Many pairs of eyes uncover bugs more easily Build an artifact early, add security mechanisms gradually Portability of the client library is key Focus on supporting the developer / repository interface(s) used by GENI and Tor

  9. Conclusion Software update systems are extremely vulnerable Subtle issues in building a secure software update system We propose to: Build a library for securing software update systems Secure legacy systems by exploiting their insecurity Work with the open source community to ensure quality

  10. Why focus on this threat? Existing implementations are insecure [Bellissimo 06, Cappos 08] Software update systems run as root Traditional defenses don't protect against attacks Ubiquitous An attack often appears benign Attack code can be easily reused [EvilGrade] Trends show server attacks are on the rise [CERT]

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Programming with Static Analysis Brian Chess brian@fortify.com Software Systems that

Secure Programming with Static Analysis Brian Chess brian@fortify.com Software Systems that

Secure Programming with Static Analysis Brian Chess brian@fortify.com Software Systems that are Ubiquitous Connected Dependable Complexity Unforeseen Consequences Software Security Today The line between secure/insecure is

624 views • 48 slides
Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15

Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15

Securing Secure Boot on Xen Ross Lagerwall Software Engineer, Citrix Systems 1 / 15 Presentation licensed CC-By-SA-4.0 Why Secure Boot? How can we prevent running malware at boot? With Secure Boot! What if the machine is a VM in

303 views • 15 slides
Open Source secure software updates for Linux-based IVI systems Arthur Taylor, CTO, ATS Advanced

Open Source secure software updates for Linux-based IVI systems Arthur Taylor, CTO, ATS Advanced

Open Source secure software updates for Linux-based IVI systems Arthur Taylor, CTO, ATS Advanced Telematic Systems Abstract Cyber security and vehicle recalls are two of the hottest topics in automotive software development right now.

351 views • 23 slides
Securing Software Systems by Preventing Information Leaks Kangjie Lu Georgia Institute of

Securing Software Systems by Preventing Information Leaks Kangjie Lu Georgia Institute of

Securing Software Systems by Preventing Information Leaks Kangjie Lu Georgia Institute of Technology Computer devices are everywhere 2 Foundational software systems 3 Inherent insecurity: Vulnerabilities and insecure designs Implemented in

774 views • 74 slides
Exploiting type systems and static analyses for smart card security Xavier Leroy INRIA

Exploiting type systems and static analyses for smart card security Xavier Leroy INRIA

Exploiting type systems and static analyses for smart card security Xavier Leroy INRIA Rocquencourt & Trusted Logic 1 Outline 1. What makes strongly typed programs more secure? 2. Enforcing strong typing (bytecode verification). 3.

828 views • 45 slides
What is Secure? Engineering Secure Software Last Revised: August 19, 2020 SWEN-331: Engineering

What is Secure? Engineering Secure Software Last Revised: August 19, 2020 SWEN-331: Engineering

What is Secure? Engineering Secure Software Last Revised: August 19, 2020 SWEN-331: Engineering Secure Software Benjamin S Meyers 1 Recent Security Incidents Garmin Ransomware -- $10 million Sync servers down for many days

506 views • 21 slides
ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices N. Asokan 1 ,

ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices N. Asokan 1 ,

ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices N. Asokan 1 , Thomas Nyman 1,2 , Norrathep Rattanavipanon 3 , Ahmad-Reza Sadeghi 4 , Gene Tsudik 3 1 Aalto University, 2 Trustonic, 3 University of California, Irvine,

537 views • 26 slides
Outline Atlanta, GA What is food insecurity? Food Insecurity in Why we care about

Outline Atlanta, GA What is food insecurity? Food Insecurity in Why we care about

2010 MOWAA Annual Conference and EXPO Outline Atlanta, GA What is food insecurity? Food Insecurity in Why we care about food insecurity? Older Americans: What are barriers to achieve food security? What are the consequences of

290 views • 4 slides
A Component Security Infrastructure Y. David Liu Scott Smith http://www.jcells.org 9/24/15

A Component Security Infrastructure Y. David Liu Scott Smith http://www.jcells.org 9/24/15

A Component Security Infrastructure Y. David Liu Scott Smith http://www.jcells.org 9/24/15 Cells @ FCS 2002 1 Motivation Build software systems Secure software using components systems SDSI/SPKI Cells Secure software systems at the

833 views • 38 slides
A Model-driven Approach Towards Designing and Analysing Secure Systems for Multi-clouds Shaun

A Model-driven Approach Towards Designing and Analysing Secure Systems for Multi-clouds Shaun

A Model-driven Approach Towards Designing and Analysing Secure Systems for Multi-clouds Shaun Shei Secure and Dependable Software Systems (SenSe) Haralambos Mouratidis Stylianos Kapetanakis Aidan Delaney Overview What is Cloud Computing?

774 views • 56 slides
Secure Software Programming and Vulnerability Analysis Christopher Kruegel

Secure Software Programming and Vulnerability Analysis Christopher Kruegel

Automation Systems Group Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Automation Systems Group Buffer Overflows Secure Software Programming 2

520 views • 17 slides
Outline Big-Picture Introduction CSci 4271W Development of Secure Software Systems

Outline Big-Picture Introduction CSci 4271W Development of Secure Software Systems

Outline Big-Picture Introduction CSci 4271W Development of Secure Software Systems Breakout-group Introductions Day 1: Introduction and logistics Stephen McCamant (he/him/his) Course Logistics University of Minnesota, Computer Science &

637 views • 6 slides
BGP update profiles and the implications for secure BGP update validation processing Geoff

BGP update profiles and the implications for secure BGP update validation processing Geoff

BGP update profiles and the implications for secure BGP update validation processing Geoff Huston APNIC 7th caida/wide measurement workshop Nov 3-4 2006 Why? Secure BGP proposals all rely on some form of validation of BGP update

344 views • 19 slides
Secure Systems Engineering Chester Rebeiro Indian Institute of Technology Madras Secure Systems

Secure Systems Engineering Chester Rebeiro Indian Institute of Technology Madras Secure Systems

Secure Systems Engineering Chester Rebeiro Indian Institute of Technology Madras Secure Systems Computer systems can be considered a closed box. Informa8on in the box is safe as long as nothing enters or leaves the box. Systems S8ll

206 views • 16 slides
Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr

Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr

Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Original slides by Marcus Bendtsen Agenda Securing the software

1.91k views • 65 slides
The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs CHES, September 16 th ,

The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs CHES, September 16 th ,

The Gap Between Promise and Reality: On the Insecurity of XOR Arbiter PUFs CHES, September 16 th , 2015 Georg T. Becker Horst Grtz Institute for IT-Security, Ruhr University Bochum 1 Agenda The Promise Strong PUFs: A lightweight, secure

726 views • 37 slides
Employer Contacts & Security in Re#rement Online NYSLRS Retirement Online Employer Workshop

Employer Contacts & Security in Re#rement Online NYSLRS Retirement Online Employer Workshop

Employer Contacts & Security in Re#rement Online NYSLRS Retirement Online Employer Workshop Presented by: New York State & Local Retirement System Office of the New York State Comptroller Thomas P. DiNapoli Agenda Topics Time

732 views • 30 slides
Computer System Administration Computer Center, CS, NCTU What System Administrator Should do? (1)

Computer System Administration Computer Center, CS, NCTU What System Administrator Should do? (1)

Computer System Administration Computer Center, CS, NCTU What System Administrator Should do? (1) Ordinary list Install new system, programs and OS updates Monitoring system and trying to Tune performance Adding and removing users

762 views • 22 slides
CSN11121 System Administration and Forensics Week 2: Introduction/Linux Basics Week 2:

CSN11121 System Administration and Forensics Week 2: Introduction/Linux Basics Week 2:

CSN11121 System Administration and Forensics Week 2: Introduction/Linux Basics Week 2: Introduction/Linux Basics Module Leader: Dr Gordon Russell Lecturers: G. Russell, R.Ludwiniak Aliases: CSN11122 (Distance Learning Version) System

547 views • 50 slides
Time Management for System Administrators www.EverythingSysAdmin.com Top 5 #1 Create a

Time Management for System Administrators www.EverythingSysAdmin.com Top 5 #1 Create a

Hit The Ground Running: Time Management for System Administrators www.EverythingSysAdmin.com Top 5 #1 Create a Mutual Interruption Shield #2 Turn Chaos Into Routines #3 Record All Requests #4 Keep 365 Todo-Lists Each Year #5

553 views • 27 slides
Affinity Group 3 March 27, 2018 The University of Wisconsin Service Center will Serve the

Affinity Group 3 March 27, 2018 The University of Wisconsin Service Center will Serve the

Affinity Group 3 March 27, 2018 The University of Wisconsin Service Center will Serve the people of the University of Wisconsin System Collaborate by being supportive and constructive Act with Integrity always and in all

580 views • 33 slides
For Wednesday No reading No homework Lab Exam In lab this week H drive will be

For Wednesday No reading No homework Lab Exam In lab this week H drive will be

For Wednesday No reading No homework Lab Exam In lab this week H drive will be ERASED before and after the exam Make sure you have saved everything from your H drive well before your lab exam Make sure you submit

691 views • 13 slides
QUICK INTRODUCTION People call me GONZ QUICK INTRODUCTION 1. Never went to Art School

QUICK INTRODUCTION People call me GONZ QUICK INTRODUCTION 1. Never went to Art School

QUICK INTRODUCTION People call me GONZ QUICK INTRODUCTION 1. Never went to Art School QUICK INTRODUCTION 1. Never went to Art School 2. Never took Computer Science class QUICK INTRODUCTION 1. Never went to Art School 2. Never took Computer

1.91k views • 127 slides
IND 105 LESSON 4 Responsibilities and Authorities of a Property Administrator (PA) TLO 4: Given

IND 105 LESSON 4 Responsibilities and Authorities of a Property Administrator (PA) TLO 4: Given

Responsibilities & Authorities of a Property Administrator IND 105 LESSON 4 Responsibilities and Authorities of a Property Administrator (PA) TLO 4: Given the need to administer Contract Government property under a contract, recognize

371 views • 16 slides

More recommend