Download
application security n.
Skip this Video
Loading SlideShow in 5 Seconds..
Application Security PowerPoint Presentation
Download Presentation
Application Security

Application Security

117 Vues Download Presentation
Télécharger la présentation

Application Security

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Application Security

  2. Malicious Code • Vulnerable Software • Hacker toolkits • Back/Trapdoors • Greedy Programs / Logic bombs • Salami Attacks • Trapdoors • Worms/Viruses • Bot Networks

  3. Vulnerable Software • Buffer overflows • Insecure running environment • Insecure temporary files • Insecure program calls • Weak encryption • Poor programming • “If people built buildings the way that programmers write software, the first woodpecker to come along would destroy civilization.”

  4. Handling Vulnerabilities • Locating • Dealing with vendors • Applying patches • Disabling services • Reconfiguring software/services

  5. Hacker Toolkits Programs that automatically scan for security problems on systems • Useful for system administrators to find problems for fixing • Useful for hackers to find problems for exploitation Examples: • SATAN • COPS • ISS Countermeasure: Detection Software

  6. Back/Trapdoors • Pieces of code written into applications of operating systems to grant programmers easy access • Useful for debugging and monitoring • Too often, not removed • Examples: • Dennis Richie’s loging/compiler hack • Sendmail DEBUG mode • Countermeasures • Sandboxing • Code Reviews

  7. Logic Bombs • Pieces of code to cause undesired effects when event occurs • Used to enforce licenses (time-outs) • Used for revenge by disgruntled • Can be hard to determine malicious • Examples • British accounting firm logic bomb • British bank hack • Countermeasures • Personnel security

  8. Viruses • Pieces of code that attach to existing programs • Not distinct program • No beneficial use – VERY destructive • Examples: • Michelangelo • Love letter • Countermeasures • Virus detection/disinfection software

  9. Structure of a Virus • Marker: determine if a potential carrier program has been previously infected • Infector: Seeks out potential carriers and infects • Trigger check: Establishes if current conditions are sufficient for manipulation • Manipulation: Carry out malicious task

  10. Types of Viruses • Memory-resident • Hardware • Buffered • Hide-and-seek • Live-and-die • Boot segment • Macro

  11. Worms • Stand-alone programs that copy themselves from system to system • Some use in network computation • Examples: • Dolphin worm (Xerox PARC) • Code Red (2001, $12B cost) • Morris Worm (1988, $20M cost) • Countermeasures • Sandboxing • Quick patching: fix holes, stop worm

  12. Trojan Horses • Programs that have malicious covert purpose • Have been used for license enforcement • Examples: • FIX2001 • AOL4FREE • RIDBO • Countermeasures • Sandboxing • Code reviews

  13. Greedy Programs • Programs that copy themselves • Core wars • Have been used in destructive web pages, standalone programs • Can be very difficult to show deliberate usage • Countermeasures: • CPU quotas on process families • Process quotas • Review of imported software & web pages

  14. Bot Networks • Collections of compromised machines • Typically, compromised by scripts • Respond to commands, perhaps encrypted • Examples:LeavesCode Red II • Countermeasures: Vul patching, Integrity checks