1 / 15

-- Presented by: Feng Hui Luo

A Taxonomy of Computer Program Security Flaws C. E. Landwehr, A. R. Bull, J. P. McDermott and W.S. Choi. -- Presented by: Feng Hui Luo. ACM Computing Surveys, Vol. 26, No. 2, Sept. 1994. Outline. Background Taxonomies of Security flaws Taxonomy by Genesis Conclusion Question. Background.

tanaya
Télécharger la présentation

-- Presented by: Feng Hui Luo

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Taxonomy of Computer Program Security FlawsC. E. Landwehr, A. R. Bull, J. P. McDermott and W.S. Choi -- Presented by: Feng Hui Luo ACM Computing Surveys, Vol. 26, No. 2, Sept. 1994

  2. Outline • Background • Taxonomies of Security flaws • Taxonomy by Genesis • Conclusion • Question

  3. Background • What is a security flaw in a program ? • “A security flaw is a part of a program that can cause the system to violate its security requirements.” • Why build taxonomies for computer security flaws? • Learn from previous mistakes; • Determine which areas of systems and processes need the most improvement; • Seek better ways of building systems to meet security requirements. taxonomy:classification, division into ordered groups or categories.

  4. Taxonomies of Security Flaws • Taxonomy by genesis¹ -- How did the flaw enter the system ? • Taxonomy by time of introduction -- When did the flaw enter the system ? • Taxonomy by location -- Where in the system is the flaw manifest² ? 1. genesis: The coming into being of something; the origin. 2. manifest: Clearly apparent to the sight; appear introduced, found

  5. Intentional: Malicious Trojan Horse Non-Replicating Replicating Trapdoor Logic/Time bomb Non-malicious Convert channel Storage channel Timing channel Inadvertent: Validation error incomplete/inconsistent Domain error Serialization/aliasing Identification/authorization inadequate Boundary condition violation Taxonomy by Genesis

  6. Taxonomy by Time of Introduction • During development: • Requirement/specification/design • Source code • Object code • During maintenance • During operation

  7. Taxonomy by Location Software • Operating System • Memory management • Process management • Device management • Supporting software • Privileged Utilities • Application software Hardware • File management • System initialization • Identification/Authorization • Unprivileged Utilities

  8. Easter Egg Vulnerability • Easter egg is a piece of program insert into a commecial software product during the software development processand not meant to be part of the product. • Security requirement: programs don’t have undocumented “features” which could be exploited as Trojan Horses. • Example: Microsoft Excel 97 Fight SimulatorEaster Egg: 1.On a new Worksheet, Press F5. 2. Type X97:L97 and hit enter 3. Press the tab key 4. Hold Ctrl-Shift 5. Click on the Chart Wizard toolbar button 6. Use mouse to fly around - Right button forward/ Left button reverse • Let’s try to classify it using taxonomy by genesis.

  9. Intentional: Malicious Trojan Horse Non-Replicating Replicating Trapdoor Logic/Time bomb Non-malicious Convert channel Storage channel Timing channel Inadvertent: Validation error incomplete/inconsistent Domain error Serialization/aliasing Identification/authorization inadequate Boundary condition violation Review Taxonomy by Genesis

  10. Taxonomy by Genesis -- Intentional • Malicious: • Trojan horses: a program that disguises as a useful service butexploits program user’s rights. • Virus: replicating itself by copying its code to another program files. • Worm: replicating itself by creating new processes or files with its code.

  11. Taxonomy by Genesis -- Intentional (Cont.) • Malicious: • Trapdoors: Pieces of code that response to special input, and allow unauthorized access to the system. • Logic bomb/Time bomb: piece of code remains in the host system until a certain time or some events (or user actions) occur.

  12. Taxonomy by Genesis -- Intentional (Cont.) • Non-malicious • Covert channel: a communication path in a computer system not intended by the system’s designers. • Storage channel transfers information through bits (used to convey encoded information) setting by one program / bits reading by another. • Timing channel: convey information by modulating system behavior over time to receive information of system behavior and infer protected information.

  13. Possible Classification Solution to MS Excel 97 “Fly Simulator” • Non-malicious: should be yes ? • Covert channel: No • Storage channel: No • Timing channel: No • Malicious: No ? • Trojan horses: Yes • Virus: No • Worm: No • Trapdoors: No ? • Logic bomb/Time bomb: Yes, it is triggered by some user actions.

  14. Conclusion: • This paper proposed 3 taxonomies for security flaws in computer program. • It provides an approach for evaluating problems in the system they built. • The method of organizing security flaws helps to remove and prevent the introduction of security flaws. • Limitation: The taxonomies were based on about 50 selected operating systems flaws, with no attempt to categorize flaws in application software (DBMS, Email etc.).

  15. Question: Do you think the taxonomies in this paper are appropriate for the security flaw we found ? Is it easy to classify a security flaw or not?

More Related