1 / 66

Program Security

Program Security. Trustworthy Computing. What is TRUSTWORTHY COMPUTING?. What makes Secure Programs. Takes to long to break Haven’t had any problems Meets government (or industry) standards. What makes Secure Programs. Takes to long to break Haven’t had any problems

kiefer
Download Presentation

Program Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Program Security

  2. Trustworthy Computing What is TRUSTWORTHY COMPUTING?

  3. What makes Secure Programs • Takes to long to break • Haven’t had any problems • Meets government (or industry) standards

  4. What makes Secure Programs • Takes to long to break • Haven’t had any problems • Meets government (or industry) standards • Software bugs cost $59.5 Billion annually • $22.2 Billion could be eliminated with improved testing & earlier identification

  5. Why are There Faulty Programs • Rush to market

  6. Why are There Faulty Programs • Rush to market • Programs to big to be secure

  7. Why are There Faulty Programs • Rush to market • Programs to big to be secure • Written in sections by different groups

  8. Why are There Faulty Programs • Rush to market • Programs to big to be secure • Written in sections by different groups • Vendors don’t care

  9. Why are There Faulty Programs • Rush to market • Programs to big to be secure • Written in sections by different groups • Vendors don’t care • Easier to fix than to do right • (Will have to fix fewer errors)

  10. Why are There Faulty Programs • Rush to market • Programs to big to be secure • Written in sections by different groups • Vendors don’t care • Easier to fix than to do right • (Will have to fix fewer errors) • Software development moves faster than security methods (securing last years while this years being produced)

  11. What About Testing • Insufficient tools to test • Can’t test for every possibility

  12. What About Testing • Insufficient tools to test • Can’t test for every possibility • Test to check “can it do” • Never test for “shouldn’t do” – Security perspective

  13. Patching • Immediate fault is normally fixed without looking at underlying problem • Fix may have negative effects on other parts of program • Rush to fix means little testing • Patch may break user’s system due to configuration or use of what was considered a fault

  14. Types of Flaws • Intentional • Malicious • Non-malicious • Inadvertent • Validation error (incomplete or inconsistent) • Domain error • Serialization & aliasing • Inadequate identification & authentication • Boundary condition violation • Other logic errors

  15. Non-Malicious Program ErrorsBuffer Overflows • Resides in memory • Holds data temporarily • Capacity finite (computer sets aside exact amount) • Excessive amount of data put in form • Application fails (how may be predictable)

  16. Non-Malicious Program ErrorsTime-of-Check to Time-of-Use • A value is stored such as a date • Other processes are run one of which changes the data • The original process goes back and gets what it thinks is the original date and acts on it • Result is incorrect action

  17. Non-Malicious Program ErrorsIncomplete Mediation • Bank allows on-line transfers to be scheduled • User backdates transfer • Avoids account overrun charges • Lack of good editing techniques (never allow date previous to today’s date)

  18. Virus A program that “infects” other programs by modifying them to include a copy of itself.

  19. Malicious Code The Threat is Growing YearNew OSKnow Viruses Vulnerabilities 1998 262 40,000 1999 417 48,000 2000 1,090 55,000 2001 2,437 59,000 While viruses grow rather linearly, new OS vulnerabilities are more than doubling every year !!! Source: Computerworld, April 1, 2002, page 46.

  20. Indications of a Virus • Computer runs slow. • System runs out of free space. • File sizes change. • Unexplained files appear on the hard drive. • Unexplained behavior: • CD-ROM drawer opens and close on its own (a joke virus). • Programs won’t execute • Files won’t open • Characters missing from displays • Obscene language appears on the display • And almost any other strange behavior you can imagine.

  21. Virus Behavior • Aptly named - behave like biological viruses. • Typically small programs. • Are attached, or attach themselves to executable files (e.g., a program, a script, or a command string). • Activate when the host program is executed. • May be benign or malignant (i.e., destructive). • Capable of doing anything a program can do.

  22. Virus Behavior (cont) • Generally cannot infect a system from a non-executable file. • Do not cause physical damage. • Can also infect firmware (e.g., flash ROM in modems, BIOS). • Typically activate on an event (e.g., when executed, on a date, after n re-boots, at some random time). • Often replicate and attempt to infect other files (e.g., Melissa)

  23. Virus Activities • Send messages (email viruses) • Delete files • Propagate itself • Use resources • Monitor system • Modify Files

  24. Malicious CodeA New Category • Hostile Java applets – code snippets that are executed by Java to perform some function, often embedded in a web page. • May belong on the “requires a host program” list. The host in this case is your browser with Java enabled. The applet is introduced to your system when you visit a web page containing the applet. • Two types – “malicious” and “attack” applets. • Malicious are in the wild and for the most part are annoying, but can be serious – can result in denial of service and invasion of privacy. • Attack applets are not yet in the wild, but have been extensively tested in lab settings. They attempt to compromise the Java security model and break through to your system.

  25. Virus Transportation Systems • Download from bulletin boards • E-Mail from associates • Disk Copying • From Home • File Sharing

  26. Solution to Virus Threat • Backup - Backup - Backup

  27. Solution to Virus Threat • Backup - Backup - Backup • Know genealogy of removable media

  28. Solution to Virus Threat • Backup - Backup - Backup • Know genealogy of removable media • Use only commercial software from well established vendors

  29. Solution to Virus Threat • Backup - Backup - Backup • Know genealogy of removable media • Use only commercial software from well established vendors • Review source code where possible

  30. Solution to Virus Threat • Backup - Backup - Backup • Know genealogy of removable media • Use only commercial software from well established vendors • Review source code where possible • Test all new software on isolated system

  31. Solution to Virus Threat • Backup - Backup - Backup • Know genealogy of removable media • Use only commercial software from well established vendors • Review source code where possible • Test all new software on isolated system • Only open attachments when you know they are safe

  32. Solution to Virus Threat (cont) • Make a recoverable system image

  33. Solution to Virus Threat (cont) • Make a recoverable system image • Scan removable media

  34. Solution to Virus Threat (cont) • Make a recoverable system image • Scan removable media • Scan your system regularly

  35. Solution to Virus Threat (cont) • Make a recoverable system image • Scan removable media • Scan your system regularly • Run scan software as a TSR

  36. Virus Scanner Concerns • Polymorphic viruses • Stealth Viruses • Scanner updates • Must find virus • Create a signature • Create a fix • Test • Get new code distributed

  37. Misconceptions About Viruses • Viruses can only infect Microsoft Windows systems

  38. Misconceptions About Viruses • Viruses can only infect Microsoft Windows systems • Viruses cannot modify “hidden” or “read only” files

  39. Misconceptions About Viruses • Viruses can only infect Microsoft Windows systems • Viruses cannot modify “hidden” or “read only” files • Viruses cannot appear in data files or word documents

  40. Misconceptions About Viruses • Viruses can only infect Microsoft Windows systems • Viruses cannot modify “hidden” or “read only” files • Viruses cannot appear in data files or word documents • Viruses spread only on disks & email

  41. Misconceptions About Viruses • Viruses can only infect Microsoft Windows systems • Viruses cannot modify “hidden” or “read only” files • Viruses cannot appear in data files or word documents • Viruses spread only on disks & email • Viruses remain in memory after power off or reboot

  42. Misconceptions About Viruses • Viruses cannot infect hardware

  43. Misconceptions About Viruses • Viruses cannot infect hardware • Viruses can be malevolent, benign, or benevolent

  44. Where are Viruses Going • Mega-viruses (combinations)

  45. Where are Viruses Going • Mega-viruses (combinations) • Increased Data Theft rather than deleting

  46. Where are Viruses Going • Mega-viruses (combinations) • Increased Data Theft rather than deleting • Targeting data

  47. Where are Viruses Going • Mega-viruses (combinations) • Increased Data Theft rather than deleting • Targeting data • More sophisticated • Alternate Data Streams in NTFS (allows hiding of data linked to visible file) • Can’t be removed without deleting visible file

  48. Where are Viruses Going • Mega-viruses (combinations) • Increased Data Theft rather than deleting • Targeting data • More sophisticated • Linux & Unix becoming targets Source: Computer world 1-27-03 page 24

  49. Parasite Programs • Normally loaded by user. • Include additional capability. • Sometimes have noble purpose. • Seti, Kazza, etc.

  50. Kazza • Music sharing • 41 additional files loaded • You authorize sharing of your system • You authorize selling of time on your system • You agree to letting them change your configuration

More Related