application security
Download
Skip this Video
Download Presentation
Application Security

Loading in 2 Seconds...

play fullscreen
1 / 14

Application Security - PowerPoint PPT Presentation


  • 306 Views
  • Uploaded on

Application Security. Malicious Code. Vulnerable Software Hacker toolkits Back/Trapdoors Greedy Programs / Logic bombs Salami Attacks Trapdoors Worms/Viruses Bot Networks. Vulnerable Software. Buffer overflows Insecure running environment Insecure temporary files

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Application Security' - salena


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
malicious code
Malicious Code
  • Vulnerable Software
  • Hacker toolkits
  • Back/Trapdoors
  • Greedy Programs / Logic bombs
  • Salami Attacks
  • Trapdoors
  • Worms/Viruses
  • Bot Networks
vulnerable software
Vulnerable Software
  • Buffer overflows
  • Insecure running environment
  • Insecure temporary files
  • Insecure program calls
  • Weak encryption
  • Poor programming
  • “If people built buildings the way that programmers write software, the first woodpecker to come along would destroy civilization.”
handling vulnerabilities
Handling Vulnerabilities
  • Locating
  • Dealing with vendors
  • Applying patches
  • Disabling services
  • Reconfiguring software/services
hacker toolkits
Hacker Toolkits

Programs that automatically scan for security problems on systems

  • Useful for system administrators to find problems for fixing
  • Useful for hackers to find problems for exploitation

Examples:

  • SATAN
  • COPS
  • ISS

Countermeasure: Detection Software

back trapdoors
Back/Trapdoors
  • Pieces of code written into applications of operating systems to grant programmers easy access
  • Useful for debugging and monitoring
  • Too often, not removed
  • Examples:
    • Dennis Richie’s loging/compiler hack
    • Sendmail DEBUG mode
  • Countermeasures
    • Sandboxing
    • Code Reviews
logic bombs
Logic Bombs
  • Pieces of code to cause undesired effects when event occurs
  • Used to enforce licenses (time-outs)
  • Used for revenge by disgruntled
  • Can be hard to determine malicious
  • Examples
    • British accounting firm logic bomb
    • British bank hack
  • Countermeasures
    • Personnel security
viruses
Viruses
  • Pieces of code that attach to existing programs
  • Not distinct program
  • No beneficial use – VERY destructive
  • Examples:
    • Michelangelo
    • Love letter
  • Countermeasures
    • Virus detection/disinfection software
structure of a virus
Structure of a Virus
  • Marker: determine if a potential carrier program has been previously infected
  • Infector: Seeks out potential carriers and infects
  • Trigger check: Establishes if current conditions are sufficient for manipulation
  • Manipulation: Carry out malicious task
types of viruses
Types of Viruses
  • Memory-resident
  • Hardware
  • Buffered
  • Hide-and-seek
  • Live-and-die
  • Boot segment
  • Macro
worms
Worms
  • Stand-alone programs that copy themselves from system to system
  • Some use in network computation
  • Examples:
    • Dolphin worm (Xerox PARC)
    • Code Red (2001, $12B cost)
    • Morris Worm (1988, $20M cost)
  • Countermeasures
    • Sandboxing
    • Quick patching: fix holes, stop worm
trojan horses
Trojan Horses
  • Programs that have malicious covert purpose
  • Have been used for license enforcement
  • Examples:
    • FIX2001
    • AOL4FREE
    • RIDBO
  • Countermeasures
    • Sandboxing
    • Code reviews
greedy programs
Greedy Programs
  • Programs that copy themselves
  • Core wars
  • Have been used in destructive web pages, standalone programs
  • Can be very difficult to show deliberate usage
  • Countermeasures:
    • CPU quotas on process families
    • Process quotas
    • Review of imported software & web pages
bot networks
Bot Networks
  • Collections of compromised machines
  • Typically, compromised by scripts
  • Respond to commands, perhaps encrypted
  • Examples:LeavesCode Red II
  • Countermeasures: Vul patching, Integrity checks
ad