problems
play

Problems Flaw Hypothesis Methodology depends on caliber of testers - PowerPoint PPT Presentation

Dec 11, 2022 •350 likes •1.11k views

Problems Flaw Hypothesis Methodology depends on caliber of testers to hypothesize and generalize flaws Flaw Hypothesis Methodology does not provide a way to examine system systematically Vulnerability classification schemes help

  1. Problems • Flaw Hypothesis Methodology depends on caliber of testers to hypothesize and generalize flaws • Flaw Hypothesis Methodology does not provide a way to examine system systematically – Vulnerability classification schemes help here May 31, 2005 ECS 153, Introduction to Computer Slide #1 Security

  2. Vulnerability Classification • Describe flaws from differing perspectives – Exploit-oriented – Hardware, software, interface-oriented • Goals vary; common ones are: – Specify, design, implement computer system without vulnerabilities – Analyze computer system to detect vulnerabilities – Address any vulnerabilities introduced during system operation – Detect attempted exploitations of vulnerabilities May 31, 2005 ECS 153, Introduction to Computer Slide #2 Security

  3. Example Flaws • Use these to compare classification schemes • First one: race condition ( xterm ) • Second one: buffer overflow on stack leading to execution of injected code ( fingerd ) • Both are very well known, and fixes available! – And should be installed everywhere … May 31, 2005 ECS 153, Introduction to Computer Slide #3 Security

  4. Flaw #1: xterm • xterm emulates terminal under X11 window system – Must run as root user on UNIX systems • No longer universally true; reason irrelevant here • Log feature: user can log all input, output to file – User names file – If file does not exist, xterm creates it, makes owner the user – If file exists, xterm checks user can write to it, and if so opens file to append log to it May 31, 2005 ECS 153, Introduction to Computer Slide #4 Security

  5. File Exists • Check that user can write to file requires special system call – Because root can append to any file, check in open will always succeed Check that user can write to file “/usr/tom/X” if (access(“/usr/tom/X”, W_OK) == 0){ Open “/usr/tom/X” to append log entries if ((fd = open(“/usr/tom/X”, O_WRONLY|O_APPEND))< 0){ /* handle error: cannot open file */ } } May 31, 2005 ECS 153, Introduction to Computer Slide #5 Security

  6. Problem • Binding of file name “/usr/tom/X” to file object can change between first and second lines – (a) is at access ; (b) is at open – Note file opened is not file checked / / etc usr etc usr tom tom passwd X passwd X X data passwd data passwd data X data open(“/usr/tom/X”, O_WRITE) access(“/usr/tom/X”, W_OK) (b) (a) May 31, 2005 ECS 153, Introduction to Computer Slide #6 Security

  7. Flaw #2: fingerd • Exploited by Internet Worm of 1988 – Recurs in many places, even now • finger client send request for information to server fingerd ( finger daemon) – Request is name of at most 512 chars – What happens if you send more? May 31, 2005 ECS 153, Introduction to Computer Slide #7 Security

  8. Buffer Overflow • Extra chars overwrite rest of stack, as shown gets local gets local variables • Can make those chars change variables return address to point to other return other return state info state info beginning of buffer return address After address of of main • If buffer contains small input buffer message parameter to program to spawn shell, gets program to invoke shell attacker gets shell on target input buffer system main local main local variables variables May 31, 2005 ECS 153, Introduction to Computer Slide #8 Security

  9. Frameworks • Goals dictate structure of classification scheme – Guide development of attack tool ⇒ focus is on steps needed to exploit vulnerability – Aid software development process ⇒ focus is on design and programming errors causing vulnerabilities • Following schemes classify vulnerability as n-tuple, each element of n-tuple being classes into which vulnerability falls – Some have 1 axis; others have multiple axes May 31, 2005 ECS 153, Introduction to Computer Slide #9 Security

  10. Research Into Secure Operating Systems (RISOS) • Goal: aid computer, system managers in understanding security issues in OSes, and help determine how much effort required to enhance system security • Attempted to develop methodologies and software for detecting some problems, and techniques for avoiding and ameliorating other problems • Examined Multics, TENEX, TOPS-10, GECOS, OS/MVT, SDS-940, EXEC-8 May 31, 2005 ECS 153, Introduction to Computer Slide #10 Security

  11. Classification Scheme • Incomplete parameter validation • Inconsistent parameter validation • Implicit sharing of privileged/confidential data • Asynchronous validation/inadequate serialization • Inadequate identification/authentication/authorization • Violable prohibition/limit • Exploitable logic error May 31, 2005 ECS 153, Introduction to Computer Slide #11 Security

  12. Incomplete Parameter Validation • Parameter not checked before use • Example: emulating integer division in kernel (RISC chip involved) – Caller provided addresses for quotient, remainder – Quotient address checked to be sure it was in user’s protection domain – Remainder address not checked • Set remainder address to address of process’ level of privilege • Compute 25/5 and you have level 0 (kernel) privileges • Check for type, format, range of values, access rights, presence (or absence) May 31, 2005 ECS 153, Introduction to Computer Slide #12 Security

  13. Inconsistent Parameter Validation • Each routine checks parameter is in proper format for that routine but the routines require different formats • Example: each database record 1 line, colons separating fields – One program accepts colons, newlines as pat of data within fields – Another program reads them as field and record separators – This allows bogus records to be entered May 31, 2005 ECS 153, Introduction to Computer Slide #13 Security

  14. Implicit Sharing of Privileged / Confidential Data • OS does not isolate users, processes properly • Example: file password protection – OS allows user to determine when paging occurs – Files protected by passwords • Passwords checked char by char; stops at first incorrect char – Position guess for password so page fault occurred between 1st, 2nd char • If no page fault, 1st char was wrong; if page fault, it was right – Continue until password discovered May 31, 2005 ECS 153, Introduction to Computer Slide #14 Security

  15. Asynchronous Validation / Inadequate Serialization • Time of check to time of use flaws, intermixing reads and writes to create inconsistencies • Example: xterm flaw discussed earlier May 31, 2005 ECS 153, Introduction to Computer Slide #15 Security

  16. Inadequate Identification / Authorization / Authentication • Erroneously identifying user, assuming another’s privilege, or tricking someone into executing program without authorization • Example: OS on which access to file named “SYS$*DLOC$” meant process privileged – Check: can process access any file with qualifier name beginning with “SYS” and file name beginning with “DLO”? – If your process can access file “SYSA*DLOC$”, which is ordinary file, your process is privileged May 31, 2005 ECS 153, Introduction to Computer Slide #16 Security

  17. Violable Prohibition / Limit • Boundary conditions not handled properly • Example: OS kept in low memory, user process in high memory – Boundary was highest address of OS – All memory accesses checked against this – Memory accesses not checked beyond end of high memory • Such addresses reduced modulo memory size – So, process could access (memory size)+1, or word 1, which is part of OS … May 31, 2005 ECS 153, Introduction to Computer Slide #17 Security

  18. Exploitable Logic Error • Problems not falling into other classes – Incorrect error handling, unexpected side effects, incorrect resource allocation, etc. • Example: unchecked return from monitor – Monitor adds 1 to address in user’s PC, returns • Index bit (indicating indirection) is a bit in word • Attack: set address to be –1; adding 1 overflows, changes index bit, so return is to location stored in register 1 – Arrange for this to point to bootstrap program stored in other registers • On return, program executes with system privileges May 31, 2005 ECS 153, Introduction to Computer Slide #18 Security

  19. Legacy of RISOS • First funded project examining vulnerabilities • Valuable insight into nature of flaws – Security is a function of site requirements and threats – Small number of fundamental flaws recurring in many contexts – OS security not critical factor in design of OSes • Spurred additional research efforts into detection, repair of vulnerabilities May 31, 2005 ECS 153, Introduction to Computer Slide #19 Security

  20. Program Analysis (PA) • Goal: develop techniques to find vulnerabilities • Tried to break problem into smaller, more manageable pieces • Developed general strategy, applied it to several OSes – Found previously unknown vulnerabilities May 31, 2005 ECS 153, Introduction to Computer Slide #20 Security

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Solving Percent Problems Word Problems Find a Pattern Estimation Problems Fraction Problems

Solving Percent Problems Word Problems Find a Pattern Estimation Problems Fraction Problems

Slide 1 / 142 Slide 2 / 142 Table of Contents Strategies &amp; Plans for Problem Solving Rate Problems Solving Percent Problems Word Problems Find a Pattern Estimation Problems Fraction Problems Pre-Algebra LCM / GCF Problems Combination

477 views • 24 slides
5. Network flow problems Example: Sailco Minimum-cost flow problems Transportation

5. Network flow problems Example: Sailco Minimum-cost flow problems Transportation

CS/ECE/ISyE 524 Introduction to Optimization Spring 201718 5. Network flow problems Example: Sailco Minimum-cost flow problems Transportation problems Shortest/longest path problems Max-flow problems Integer solutions

541 views • 30 slides
Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for the legal users, but are very difficult to the eavesdroppers. Public Key Cryptography 1 Such problems are called trapdoor problems . They allow to

379 views • 5 slides
Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for

Trapdoor Problems Basing the solution on the complexity of problems, which are easy to solve for the legal users, but are very difficult to the eavesdroppers. Public Key Cryptography 1 Such problems are called trapdoor problems .

345 views • 3 slides
Hard Problems Some problems are hard to solve. No polynomial time algorithm is known.

Hard Problems Some problems are hard to solve. No polynomial time algorithm is known.

Hard Problems Some problems are hard to solve. No polynomial time algorithm is known. E.g., NP-hard problems such as machine scheduling, bin packing, 0/1 knapsack. Is this necessarily bad? Data encryption relies on difficult

721 views • 15 slides
MA/CSSE 473 Day 40 Problems Decision Problems P and NP MA/CSSE 473 Day 40 HW 15 Due at

MA/CSSE 473 Day 40 Problems Decision Problems P and NP MA/CSSE 473 Day 40 HW 15 Due at

MA/CSSE 473 Day 40 Problems Decision Problems P and NP MA/CSSE 473 Day 40 HW 15 Due at 11:59 PM tonight (it's a little different!); late day until 11:59 PM Saturday. Fill out the Course evaluation form If everybody in a section

323 views • 17 slides
Introduction to Data Science: Common observation to be religion, income, frequency where sex and

Introduction to Data Science: Common observation to be religion, income, frequency where sex and

Tidying data Common problems in messy data Tidy data and the ER model Common problems in messy data Common problems in messy data Common problems in messy data Common problems in messy data Common problems in messy data Common problems in

680 views • 21 slides
Boundary value problems What problems does boundary value testing have? ECT2 Boundary

Boundary value problems What problems does boundary value testing have? ECT2 Boundary

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value testing have? ECT2 Boundary value problems 2 Boundary Value Testing derives test cases with Serious gaps Massive redundancy

696 views • 36 slides
Engineering Problems Identifying problems appropriate for engineering solutions Some Examples of

Engineering Problems Identifying problems appropriate for engineering solutions Some Examples of

Engineering Problems Identifying problems appropriate for engineering solutions Some Examples of Engineering Problems and Projects that follow the Design Process Identify Problem -&gt; Define Requirements -&gt; Design a Solution (PSU

590 views • 25 slides
Our thesis is all of our problems ultimately are theological ones. To some degree, our problems

Our thesis is all of our problems ultimately are theological ones. To some degree, our problems

Our thesis is all of our problems ultimately are theological ones. To some degree, our problems always stem from either not knowing or seeing who God is or forgetting who he is at the moment. Elisabeth Elliot has a wonderful, realistic, both

290 views • 10 slides
Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value

Equivalence Class Testing Chapter 6 Boundary value problems What problems does boundary value testing have? ECT2 Boundary value problems 2 Generates test cases with Serious gaps Massive redundancy ECT3 Motivation for

752 views • 44 slides
Satisfiability Solvers So far, weve been dealing with SAT problems that encode other

Satisfiability Solvers So far, weve been dealing with SAT problems that encode other

Structured vs. Random Problems Satisfiability Solvers So far, weve been dealing with SAT problems that encode other problems Most not as hard as # of variables &amp; clauses suggests Small crossword grid + medium-sized dictionary

419 views • 4 slides
4. Minimax and planning problems Optimizing piecewise linear functions Minimax problems

4. Minimax and planning problems Optimizing piecewise linear functions Minimax problems

CS/ECE/ISyE 524 Introduction to Optimization Spring 201718 4. Minimax and planning problems Optimizing piecewise linear functions Minimax problems Example: Chebyshev center Multi-period planning problems Example: building a

411 views • 25 slides
Sample Graph Problems Path problems. Graph Operations And Connectedness problems.

Sample Graph Problems Path problems. Graph Operations And Connectedness problems.

Sample Graph Problems Path problems. Graph Operations And Connectedness problems. Representation Spanning tree problems. Path Finding Another Path Between 1 and 8 Path between 1 and 8. 2 2 4 3 4 3 8 8 8 8 1 1 6 10

95 views • 9 slides
More NP-Complete Problems NP-Hard Problems Tautology Problem Node Cover Knapsack 1 Next Steps

More NP-Complete Problems NP-Hard Problems Tautology Problem Node Cover Knapsack 1 Next Steps

More NP-Complete Problems NP-Hard Problems Tautology Problem Node Cover Knapsack 1 Next Steps We can now reduce 3SAT to a large number of problems, either directly or indirectly. Each reduction must be polytime. Usually we focus

871 views • 49 slides
E4.1 Graph Problems P, NP Automata Theory Theory Polynomial Reductions Turing Computability

E4.1 Graph Problems P, NP Automata Theory Theory Polynomial Reductions Turing Computability

Theory of Computer Science May 18, 2020 E4. Some NP-Complete Problems, Part I Theory of Computer Science E4. Some NP-Complete Problems, Part I E4.1 Graph Problems Gabriele R oger E4.2 Routing Problems University of Basel May 18, 2020

145 views • 10 slides
multi-vendor environments. Joel W. King Engineering and Innovations Network Solutions Using

multi-vendor environments. Joel W. King Engineering and Innovations Network Solutions Using

Using Tetration for application security and policy enforcement in multi-vendor environments. Joel W. King Engineering and Innovations Network Solutions Using Tetration for application security and policy enforcement in multi-vendor

549 views • 34 slides
The Exim Mail Transfer Agent (A brief introduction) http://www.exim.org 1 Configuration file

The Exim Mail Transfer Agent (A brief introduction) http://www.exim.org 1 Configuration file

The Exim Mail Transfer Agent (A brief introduction) http://www.exim.org 1 Configuration file Exims runtime configuration file is divided into a number of sections The first section contains global option settings The other

976 views • 52 slides
Cyber-FIT An agent-based modeling approach to simulating cyber team performance Geoffrey Dobson

Cyber-FIT An agent-based modeling approach to simulating cyber team performance Geoffrey Dobson

&lt;Your Name&gt; Cyber-FIT An agent-based modeling approach to simulating cyber team performance Geoffrey Dobson gdobson@andrew.cmu.edu June 2020 Center for Computational Analysis of Social and Organizational Systems

746 views • 26 slides
ELEC / COMP 177 Fall 2014 Some slides from Kurose

ELEC / COMP 177 Fall 2014 Some slides from Kurose

ELEC / COMP 177 Fall 2014 Some slides from Kurose and Ross, Computer Networking , 5 th Edition Project 1 Python HTTP Server Work day:

575 views • 35 slides
IT 2 EC 2020 Train, Reflect, Learn, and Train again Chris Duncalfe 1 , and John Gardner 2 1 SO2

IT 2 EC 2020 Train, Reflect, Learn, and Train again Chris Duncalfe 1 , and John Gardner 2 1 SO2

IT 2 EC 2020 IT 2 EC Extended Abstract Template Presentation/Panel IT 2 EC 2020 Train, Reflect, Learn, and Train again Chris Duncalfe 1 , and John Gardner 2 1 SO2 Training Capability Systems, Training Capability Branch, Army Headquarters,

244 views • 3 slides
Apache Flume Getting data into Hadoop Problem Getting data into HDFS is not difficult: %

Apache Flume Getting data into Hadoop Problem Getting data into HDFS is not difficult: %

Apache Flume Getting data into Hadoop Problem Getting data into HDFS is not difficult: % hadoop fs --put data.csv . works great when data is neatly packaged and ready to upload Unfortunately, e.g. a webserver is creating data

495 views • 24 slides
CS 730/830: Intro AI What is AI? This class Problems in AI Prof. Wheeler Ruml Search TA

CS 730/830: Intro AI What is AI? This class Problems in AI Prof. Wheeler Ruml Search TA

CS 730/830: Intro AI What is AI? This class Problems in AI Prof. Wheeler Ruml Search TA Tianyi Gu Thinking inside the box. 5 handouts: course info, project info, schedule, slides, asst 1 sign up sheet/laptop (grading email, piazza)

482 views • 35 slides
A robust SNMP based Infrastructure for Intrusion Detection and Response in tactical MANETs

A robust SNMP based Infrastructure for Intrusion Detection and Response in tactical MANETs

A robust SNMP based Infrastructure for Intrusion Detection and Response in tactical MANETs Sascha Lettgen University of Bonn, Germany Inst. of Computer Science IV Marko Jahnke, Jens Tlle, Uwe Weddige, Michael Bussmann FGAN/FKIE, Wachtberg,

641 views • 15 slides

More recommend