testing
play

Testing Internet Security [1] VU Engin Kirda - PowerPoint PPT Presentation

Mar 17, 2024 •657 likes •998 views

Testing Internet Security [1] VU Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at Admin Issues The exam will take place on the 28th of June Check web site for exam location (tentative might

  1. Testing Internet Security [1] VU Engin Kirda engin@infosys.tuwien.ac.at Christopher Kruegel chris@auto.tuwien.ac.at

  2. Admin Issues • The exam will take place on the 28th of June – Check web site for exam location (tentative – might change depending on number of registrations) – Important: Registration via TUWIS (new TUWIS functionality) – There will be at least one further exam during the winter semester. – In “urgent” cases (e.g., last exam, etc.), (oral) exam possible any time (please contact us) . • “Industry” Lecture on 21.06 – Joe Pichlmayr, CEO of Ikarus Anti-Virus, will give an invited talk about viruses and malware – His talk (basic concepts) is part of the exam topic Internet Security 1 2

  3. News from the Lab • Challenge 5 will be announced Thursday (15:00) – The servers were shut down due to general maintenance, so there is delay (sorry). – Crypto analysis (you need to crack real codes XOR, RSA) – You need to write (at least one) Java program • Quality control issues – Once again: Obviously, copying solutions/code is not allowed Internet Security 1 3

  4. Overview • When system is designed and implemented – correctness has to be tested • Different types of tests are necessary – validation • is the system designed correctly? • does the design meet the problem requirements? – verification • is the system implemented correctly? • does the implementation meet the design requirements? • Different features can be tested – functionality, performance, security Internet Security 1 4

  5. Testing • Edsger Dijkstra Program testing can be quite effective for showing the presence of bugs, but is hopelessly inadequate for showing their absence. • Testing – analysis that discovers what is and compares it to what should be – should be done throughout the development cycle – necessary process – but not a substitute for sound design and implementation – for example, running public attack tools against a server cannot prove that server is implemented secure Internet Security 1 5

  6. Testing • Classification of testing techniques – white-box testing • testing all the implementation • path coverage considerations • faults of commission • find implementation flaws • but cannot guarantee that specifications are fulfilled – black-box testing • testing against specification • only concerned with input and output • faults of omissions • specification flaws are detected • but cannot guarantee that implementation is correct Internet Security 1 6

  7. Testing • Classification of testing techniques – static testing • check requirements and design documents • perform source code auditing • theoretically reason about (program) properties • cover a possible infinite amount of input (e.g., use ranges) • no actual code is executed – dynamic testing • feed program with input and observe behavior • check a certain number of input and output values • code is executed (and must be available) Internet Security 1 7

  8. Testing • Automatic testing – testing should be done continuously – involves a lot of input, output comparisons, and test runs – therefore, ideally suitable for automation – testing hooks are required, at least at module level – nightly builds with tests for complete system are advantageous • Regression tests – test designed to check that a program has not "regressed”, that is, that previous capabilities have not been compromised by introducing new ones Internet Security 1 8

  9. Testing • Software fault injection – go after effects of bugs instead of bugs – reason is that bugs cannot be completely removed – thus, make program fault-tolerant – failures are deliberately injected into code – effects are observed and program is made more robust • Most testing techniques can be used to identify security problems Internet Security 1 9

  10. Security Testing • Design level – not much tool support available – manual design reviews – formal methods – attack graphs • Formal methods – formal specification that can be mathematically described and verified – often used for small, safety -critical programs e.g., control program for nuclear power plant – state and state transitions must be formalized and unsafe states must be described – “model checker” can ensure that no unsafe state is reached Internet Security 1 10

  11. Security Testing • Attack graph – given • a finite state model, M, of a network • a security property P – an attack is an execution of M that violates P – an attack graph is a set of attacks of M • Attack graph generation – done by hand • error prone and tedious • impractical for large systems – automatic generation • provide state description • transition rules Internet Security 1 11

  12. Security Testing Sandia Red Team “White Board” attack graph from DARPA CC20008 Information battle space preparation experiment Internet Security 1 12

  13. Security Testing P = Attacker gains root access to Host 1. 4 hosts 30 actions 310 nodes 3400 edges Internet Security 1 13

  14. Security Testing • Implementation Level – detect known set of problems and security bugs – more automatic tool support available – target particular flaws – reviewing (auditing) software for flaws is reasonably well-known and well-documented – support for static and dynamic analysis – ranges from “how-to” for manual code reviewing to elaborate model checkers or compiler extension Internet Security 1 14

  15. Static Security Testing • Manual auditing – code has to support auditing • architectural overview • comments • functional summary for each method – OpenBSD is well know for good auditing process • 6 -12 members since 1996 • comprehensive file-by-file analysis • multiple reviews by different people • search for bugs in general • proactive fixes – Microsoft also has intensive auditing processes • Every piece of written code has to be reviewed by another developer Internet Security 1 15

  16. Static Security Testing • Manual auditing – tedious and difficult task – some initiatives were less successful • Sardonix (security portal) “Reviewing old code is tedious and boring and no one wants to do it,” Crispin Cowan said. • Linux Security Audit Project (LSAP) Statistics for All Time Lifespan | Rank|Page Views|D/l|Bugs|Support|Patches|Trkr|Tasks 1459 days|0(0.00)| 4,887| 0|0(0)| 0(0)| 0(0)|0(0)| 0(0) Internet Security 1 16

  17. Static Security Testing • Syntax checker – parse source code and check for functions that have known vulnerabilities, e.g., strcpy(), strcat() (as we will see in the buffer overflows lecture) – also limited support for arguments (e.g., variable, static string) – only suitable as first basic check – cannot understand more complex relationships – no control flow or data flow analysis – Examples • flawfinder • RATS (rough auditing tool for security) • ITS4 Internet Security 1 17

  18. Static Security Testing • Annotation-based systems – programmer uses annotations to specify properties in the source code (e.g., this value must not be NULL) – analysis tool checks source code to find possible violations – control flow and data flow analysis is performed – problems are “undecidable” in general, therefore trade-off between “correctness” and “completeness” • Decidable: there exists an algorithm that is guaranteed to return the correct answer in a finite amount of time • Undecidable: Problem for which there cannot exist an algorithm that is guaranteed to terminate. – Examples • SPlint • Eau-claire • UNO (uninitialized vars, null-ptr dereferencing, out-of-bounds access) Internet Security 1 18

  19. Static Security Testing • Model-checking – programmer specifies security properties that have to hold – models realized as state machines – statements in the program result in state transitions – certain states are considered insecure – usually, control flow and data flow analysis is performed – example properties • drop privileges properly • race conditions • creating a secure chroot jail – examples • MOPS (an infrastructure for examining security properties of software) Internet Security 1 19

  20. Static Security Testing • Meta-compilation – programmer adds simple system-specific compiler extensions – these extensions check (or optimize) the code – flow-sensitive, inter-procedural analysis – not sound, but can detect many bugs – no annotations needed – example extensions • system calls must check user pointers for validity before using them • disabled interrupts must be re-enabled • to avoid deadlock, do not call a blocking function with interrupts disabled – examples • Dawson Engler (Stanford) Internet Security 1 20

  21. Static Security Testing • Model-checking versus Meta-compilation (Engler ‘03) • General perception – static analysis: easy to apply but shallow bugs – model checking: harder, but strictly better once done • ccNUMA (Cache Coherent Non-Uniform Memory Access ) with cache coherence protocols in software – 1 bug deadlocks entire machine – code with many ad hoc correctness rules • WAIT_FOR_DB_FULL must precede MISCBUS_READ_DB – but they have a clear mapping to source code – easy to check with compiler Internet Security 1 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Testing Terminology System testing Types of errors Function testing Structure

Testing Terminology System testing Types of errors Function testing Structure

Outline Testing Terminology System testing Types of errors Function testing Structure Testing Dealing with errors Performance testing Quality assurance vs Acceptance testing Testing Installation testing

396 views • 11 slides
Chapter 1 Fundamentals of testing 1. Why is testing necessary? 2. What is testing? 3. Test

Chapter 1 Fundamentals of testing 1. Why is testing necessary? 2. What is testing? 3. Test

Chapter 1 Fundamentals of testing 1. Why is testing necessary? 2. What is testing? 3. Test principles 4. Fundamental test process 5. The psychology of testing 1. Why is testing necessary 1.1 Software system context 1.2 Causes of

567 views • 36 slides
Levels of Testing Chapter 12 Beyond unit testing Developer Testing stages Unit testing

Levels of Testing Chapter 12 Beyond unit testing Developer Testing stages Unit testing

Levels of Testing Chapter 12 Beyond unit testing Developer Testing stages Unit testing Testing of individual components Integration testing Testing to expose problems arising from the combination of components System

173 views • 15 slides
Software Testing Software testing 1 V model Software testing 2 Program testing goals To

Software Testing Software testing 1 V model Software testing 2 Program testing goals To

Software Testing Software testing 1 V model Software testing 2 Program testing goals To demonstrate to the developer and the customer that the software meets its requirements. => leads to validation testing To discover situations

264 views • 11 slides
Lecture 8 Purpose of testing Kinds of testing Testing Heuristics for good test

Lecture 8 Purpose of testing Kinds of testing Testing Heuristics for good test

CSE 331 Outline Software Design and Implementation Why correct software matters Motivates testing and more than testing, but now seems like a fine time for the discussion Testing principles and strategies Lecture 8 Purpose

506 views • 13 slides
Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

Testing Overview Introduction (Proving and Testing) Types of Testing Unit,

CPSC 310 Software Engineering Testing Overview Introduction (Proving and Testing) Types of Testing Unit, Integration, Regression, System, Acceptance Testing Tactics Functional (Black Box), Structural (White Box)

982 views • 61 slides
Testing 5 March 2020 OSU CSE 1 Importance of Testing Testing is a ubiquitous and expensive

Testing 5 March 2020 OSU CSE 1 Importance of Testing Testing is a ubiquitous and expensive

Testing 5 March 2020 OSU CSE 1 Importance of Testing Testing is a ubiquitous and expensive software engineering activity It is not unusual to spend 30-40% of total project effort on testing For big and/or life-critical systems

701 views • 47 slides
Overview Objective Types of testing ECE 553: TESTING AND Verification testing

Overview Objective Types of testing ECE 553: TESTING AND Verification testing

9/1/2014 Overview Objective Types of testing ECE 553: TESTING AND Verification testing TESTABLE DESIGN OF Characterization testing Manufacturing testing DIGITAL SYSTES DIGITAL SYSTES Acceptance testing

368 views • 7 slides
Chapter 11, Testing ! Function testing Types of errors ! Structure Testing Dealing with

Chapter 11, Testing ! Function testing Types of errors ! Structure Testing Dealing with

Outline Object-Oriented Software Engineering Terminology System testing Chapter 11, Testing ! Function testing Types of errors ! Structure Testing Dealing with errors ! Performance testing Using UML, Patterns, and Java Quality

425 views • 7 slides
Functional Testing Review Chapter 8 Functional Testing We saw three types of functional

Functional Testing Review Chapter 8 Functional Testing We saw three types of functional

Functional Testing Review Chapter 8 Functional Testing We saw three types of functional testing Boundary Value Testing Equivalence Class Testing Decision Table-Based Testing What is the common thread among the above methods?

685 views • 33 slides
Page 1 Unit Testing Informal -- Incremental coding Static Analysis: Hand execution:

Page 1 Unit Testing Informal -- Incremental coding Static Analysis: Hand execution:

Podcast Ch11-02 Title : Types of Testing Description : Unit Testing, Black Box Testing, White Box Testing, Using Flow Diagrams Participants : Barry Kurtz (instructor); Brandon Winters, Sara Hyde, Cheng Vue, Dan Baehr (students)

792 views • 8 slides
Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing

Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing

Testing 6.1 Specification testing Michel Bierlaire A short reminder on hypothesis testing Hypothesis testing is a method to contradict a theoretical assumption using data. In his seminal book on design of experiments, Fisher (1937) uses

526 views • 3 slides
Property-Based Testing Matt Bachmann @mattbachmann Testing is Important Testing is Important

Property-Based Testing Matt Bachmann @mattbachmann Testing is Important Testing is Important

Property-Based Testing Matt Bachmann @mattbachmann Testing is Important Testing is Important Testing is Important Testing is Hard Testing is Hard Testing is Hard Capture the Important Cases Minimize The Coding Overhead Sorting a list of

1.66k views • 118 slides
Testing a URL Class http://www.askigor.org/status.php?id=sample Query Protocol Host Path 31

Testing a URL Class http://www.askigor.org/status.php?id=sample Query Protocol Host Path 31

Making Programs Fail Andreas Zeller 1 Two Views of Testing Testing means to execute a program with the intent to make it fail. Testing for validation: Finding unknown failures (classical view) Testing for debugging: Finding a

459 views • 17 slides
Structural Testing Also known as glass/white/open box testing Structural testing is based

Structural Testing Also known as glass/white/open box testing Structural testing is based

Path Testing and Test Coverage Chapter 9 Structural Testing Also known as glass/white/open box testing Structural testing is based on using specific knowledge of the program source text to define test cases Contrast with functional

999 views • 60 slides
Black Box Testing (A&O Ch. 4) (2 nd Ed. Ch. 6) Course Software Testing & Verification

Black Box Testing (A&O Ch. 4) (2 nd Ed. Ch. 6) Course Software Testing & Verification

Black Box Testing (A&O Ch. 4) (2 nd Ed. Ch. 6) Course Software Testing & Verification 2019/20 Wishnu Prasetya & Gabriele Keller Plan Partitioning based testing (A&O Ch 4/2 nd Ed Ch. 6). Model based testing Note: black

772 views • 39 slides
Move left in the SDLC z - Jaswinder Kaur z Jaswinder Kaur Senior Security Engineer at

Move left in the SDLC z - Jaswinder Kaur z Jaswinder Kaur Senior Security Engineer at

Move left in the SDLC z - Jaswinder Kaur z Jaswinder Kaur Senior Security Engineer at T-Mobile, Washington Worked previously in DC government and Bank of America Expertise in web application security testing, architecture

286 views • 16 slides
Security Testing TDDC90 Software Security Ulf Kargn Department of Computer and Information

Security Testing TDDC90 Software Security Ulf Kargn Department of Computer and Information

Security Testing TDDC90 Software Security Ulf Kargn Department of Computer and Information Science (IDA) Division for Database and Information Techniques (ADIT) Security testing vs regular testing Regular testing aims to

1.06k views • 54 slides
SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY TESTING CONCEPTS 3. SECURITY TESTING TYPES 4. TOP 10 SECURITY RISKS Few Security Breaches Date: 2013-14 September 2016, while in negotiations to

404 views • 18 slides
What is the Role of a Youth Peer Advocate? January 22, 2018 PRESENTERS: AZARIA WITTEKIND AND

What is the Role of a Youth Peer Advocate? January 22, 2018 PRESENTERS: AZARIA WITTEKIND AND

What is the Role of a Youth Peer Advocate? January 22, 2018 PRESENTERS: AZARIA WITTEKIND AND ALEX FRISINA YOUTH POWER! What is the Role of a Youth Peer Advocate? Peer Support A man falls into a hole so deep he cant get out. A doctor

561 views • 23 slides
Topics in Security Testing [Reading assignment: Chapter 13, pp. 193-209. Note that many more

Topics in Security Testing [Reading assignment: Chapter 13, pp. 193-209. Note that many more

Topics in Security Testing [Reading assignment: Chapter 13, pp. 193-209. Note that many more topics are covered in these slides and in class.] Computer Security The goal of computer security is to protect computer assets ( e.g., servers,

1.53k views • 119 slides
The SPaCIoS Tool property-driven and vulnerability-driven security testing for Web-based apps

The SPaCIoS Tool property-driven and vulnerability-driven security testing for Web-based apps

The SPaCIoS Tool property-driven and vulnerability-driven security testing for Web-based apps Alessandro Armando DIBRIS University of Genova and Security & Trust FBK, Trento (on behalf of the SPaCIoS consortium) STREP Project number:

775 views • 17 slides
dradis Dradis Daniel Martn Gmez etd september '07 1 Agenda Scenario: where are we?

dradis Dradis Daniel Martn Gmez etd september '07 1 Agenda Scenario: where are we?

dradis Dradis Daniel Martn Gmez etd september '07 1 Agenda Scenario: where are we? System design Architecture Implementation Demo What's next? scenario: where are we? Penetration testing is about information

626 views • 23 slides
Dragos, Inc. | May 2019 Student Student Officer Student Officer Network Defender Student

Dragos, Inc. | May 2019 Student Student Officer Student Officer Network Defender Student

Joe Slowik / @jfslowik Dragos, Inc. | May 2019 Student Student Officer Student Officer Network Defender Student Officer Network Defender ICS Defender

725 views • 46 slides

More recommend