chapter 5 p rogram security
Download
Skip this Video
Download Presentation
Chapter 5 P rogram Security

Loading in 2 Seconds...

play fullscreen
1 / 19

Chapter 5 P rogram Security - PowerPoint PPT Presentation


  • 380 Views
  • Uploaded on

Chapter 5 P rogram Security. Outline. Viruses & worms Targeted Malicious Codes Trapdoors, Salami attack, Covert channels Controls Against Program Threats Programming & process controls OS controls Administrative controls. Program Security.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Chapter 5 P rogram Security' - Jeffrey


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
outline
Outline
  • Viruses & worms
  • Targeted Malicious Codes
    • Trapdoors, Salami attack, Covert channels
  • Controls Against Program Threats
    • Programming & process controls
    • OS controls
    • Administrative controls

csci5233 computer security & integrity (Chap. 5)

program security
Program Security
  • Protection of programs is at the heart of security in computing. Why?
  • Two types of program flaws:
    • Inadvertent human errors
    • Malicious, intentionally induced flaws
  • Why can’t we stop all program flaws?

csci5233 computer security & integrity (Chap. 5)

types of malicious codes
Types of Malicious Codes
  • Virus, Trojan horse, Logic/Time bomb, trapdoor (backdoor), worm, rabbit
  • Table 5.1, p.180
  • What’s the difference between a virus and a worm?
    • A virus attaches itself to another program; a worm does not.
    • A virus may rely on a variety of transmission media; a worm transmit itself across the network.
    • Both viruses and worms duplicate themselves when executed.

csci5233 computer security & integrity (Chap. 5)

how do viruses work
How do viruses work?
  • A virus is activated by being executed.
  • A virus attaches to a “good” program, the carrier, by
    • Appending (Fig. 5.1)
    • Surrounding (Fig. 5.2)
    • Integrating (Fig. 5.3)
    • Replacing (Fig. 5.4)

csci5233 computer security & integrity (Chap. 5)

boot sector viruses
Boot Sector Viruses
  • The bootstrap load process
  • The boot sector
  • Block chaining: Each block of the bootstrap is chained to the next block.
  • A virus may attach itself to any block in the chain, or may replace the boot sector. Fig.5.5.

csci5233 computer security & integrity (Chap. 5)

other homes for viruses
Other Homes for Viruses
  • Resident codes/routines (TSR)
  • Application programs
    • Example: Word macros
  • Libraries
  • Compilers, loaders, linkers, debuggers, anti-virus s/w
  • Anything else not mentioned in the book?

csci5233 computer security & integrity (Chap. 5)

virus signatures
Virus Signatures
  • The signature of a virus is composed of the following characteristics:
    • Storage patterns
    • Execution patterns (Table 5.2, p.187)
    • Transmission patterns
  • A virus scanner checks the signatures of viruses to detect viruses.
  • Polymorphic viruses: A virus that can change its appearance. For example: having two different starting words.
  • Preventing virus infection: pp.189-190

csci5233 computer security & integrity (Chap. 5)

the morris worm
The Morris Worm
  • Nov. 1988
  • Took advantages of well-known UNIX flaws: user passwords, finger, sendmail
  • An irony
  • Positive result: The CERT (Computer Emergency Response Team) was established at Carnegie Mellon University.

csci5233 computer security & integrity (Chap. 5)

the bugbear worm
The Bugbear Worm
  • As recent as Sept./Oct. 2002
  • A mass-mailing worm, attempting to send itself to email addresses found on an infected system
  • It also spreads through open network shares and has the ability to send print jobs to printers found on an infected network.
  • Once the virus is run, it will attempt to disable various security products, including many forms of anti-virus and personal firewall software.
  • It will also attempt to install a backdoor trojan that will allow a hacker access to the infected PC.

csci5233 computer security & integrity (Chap. 5)

the bugbear worm11
The Bugbear Worm
  • It makes use of the “Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability” in Microsoft Internet Explorer (v 5.01 or 5.5 without SP2). Simply opening or previewing an infected message in a vulnerable email reader can result in infection.
  • More details: http://us.mcafee.com/root/genericURL_genericLeftNav.asp?genericURL=/common/en-us/helpcenter/bugbear.asp&genericLeftNav=/VirusInfo/VIL/vil_nav.asp

csci5233 computer security & integrity (Chap. 5)

targeted malicious codes
Targeted Malicious Codes
  • Trapdoors

A trapdoor is a secret, undocumented entry point into a module.

A trapdoor is usually placed in a program during development, and may be used by a programmer to gain access to the program when it is placed into production mode.

csci5233 computer security & integrity (Chap. 5)

targeted malicious codes13
Targeted Malicious Codes
  • Salami attack
    • salami: a highly seasoned sausage of pork and beef either dried or fresh (Merriam-Webster’ Collegiate Dictionary, http://www.m-w.com/ )

Salami attacks occur in programs that compute amounts of money.

A small amount of money is shaved from each computation.

Example: truncation of fractional cents during computation of interest (p.198)

Hard to detect in a large program

csci5233 computer security & integrity (Chap. 5)

targeted malicious codes14
Targeted Malicious Codes
  • Covert channel: a program that leaks information

A type of Trojan horse

How? In addition to normal, proper communication channels, a program opens covert channels to leak information to unauthorized viewers (Fig. 5-8, p.199)

c.f. packet sniffers, network probes, network monitors, HTTP monitors, protocol analyzers? (Check out a gagabit network analyzer at ftp://ftp.netinst.com/pub/product_lit_PDF/GOSS.pdf, or click here.)

c.f., intrusion detection system ?

csci5233 computer security & integrity (Chap. 5)

covert channels
Covert channels
  • Examples of covert channels: p.201

c.f., Steganography replaces unneeded bits in image and sound files with secret data. See http://www.computerworld.com/securitytopics/security/encryption/story/0,10801,71726,00.html

  • Types of covert channels:

Storage channels pass information by the presence or absence of objects in storage. For example, a covert channel can signal one bit of information by whether or a not a file is locked.

Timing channels pass information by the speed at which things happen. The shared resource is time.

accept = 1; reject = 0 (See Fig. 5-12, p.204)

csci5233 computer security & integrity (Chap. 5)

tools for identifying potential covert channels
Tools for identifying potential covert channels
  • Shared Resource Matrix

The basis of a covert channel is a shared resource.

Finding all shared resources and determining which processes can write to and read from the resources…

Looking for implied information flows: pp.205-206

Is any of the implied flows “undesirable”?

  • Information Flow Analysis based on the syntax

Types of flows:

Explicit – B := A;

Implicit – a. B := A; C:= B;

b. if (D == 1) then B:=A;

More examples: Table 5-5 (p.206)

csci5233 computer security & integrity (Chap. 5)

controls against program threats
Controls Against Program Threats
  • Programming controls

Typical software engineering methods: peer reviews, walk-through, information hiding, independent testing, configuration management (check-in, check-out, history of changes, …), formal methods (such as B)

  • Process controls

1988: Standard 2167A (DoD)

1990: ISO 9000 – to specify actions to be taken when any system has quality goals and contraints

1993: CMM (Capability Maturity Model) – to assess the quality of a software development company

1995: SSE CMM (System Security Engineering CMM) – to assess the quality of security engineering development practices (See http://www.sse-cmm.org/)

SSE CMM model v2, 1999

csci5233 computer security & integrity (Chap. 5)

controls against program threats18
Controls Against Program Threats
  • OS controls

Chapter 6

Trusted OS

Confined programs

Access logs for auditing

  • Administrative controls

Chapter 10

Enforcing standards of design, documentations, programming, testing, configuration management, etc.

Security audits

Separation of duties among employees

csci5233 computer security & integrity (Chap. 5)

summary
Summary
  • Viruses, worms, and targeted Malicious Codes
  • Controls Against Program Threats
    • Programming & process controls
    • OS controls
    • Administrative controls
  • Next: Chapter 6 (OS Security)

csci5233 computer security & integrity (Chap. 5)

ad