why security testing is hard l.
Download
Skip this Video
Download Presentation
Why Security Testing Is Hard

Loading in 2 Seconds...

play fullscreen
1 / 16

Why Security Testing Is Hard - PowerPoint PPT Presentation


  • 97 Views
  • Uploaded on

Why Security Testing Is Hard. Herbert H. Thompson Presenter: Alicia Young. Introduction. Software Testing good at verifying requirements UML helps move from specification to test cases Several bugs routinely escape testing Not specification Violations Would escape most automated testing

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Why Security Testing Is Hard' - wilona


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
why security testing is hard

Why Security Testing Is Hard

Herbert H. Thompson

Presenter: Alicia Young

introduction
Introduction
  • Software Testing good at verifying requirements
  • UML helps move from specification to test cases
  • Several bugs routinely escape testing
    • Not specification Violations
    • Would escape most automated testing
  • Examine Security bugs to discover why testing can be difficult
side effect behavior
Side-Effect Behavior
  • Input A -> result B
    • What if Input A also resulted in C?
      • Overt – unexpected dialog box appears
      • Subtle – writing a file or opening a network port
  • RDISK utility for Windows
    • Creates an emergency Repair Disk
    • Temporary file created with Universal Permissions
    • During testing, product responds as specified
the state of security testing
The State of Security Testing
  • Exploit Libraries (Librarian Method)
    • New Products tested with only this library
    • Finds old vulnerabilities with no hope of finding anything new
  • Problem is…this strategy actually works!
    • Developers repeatedly make the same mistakes
    • Current software is really buggy
  • Applications will eventually become immune to these test cases
the need for techniques
The Need for Techniques
  • Test like detectives
  • Past bugs teach us how vulnerabilities get into our applications
    • The key is to learn new techniques of finding bugs
  • Four General Classes of testing techniques
    • Dependencies
    • Unanticipated user input
    • Techniques to expose Design Vulnerabilities
    • Techniques to expose implementation vulnerabilities
dependency insecurities and failures
Dependency Insecurities and Failures
  • Software resides in co-dependent environment
  • Two Security Concerns
    • Application may inherit insecurities
    • External security service resource may fail
  • Internet Explorer’s Content Advisor
    • Content advisor password protects classes of sites
    • If the library fails to load, Internet explorer permits access to any previously blocked site
cause of dependency failures
Cause of Dependency Failures
  • Severely under-applied inputs to software
    • Error handling code gets little testing scrutiny
  • These types of failures need to be examined
unanticipated user input
Unanticipated User Input
  • Inputs that cause undesirable side effects and require special testing
    • Reserved words
    • Escape characters
    • Long strings
    • Boundary values
  • Most well known side-effect: Buffer Overflow
  • Input that can be interpreted as commands
design insecurities
Design Insecurities
  • Many Security Vulnerabilities designed into application
    • Seeing high-level impact on an application or host is difficult
  • Test Instrumentation
    • Many applications shipped with it
    • Bypassing security controls for ease of testing
  • Ports left open
  • Insecure default values and configurations
implementation insecurities
Implementation Insecurities
  • Perfect design means nothing if Implementation is flawed
  • Man-in-the-middle attack
    • Attacker gets between time application checks security and when the application uses information
    • Xterm – can be exploited to allow a restricted user to append data to the password file
standard bug severity rankings
Standard Bug-Severity Rankings
  • Urgent
    • System crash, Unrecoverable data loss, jeopardizes personnel
  • High
    • Impairment of critical system functions and no work-around exists
  • Medium
    • Impairment of critical system functions and work-around exists
  • Low
    • Inconvenience, annoyance
  • None
    • None of the above or an enhancement
the need for tools
The Need For Tools
  • Testers generally rewarded for both quantity and severity of bugs
  • Side-effect bugs may not get noticed or even dismissed by managers
  • Equipped with proper tools testers would notice odd behavior
    • Writing of a temporary file
    • Sending of extra network packets
new tools
New Tools
  • Regmon and Filemon – monitor application interactions with registry and file system
    • www.sysinternals.com
  • App-Sight – monitors environmental interactions
    • www.identify.com
  • Holodeck – Fine grain control over interactions between application and environment
    • www.sisecure.com
paper analysis
Paper Analysis
  • Quality Software is Secure Software
  • Important points made
    • Better testing techniques
    • Better testing tools
    • Design concerns