Security 1 Recap: Protection Protection Prevent - - PowerPoint PPT Presentation

security
SMART_READER_LITE
LIVE PREVIEW

Security 1 Recap: Protection Protection Prevent - - PowerPoint PPT Presentation

Mar 28, 2024 328 likes •580 views

Security 1 Recap: Protection Protection Prevent unintended/unauthorized accesses Protection domains Class hierarchy: root can to everything a normal user can do + alpha Access control matrix Domains (Users)

slide-1
SLIDE 1

Security

1

slide-2
SLIDE 2

Recap: Protection

  • Protection

– Prevent unintended/unauthorized accesses

  • Protection domains

– Class hierarchy: root can to everything a normal user can do + alpha

  • Access control matrix

– Domains (Users)   Resources (Objects) – Resource oriented: Access control list – Domain oriented: Capability list

2

slide-3
SLIDE 3

Recap: Security

  • Stack and buffer overflow

– Failure to check bounds on inputs, arguments – Write past arguments on the stack into the return address

  • n stack

– Unauthorized user or privilege escalation

3

slide-4
SLIDE 4

Recap: Code with Buffer Overflow

  • What is wrong in this code?

4

#define BUFFER_SIZE 256 int process_args(char *arg1) { char buffer[BUFFER SIZE]; strcpy(buffer,arg1); ... } int main(int argc, char *argv[]) { process_args(argv[1]); ... }

slide-5
SLIDE 5

Recap: The Attack: Buffer Overflow

5

Before After executing strcpy(buffer, arg1) the crafted string containing the illegitimate code

slide-6
SLIDE 6

Outline

  • Stack overflow defense
  • Some recent security bugs

6

slide-7
SLIDE 7

7

Slide from Dr. Vitaly Shmatikov (Cornell)

slide-8
SLIDE 8

8

Slide from Dr. Vitaly Shmatikov (Cornell)

slide-9
SLIDE 9

9

Slide from Dr. Vitaly Shmatikov (Cornell)

slide-10
SLIDE 10

10

Slide from Dr. Vitaly Shmatikov (Cornell)

slide-11
SLIDE 11

Goto Fail Bug

11

iOS 7.0.6 Data Security Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

slide-12
SLIDE 12

Goto Fail Bug

12

err = 0 . . . hashOut.data = hashes + SSL_MD5_DIGEST_LEN; hashOut.length = SSL_SHA1_DIGEST_LEN; if ((err = SSLFreeBuffer(&hashCtx)) != 0) goto fail; if ((err = ReadyHash(&SSLHashSHA1, &hashCtx)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &clientRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &serverRandom)) != 0) goto fail; if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) goto fail; goto fail; if ((err = SSLHashSHA1.final(&hashCtx, &hashOut)) != 0) goto fail; err = sslRawVerify(...); // This code must be executed . . . fail: SSLFreeBuffer(&signedHashes); SSLFreeBuffer(&hashCtx); Return err;

MISTAKE! THIS LINE SHOULD NOT BE HERE

slide-13
SLIDE 13

Heartbleed Bug

  • Synopsis

– Due to a bug in OpenSSL (popular s/w for encrypted communication), web server’s internal memory can be dumped remotely

13

slide-14
SLIDE 14

Heartbleed Bug

14

Image source: xkcd.com

slide-15
SLIDE 15

Heartbleed Bug

15

Image source: xkcd.com

slide-16
SLIDE 16

Heartbleed Bug

16

struct { HeartbeatMessageType type; uint16 payload_length;

  • paque payload[HeartbeatMessage.payload_length];
  • paque padding[padding_length];

} HeartbeatMessage int tls1_process_heartbeat(SSL *s) { ... /* Read type and payload length first */ hbtype = *p++; n2s(p, payload); // payload = recv_packet.payload_length pl = p; ... if (hbtype == TLS1_HB_REQUEST) { ... buffer = OPENSSL_malloc(1 + 2 + payload + padding); bp = buffer; memcpy(bp, pl, payload); r = ssl3_write_bytes(s, TLS1_RT_HEARTBEAT, buffer, 3 + payload + padding); ...

Heartbeat

  • req. message

Heartbeat Response function

slide-17
SLIDE 17

Shellshock Bug

  • Synopsis

– You can remotely execute arbitrary programs on a server running a web server by simply sending a specially crafted http request. – Example

  • The problem

– Fail to check the validity of a function definition before executing it

17

curl -H "User-Agent: () { :; }; /bin/eject" http://example.com/

For detailed explanation: security.stackexchange.com

slide-18
SLIDE 18

Virtual Machines

18

Disclaimer: some slides are adopted from book authors’ slides with permission

slide-19
SLIDE 19

Roadmap

  • CPU management
  • Memory management
  • Disk management
  • Network and security
  • Virtual machine

19

slide-20
SLIDE 20

Cloud Computing

20

Image Source: http://btstrategy.com/wp-new/2013/10/18/is-everything-really-going-to-the-cloud-advice-for-business-owners/

slide-21
SLIDE 21

Cloud Computing

21

slide-22
SLIDE 22

Virtual Machines

  • Enabling technology of cloud computing
  • Basic idea: Provide machine abstractions

22

slide-23
SLIDE 23

Virtual Machines

  • Benefits

– Can run multiple OSes, each in its own virtual machine – Can copy a VM image and run it on a different machine – Can create a snapshot of the state and restore it later – Can create a customized VM with specific OS version and libraries to avoid version dependency problems – More efficient resource utilization is possible

  • Downsides?

– Overhead – Interference

23

slide-24
SLIDE 24

History

  • Late 1960s

– IBM introduced first full VMM on mainframes

  • Late 1990s

– Xen was developed for Intel PCs

  • Mid 2000s

– Hardware support was introduced (e.g.,Intel VT-x) – Widely adopted in data centers.

24