1 / 19

Chapter 5 P rogram Security

Chapter 5 P rogram Security. Outline. Viruses & worms Targeted Malicious Codes Trapdoors, Salami attack, Covert channels Controls Against Program Threats Programming & process controls OS controls Administrative controls. Program Security.

mallory
Download Presentation

Chapter 5 P rogram Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Chapter 5Program Security

  2. Outline • Viruses & worms • Targeted Malicious Codes • Trapdoors, Salami attack, Covert channels • Controls Against Program Threats • Programming & process controls • OS controls • Administrative controls csci5233 computer security & integrity (Chap. 5)

  3. Program Security • Protection of programs is at the heart of security in computing. Why? • Two types of program flaws: • Inadvertent human errors • Malicious, intentionally induced flaws • Why can’t we stop all program flaws? csci5233 computer security & integrity (Chap. 5)

  4. Types of Malicious Codes • Virus, Trojan horse, Logic/Time bomb, trapdoor (backdoor), worm, rabbit • Table 5.1, p.180 • What’s the difference between a virus and a worm? • A virus attaches itself to another program; a worm does not. • A virus may rely on a variety of transmission media; a worm transmit itself across the network. • Both viruses and worms duplicate themselves when executed. csci5233 computer security & integrity (Chap. 5)

  5. How do viruses work? • A virus is activated by being executed. • A virus attaches to a “good” program, the carrier, by • Appending (Fig. 5.1) • Surrounding (Fig. 5.2) • Integrating (Fig. 5.3) • Replacing (Fig. 5.4) csci5233 computer security & integrity (Chap. 5)

  6. Boot Sector Viruses • The bootstrap load process • The boot sector • Block chaining: Each block of the bootstrap is chained to the next block. • A virus may attach itself to any block in the chain, or may replace the boot sector. Fig.5.5. csci5233 computer security & integrity (Chap. 5)

  7. Other Homes for Viruses • Resident codes/routines (TSR) • Application programs • Example: Word macros • Libraries • Compilers, loaders, linkers, debuggers, anti-virus s/w • Anything else not mentioned in the book? csci5233 computer security & integrity (Chap. 5)

  8. Virus Signatures • The signature of a virus is composed of the following characteristics: • Storage patterns • Execution patterns (Table 5.2, p.187) • Transmission patterns • A virus scanner checks the signatures of viruses to detect viruses. • Polymorphic viruses: A virus that can change its appearance. For example: having two different starting words. • Preventing virus infection: pp.189-190 csci5233 computer security & integrity (Chap. 5)

  9. The Morris Worm • Nov. 1988 • Took advantages of well-known UNIX flaws: user passwords, finger, sendmail • An irony • Positive result: The CERT (Computer Emergency Response Team) was established at Carnegie Mellon University. csci5233 computer security & integrity (Chap. 5)

  10. The Bugbear Worm • As recent as Sept./Oct. 2002 • A mass-mailing worm, attempting to send itself to email addresses found on an infected system • It also spreads through open network shares and has the ability to send print jobs to printers found on an infected network. • Once the virus is run, it will attempt to disable various security products, including many forms of anti-virus and personal firewall software. • It will also attempt to install a backdoor trojan that will allow a hacker access to the infected PC. csci5233 computer security & integrity (Chap. 5)

  11. The Bugbear Worm • It makes use of the “Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability” in Microsoft Internet Explorer (v 5.01 or 5.5 without SP2). Simply opening or previewing an infected message in a vulnerable email reader can result in infection. • More details: http://us.mcafee.com/root/genericURL_genericLeftNav.asp?genericURL=/common/en-us/helpcenter/bugbear.asp&genericLeftNav=/VirusInfo/VIL/vil_nav.asp csci5233 computer security & integrity (Chap. 5)

  12. Targeted Malicious Codes • Trapdoors A trapdoor is a secret, undocumented entry point into a module. A trapdoor is usually placed in a program during development, and may be used by a programmer to gain access to the program when it is placed into production mode. csci5233 computer security & integrity (Chap. 5)

  13. Targeted Malicious Codes • Salami attack • salami: a highly seasoned sausage of pork and beef either dried or fresh (Merriam-Webster’ Collegiate Dictionary, http://www.m-w.com/ ) Salami attacks occur in programs that compute amounts of money. A small amount of money is shaved from each computation. Example: truncation of fractional cents during computation of interest (p.198) Hard to detect in a large program csci5233 computer security & integrity (Chap. 5)

  14. Targeted Malicious Codes • Covert channel: a program that leaks information A type of Trojan horse How? In addition to normal, proper communication channels, a program opens covert channels to leak information to unauthorized viewers (Fig. 5-8, p.199) c.f. packet sniffers, network probes, network monitors, HTTP monitors, protocol analyzers? (Check out a gagabit network analyzer at ftp://ftp.netinst.com/pub/product_lit_PDF/GOSS.pdf, or click here.) c.f., intrusion detection system ? csci5233 computer security & integrity (Chap. 5)

  15. Covert channels • Examples of covert channels: p.201 c.f., Steganography replaces unneeded bits in image and sound files with secret data. See http://www.computerworld.com/securitytopics/security/encryption/story/0,10801,71726,00.html • Types of covert channels: Storage channels pass information by the presence or absence of objects in storage. For example, a covert channel can signal one bit of information by whether or a not a file is locked. Timing channels pass information by the speed at which things happen. The shared resource is time. accept = 1; reject = 0 (See Fig. 5-12, p.204) csci5233 computer security & integrity (Chap. 5)

  16. Tools for identifying potential covert channels • Shared Resource Matrix The basis of a covert channel is a shared resource. Finding all shared resources and determining which processes can write to and read from the resources… Looking for implied information flows: pp.205-206 Is any of the implied flows “undesirable”? • Information Flow Analysis based on the syntax Types of flows: Explicit – B := A; Implicit – a. B := A; C:= B; b. if (D == 1) then B:=A; More examples: Table 5-5 (p.206) csci5233 computer security & integrity (Chap. 5)

  17. Controls Against Program Threats • Programming controls Typical software engineering methods: peer reviews, walk-through, information hiding, independent testing, configuration management (check-in, check-out, history of changes, …), formal methods (such as B) • Process controls 1988: Standard 2167A (DoD) 1990: ISO 9000 – to specify actions to be taken when any system has quality goals and contraints 1993: CMM (Capability Maturity Model) – to assess the quality of a software development company 1995: SSE CMM (System Security Engineering CMM) – to assess the quality of security engineering development practices (See http://www.sse-cmm.org/) SSE CMM model v2, 1999 csci5233 computer security & integrity (Chap. 5)

  18. Controls Against Program Threats • OS controls Chapter 6 Trusted OS Confined programs Access logs for auditing • Administrative controls Chapter 10 Enforcing standards of design, documentations, programming, testing, configuration management, etc. Security audits Separation of duties among employees csci5233 computer security & integrity (Chap. 5)

  19. Summary • Viruses, worms, and targeted Malicious Codes • Controls Against Program Threats • Programming & process controls • OS controls • Administrative controls • Next: Chapter 6 (OS Security) csci5233 computer security & integrity (Chap. 5)

More Related