intrusion recovery for database backed web applications
play

Intrusion Recovery for Database-backed Web Applications Ramesh - PowerPoint PPT Presentation

Oct 04, 2023 •680 likes •1.44k views

Intrusion Recovery for Database-backed Web Applications Ramesh Chandra , Taesoo Kim, Meelap Shah, Neha Narula, Nickolai Zeldovich MIT CSAIL Web applications routinely compromised Web applications routinely compromised Web applications

  1. Intrusion Recovery for Database-backed Web Applications Ramesh Chandra , Taesoo Kim, Meelap Shah, Neha Narula, Nickolai Zeldovich MIT CSAIL

  2. Web applications routinely compromised

  3. Web applications routinely compromised

  4. Web applications routinely compromised

  5. Recovering integrity is important ● Preventing intrusions is important, but compromises will still happen ● Vulnerabilities are common, and new bugs are constantly being found [CVE] – 3-4 new vulnerabilities found per day, on average for the past 4 years ● Administrators misconfigure policies, settings ● This talk: recovering integrity after attack

  6. Cross-site scripting (XSS) bugs (simplified) Time Eve's browser Wiki pages table ID Text 5 Welcome!! Alice's browser Wiki Server

  7. Cross-site scripting (XSS) bugs (simplified) Time Eve's browser Edit page: <script>httpReq(“/addAcl?u=Eve”) </script> Wiki pages table ID ID Text Text 5 5 Welcome!! <script>...</script> Alice's browser Wiki Server

  8. Cross-site scripting (XSS) bugs (simplified) Time Eve's browser Wiki pages table ID ID Text Text <script> httpReq(“/addAcl?u=Eve”) 5 5 Welcome!! <script>...</script> </script> Alice's browser Wiki Server

  9. Cross-site scripting (XSS) bugs (simplified) Time Eve's browser Wiki pages table ID ID Text Text <script> httpReq(“/addAcl?u=Eve”) 5 5 Welcome!! <script>...</script> </script> Alice's browser Wiki Server Attack code runs as Alice

  10. Cross-site scripting (XSS) bugs (simplified) Time Eve's browser Wiki pages table ID ID Text Text <script> httpReq(“/addAcl?u=Eve”) 5 5 <script>...</script> Welcome!! </script> Legitimate Alice's requests browser Wiki Server Attack code Add Eve to ACL: runs as Alice /addAcl?u=Eve

  11. Recovering web application integrity is hard ● Web apps store data in shared data store ● Multiple users data is commingled ● Users access each other's data ● Makes recovering from attack complicated: ● Attack propagates across users ● Attack can arbitrarily corrupt user data – e.g., financial information ● Attack can install backdoors – e.g., modify ACLs, install Google apps scripts

  12. Limited recovery tools ● Backup-and-restore tools ● Attack may be detected days or weeks later ● Restoring from backup discards all users' changes ● Manual recovery ● Admin spends days or weeks tracking attack's effects ● Admin could miss a subtle backdoor or corruption

  13. Contributions ● Warp: web application intrusion recovery ● Undoes effects of attack but keeps legitimate changes ● Works for real applications: MediaWiki, Drupal, Gallery2 ● Key ideas: ● Retroactive patching eliminates need to pinpoint attack ● Time-travel DB precisely tracks causal effects ● DOM-level replay preserves users' intended changes

  14. High-level approach: rollback and re-execute ● Normal execution ● Record actions in system to a log ● Record causal dependencies between actions ● Record checkpoints system state ● Repair ● Identify attack action ● Rollback affected system state to before attack ● Replay all affected actions except attack action

  15. Normal execution Time Eve's browser Eve's Req Wiki pages table ID Text 5 <script>...</script> ID Text 5 Welcome!! Dependencies Dependencies Alice's Req Alice's Warp logs browser Warp state … … Wiki Server

  16. Normal execution Time Eve's browser Eve's Req Wiki pages table ID Text Log HTTP requests 5 <script>...</script> Log database ID Text queries 5 Welcome!! Server actions Server Server actions Dependencies Dependencies Alice's Req Alice's Warp logs browser Warp state … … Wiki Server

  17. Normal execution Time Eve's browser Eve's Req Wiki pages table ID Text ID Text 5 Welcome!! Maintain 5 <script>...</script> ID Text checkpoints Checkpoints of database 5 Welcome!! Server actions Server actions Server Server Server actions Server actions Dependencies Dependencies Dependencies Dependencies Alice's Req Alice's Warp logs Warp logs browser Warp state Warp state … … Wiki Server

  18. Normal execution Time Eve's browser Eve's Req Wiki pages table ID Text ID Text Record 5 Welcome!! 5 <script>...</script> user actions ID Text using a browser Checkpoints 5 Welcome!! extension Server actions Server Server actions Dependencies Dependencies Alice's Req Alice's Client actions Client actions Warp logs browser Warp state … … Wiki Server Client actions

  19. Strawman repair Time Eve's browser Eve's Req Wiki pages table ID Text ID Text 5 Welcome!! 5 <script>...</script> ID Text Checkpoints 5 Welcome!! Server actions Server Server actions Dependencies Dependencies Alice's Req Alice's Warp client log Client actions Client actions Warp logs browser Warp state … … Wiki Server

  20. Repair: identify attack Time Eve's browser Eve's Req Wiki pages table ID Text ID Text Attack action 5 Welcome!! 5 <script>...</script> ID Text Checkpoints 5 Welcome!! Server actions Dependencies Alice's Req Alice's Client actions browser Warp state … … Wiki Server

  21. Repair: rollback to before attack Time Eve's browser Eve's Req Wiki pages table ID Text Rollback DB 5 Welcome!! ID Text Checkpoints 5 Welcome!! Server actions Server Server actions Dependencies Dependencies Alice's Req Alice's Warp client log Client actions Client actions Warp logs browser Warp state … … Wiki Server

  22. Repair: skip attack action X Time Eve's X browser X Eve's Req X Wiki pages table ID Text 5 Welcome!! ID Text Checkpoints 5 Welcome!! Server actions Server Server actions Dependencies Dependencies Alice's Req Alice's Warp client log Client actions Client actions Warp logs browser Warp state … … Wiki Server

  23. Repair: re-execute subsequent actions X Time Eve's X browser X Eve's Req X Wiki pages table ID Text Re-execute Alice's actions in 5 Welcome!! shadow browser Checkpoints Server actions Server Server actions Dependencies Dependencies Alice's Req Alice's Warp client log Client actions Client actions Warp logs browser Warp state … … Wiki Server Warp client log Client actions

  24. Repair: re-execute subsequent actions X Time Eve's X browser X Eve's Req X Wiki pages table ID Text 5 Welcome!! New response: Welcome!! Checkpoints Server actions Server Server actions Dependencies Dependencies Alice's Req Alice's Warp client log Client actions Client actions Warp logs browser Warp state … … Wiki Server Warp client log Client actions No attack code

  25. Repair: re-execute subsequent actions X Time Eve's X browser X Eve's Req X Wiki pages table ID Text 5 Welcome!! Checkpoints Server actions Server Server actions Preserve Dependencies Dependencies Alice's Req legitimate requests Alice's Warp client log Client actions Client actions Warp state browser Warp state X … … Wiki Server Client actions Skip attack requests

  26. Challenges to intrusion recovery X Time Eve's X browser Wiki pages table ID Text ID Text 5 Welcome!! 5 Welcome!! Alice's browser X Wiki Server

  27. Challenges to intrusion recovery X Time Eve's Must pinpoint X browser intrusion in a complex app Wiki pages table ID Text ID Text 5 Welcome!! 5 Welcome!! Alice's browser X Wiki Server

  28. Challenges to intrusion recovery X Time Eve's Must pinpoint X browser intrusion in a complex app Bob's Wiki pages table Must reduce browser unnecessary ID Text ID Text re-execution 5 Welcome!! 5 Welcome!! Alice's browser X Wiki Server

  29. Challenges to intrusion recovery X Time Eve's Must pinpoint X browser intrusion in a complex app Bob's Wiki pages table Must reduce browser unnecessary ID Text ID Text re-execution 5 Welcome!! 5 Welcome!! Alice's Must reduce browser X user involvement during repair Wiki Server

  30. Challenge 1: intrusion detection is difficult Time Eve's browser Need expert Wiki pages table to pinpoint attack ID Text ID ID Text Text 5 Welcome!! 5 5 Welcome!! <script>...</script> Alice's browser Wiki Server

  31. Idea: retroactive patching ● Key observation: patch renders attacks harmless ● Approach: ● Retroactively apply security patches back in time ● Re-execute all affected requests

  32. Retroactive patching Time Eve's browser Eve's Req Wiki pages table ID Text ID Text 5 Welcome!! 5 <script>...</script> ID Text 5 Welcome!! Alice's Req Alice's browser … … Wiki Server

  33. Retroactive patching: normal execution Time Eve's main.php browser Eve's Req Wiki pages table ID Text ID Text 5 Welcome!! 5 <script>...</script> ID Text 5 Welcome!! Alice's Req Alice's browser … … Wiki Server

  34. Retroactive patching: repair Time Eve's main.php browser Eve's Req Wiki pages table ID Text ID Text 5 Welcome!! 5 <script>...</script> ID Text 5 Welcome!! Alice's Req Alice's browser … … Wiki Server

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications Adam

Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications Adam

Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications Adam Chlipala OSDI 2010 Beyond Code Injection 1.Injection An application includes an Dependent on application-specific unintended run-time program

595 views • 20 slides
21 Database Recovery Intro to Database Systems Andy Pavlo AP AP 15-445/15-645 Computer

21 Database Recovery Intro to Database Systems Andy Pavlo AP AP 15-445/15-645 Computer

21 Database Recovery Intro to Database Systems Andy Pavlo AP AP 15-445/15-645 Computer Science Carnegie Mellon University Fall 2019 2 CRASH RECOVERY Recovery algorithms are techniques to ensure database consistency, transaction

4.72k views • 44 slides
Database Recovery Lecture # 21 Database Systems Andy Pavlo AP AP Computer Science

Database Recovery Lecture # 21 Database Systems Andy Pavlo AP AP Computer Science

Database Recovery Lecture # 21 Database Systems Andy Pavlo AP AP Computer Science 15-445/15-645 Carnegie Mellon Univ. Fall 2018 2 CRASH RECOVERY Recovery algorithms are techniques to ensure database consistency, transaction atomicity,

970 views • 73 slides
ADVANCED DATABASE SYSTEMS Recovery Protocols @ Andy_Pavlo // 15- 721 // Spring 2019 CMU

ADVANCED DATABASE SYSTEMS Recovery Protocols @ Andy_Pavlo // 15- 721 // Spring 2019 CMU

Lect ure # 12 ADVANCED DATABASE SYSTEMS Recovery Protocols @ Andy_Pavlo // 15- 721 // Spring 2019 CMU 15-721 (Spring 2019) 2 DATABASE RECOVERY Recovery algorithms are techniques to ensure database consistency , atomicity and durability

1.05k views • 50 slides
Course Content Database Management Systems Introduction Database Design Theory

Course Content Database Management Systems Introduction Database Design Theory

Course Content Database Management Systems Introduction Database Design Theory Query Processing and Optimisation Winter 2003 Concurrency Control Data Base Recovery and Security CMPUT 391: Database Recovery and Security

274 views • 12 slides
Microfabricated GC for Sub-ppb v Determinations of TCE in Vapor Intrusion Applications Jim

Microfabricated GC for Sub-ppb v Determinations of TCE in Vapor Intrusion Applications Jim

Microfabricated GC for Sub-ppb v Determinations of TCE in Vapor Intrusion Applications Jim Reisinger 1 , Hungwei Chang 2 , Sun Kyu Kim 2 , Thitiporn Sukaew 2 , Edward Zellers 2 and David Burris 1 1 Integrated Science &amp; Technology, Inc. 2

494 views • 22 slides
RECOVERY CHAPTER 21,23 (6/E) CHAPTER 17,19 (5/E) LECTURE OUTLINE Failures

RECOVERY CHAPTER 21,23 (6/E) CHAPTER 17,19 (5/E) LECTURE OUTLINE Failures

RECOVERY CHAPTER 21,23 (6/E) CHAPTER 17,19 (5/E) LECTURE OUTLINE Failures Recoverable schedules Transaction logs Recovery procedure 2 PURPOSE OF DATABASE RECOVERY To bring the database into the most recent consistent

481 views • 14 slides
Detecting and Surviving Intrusions Exploring New Host-Based Intrusion Detection, Recovery, and

Detecting and Surviving Intrusions Exploring New Host-Based Intrusion Detection, Recovery, and

Detecting and Surviving Intrusions Exploring New Host-Based Intrusion Detection, Recovery, and Response Approaches Ph.D. Thesis Defense December 17th, 2019 1 HP Labs (ronny.chevalier@hp.com) 2 CIDRE Team, CentraleSuplec/Inria/CNRS/IRISA

1.66k views • 140 slides
Survivor: A Fine-Grained Intrusion Response and Recovery Approach for Commodity Operating Systems

Survivor: A Fine-Grained Intrusion Response and Recovery Approach for Commodity Operating Systems

Survivor: A Fine-Grained Intrusion Response and Recovery Approach for Commodity Operating Systems ACSAC, December 13th, 2019 1 HP Labs, United Kingdom (ronny.chevalier@hp.com, david.plaquin@hp.com, cid@hp.com) 2 CIDRE Team,

820 views • 56 slides
Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications Lecture #24:

Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications Lecture #24:

Faloutsos CMU SCS 15-415 CMU SCS Carnegie Mellon Univ. Dept. of Computer Science 15-415 - Database Applications Lecture #24: Crash Recovery - part 1 (R&amp;G, ch. 18) CMU SCS General Overview Preliminaries Write-Ahead Log - main ideas

340 views • 19 slides
Asynchronous intrusion recovery for interconnected web services Ramesh Chandra, Taesoo Kim ,

Asynchronous intrusion recovery for interconnected web services Ramesh Chandra, Taesoo Kim ,

Asynchronous intrusion recovery for interconnected web services Ramesh Chandra, Taesoo Kim , Nickolai Zeldovich MIT CSAIL Today's web services are highly interconnected Many web services provide APIs to other sites Many websites

1.17k views • 82 slides
Designing Database Applications Walid G. Aref Roadmap for Designing Database Applications 1.

Designing Database Applications Walid G. Aref Roadmap for Designing Database Applications 1.

Designing Database Applications Walid G. Aref Roadmap for Designing Database Applications 1. Analyzing real-world applications Real-world application side: Domain experts To tell their story What they need DBMS side: System

584 views • 46 slides
5. Technology Applications 5.1 What is a Database? 5.2 Types of Databases 5.3 Choosing the

5. Technology Applications 5.1 What is a Database? 5.2 Types of Databases 5.3 Choosing the

5. Technology Applications 5.1 What is a Database? 5.2 Types of Databases 5.3 Choosing the Right Database 5.4 Database Programming Tools 5.5 How to Search Your Database 5.6 Data Warehousing and Mining 5.7 Enterprise-Wide Data Systems

1.14k views • 88 slides
Insider Threat Insider Threat (Database Intrusion Detection) 1 Insider Threats: Motivation and

Insider Threat Insider Threat (Database Intrusion Detection) 1 Insider Threats: Motivation and

Insider Threat Insider Threat (Database Intrusion Detection) 1 Insider Threats: Motivation and Challenges Challenges Mission critical information = High value target Threatens Government organizations and large corporations

435 views • 39 slides
Towards Regression Testing for Database Applications Gregory M. Kapfhammer Department of

Towards Regression Testing for Database Applications Gregory M. Kapfhammer Department of

Introduction to Database Applications Database-Aware Test Coverage Monitoring Regression Testing Experimental Study Future Work and Conclusions Towards Regression Testing for Database Applications Gregory M. Kapfhammer Department of

475 views • 23 slides
Intrusion Detection and Prevention System (IPS) Technology, Applications, and Trend Dr.

Intrusion Detection and Prevention System (IPS) Technology, Applications, and Trend Dr.

Intrusion Detection and Prevention System (IPS) Technology, Applications, and Trend Dr. Nen-Fu (Fred) Huang Professor, Department of Computer Science, National Tsing Hua University, Taiwan President, Broadweb Corp, Taiwan E-mail:

846 views • 41 slides
Healthcare Personnel Safety Component Healthcare Personnel Vaccination Module Influenza Vaccination

Healthcare Personnel Safety Component Healthcare Personnel Vaccination Module Influenza Vaccination

Healthcare Personnel Safety Component Healthcare Personnel Vaccination Module Influenza Vaccination Summary Inpatient Rehabilitation Facilities National Center for Emerging and Zoonotic Infectious Diseases Division of Healthcare Quality Promotion

1.38k views • 68 slides
Crash Recovery Chapter 18 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke 1

Crash Recovery Chapter 18 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke 1

Crash Recovery Chapter 18 Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke 1 Review: The ACID properties A A tomicity: All actions in the Xact happen, or none happen. C C onsistency: If each Xact is consistent, and

253 views • 9 slides
preha Establishing Precision Rehabilitation with Visual Analytics Georg Bernold, Kresimir

preha Establishing Precision Rehabilitation with Visual Analytics Georg Bernold, Kresimir

preha Establishing Precision Rehabilitation with Visual Analytics Georg Bernold, Kresimir Matkovic, M.Eduard Grller, Renata G. Raidou Renata Raidou 2 Conventional Rehabilitation Renata Raidou 3 Precision Rehabilitation Challenges: Data

2.15k views • 32 slides
How Much Rehab Should You Do To Maximize Profits? A Free Webinar from BiggerPockets.com Hosted

How Much Rehab Should You Do To Maximize Profits? A Free Webinar from BiggerPockets.com Hosted

How Much Rehab Should You Do To Maximize Profits? A Free Webinar from BiggerPockets.com Hosted by J Scott &amp; Tarl Yarber Have You Ever Felt this way Before? There are too many decisions to make on my rehab!!! Im not sure how

1.27k views • 71 slides
Support Recovery for Orthogonal Matching Pursuit: Upper and Lower bounds Raghav Somani 1 , Chirag

Support Recovery for Orthogonal Matching Pursuit: Upper and Lower bounds Raghav Somani 1 , Chirag

Support Recovery for Orthogonal Matching Pursuit: Upper and Lower bounds Raghav Somani 1 , Chirag Gupta 2 , Prateek Jain 1 &amp; Praneeth Netrapalli 1 1 Microsoft Research Lab - India 2 Machine Learning Department, Carnegie Mellon University

895 views • 21 slides
BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay,

BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay,

BinRec: Attack Surface Reduction Through Dynamic Binary Recovery Taddeus Kroes, Anil Altinay, Joseph Nash, Yeoul Na, Stijn Volckaert, Herbert Bos, Michael Franz, Cristiano Giuffrida October 19, 2018 Attack Surface Reduction x =

2.55k views • 62 slides
Plastic Recovery and Recycling Project Accounting Standard Introduction to the first

Plastic Recovery and Recycling Project Accounting Standard Introduction to the first

Plastic Recovery and Recycling Project Accounting Standard Introduction to the first consultation Julianne Baroody &amp; Sneha Balasubramanian 26 March 2020 Verra organizational overview Non-profit organization founded in 2007

1.41k views • 29 slides
Training Tips: Get the Most from Your Workouts Training Tips: Get the Most from Your Workouts

Training Tips: Get the Most from Your Workouts Training Tips: Get the Most from Your Workouts

Training Tips: Get the Most from Your Workouts Training Tips: Get the Most from Your Workouts Playing It Safe: Playing It Safe: Principles to Pr Principles to Prevent event Injury Injury Many athletic injuries can be prevented by going

436 views • 4 slides

More recommend