by jared buschkopf. the problem ◦ who needs to worry about security? why? ◦ types of security...
Post on 18-Dec-2015
213 Views
Preview:
TRANSCRIPT
The Problem◦ Who needs to worry about security?
Why?◦ Types of security issues◦ Examples
The Solution◦ Principles of Software Security◦ Software Security vs. Application Security◦ Secure Software Development Life Cycle◦ Awareness◦ Duty
Overview
Who should be concerned?◦ Software Engineers / Programmers◦ EVERYONE
Anyone with a computer, or who has some kind of valuable information stored on a computer somewhere Bank Records Medical Records Credit Card information Technical Project Data Etc.
Defects in software are inevitable◦ As the complexity of software increases so does the
number of defects◦ Defects are exploited
The Problem
Result of unsecure software◦ Identity Theft◦ Access confidential information◦ Loss of Data◦ Slow computer◦ Denied Service◦ Injury or Death◦ Financial loss
The Problem
Types of security problems◦ Malware
Viruses Worms Trojans Spyware
◦ Denial of Service Attack◦ Salami Attack◦ Linearization Attack◦ Teardrop Attack◦ Software Vulnerabilities
The Problem
Malware – malicious software◦ Virus
“Malware that relies on someone or something else to propagate from one system to another.” – Mark Stamp Example: attaches itself to an email Usually also carries out some destructive objective
◦ Worm “Like a virus except that it propagates by itself without the need
for outside assistance.” – Mark Stamp
◦ Trojan “Software that appears to be one thing but has some unexpected
functionality.” - Mark Stamp
◦ Spyware Malware which collects information about the users of the
computer that it is installed on without their knowledge
The Problem
Morris Worm (1988)◦ A.k.a. the Internet worm◦ One of the first worms distributed using the
internet◦ Originally intended to measure size of the Internet◦ Exploited vulnerabilities in common software
Unix sendmail Finger Others
◦ Could infect a computer multiple times Made systems unusable
The Problem
Denial of Service attack◦ Overwhelm target server or the target’s network
communication lines (“Flooding”)◦ One – to – one
Hacker’s system vs. target server or network◦ Many – to – one (Distributed Denial of Service
Attack) Zombie hosts vs. target server or network
The Problem
Salami attack◦ “Slice off” small amounts of money from
transactions◦ Usually an inside job◦ Attack used in Office Space
Create a virus Collect fractions of a cent left over from bank
transaction calculations Deposit the money in an account
The Problem
Linearization attack◦ Use processing time to get past security
measures◦ Password validation
Check each character Exit when incorrect character found Correct input takes longer to process than incorrect Can be cracked easily
Vary the first character until the processing time is longer
Continue by doing the same for each of the remaining characters
The Problem
Teardrop Attack (Type of DoS attack)◦ Takes advantage of the IP implementation◦ Packet is too large for router to handle◦ Break into smaller packets with offset values to
facilitate reassembly◦ Attacker uses an incorrect offset◦ Target system crashes
The Problem
Vulnerabilities◦ Buffer overflows◦ Format string problems◦ Integer Overflows◦ SQL injection◦ Failure to handle errors
Zero-day vulnerabilities Many of these problems are brought about
by a failure to validate user input
The Problem
Buffer overflows◦ Program allows user to input more data than the
buffer can hold◦ Result
System crash Attacker can craft input to include code which will be
executed when it overflows onto the stack◦ Problematic languages: C, C++
The Problem
Format String Problems◦ Unchecked user input is allowed to pass through a
format string◦ Result
Attacker can execute malicious code◦ Problematic languages: C, C++
The Problem
Integer Overflows◦ Failure to perform range checking on integers◦ Result
System crash In C/C++ can be turned into a buffer overrun
Arbitrary code execution can occur
◦ Problematic languages: All
The Problem
SQL injection◦ SQL statements are formed with unchecked user
input◦ User can place their own SQL commands inside
your SQL statements◦ Result
Confidential data compromised Entire network can be compromised
◦ Problematic Languages: All
The Problem
Failure to handle errors◦ Problem occurs during execution◦ Developer did not account for it◦ Result
System crash◦ Anything that causes a crash is a possible denial
of service issue◦ Problematic Languages: Most
The Problem
Zero-day vulnerabilities◦ Vulnerability is discovered and exploited◦ No patch or fix available◦ Maintenance team
Race to produce a fix to prevent as much harm as possible
The Problem
Examples of Security Problems◦ Microsoft
Poor design Constant updates
Costly Annoying to users
Internet Explorer exploit caused by a misplaced “&”◦ Credit Card Information stolen
Personal examples Milwaukee PC TCF Bank
◦ Some of the most commonly exploited software Internet Explorer Microsoft Office Adobe Flash Player Adobe Reader
The Problem
Security can be compromised at all points in the software life cycle◦ Development
Developers introduce defect/malicious code◦ Deployment
Distributors don’t tamperproof software Transmitted over unsecure communications channels Installer not secure
◦ Operation Vulnerabilities are discovered and made public Programs running on any machine connected to a network are
exposed◦ Maintenance
Root problems don’t get fixed Takes too long to fix known problems
The Problem
Properties of Secure Software◦ Dependability
Software does only what it was intended to do Execution is predictable
◦ Trustworthiness No vulnerabilities No malicious logic (intentional or not)
◦ Resilience Software continues to run normally even when under attack Damage is minimized If the software cannot run normally it recovers quickly and
maintains an acceptable level of operation◦ Conformance
Software adheres strictly to requirements Comply with process designed to maximize quality and security
The Solution
Software Security vs. Application Security◦ Software Security
Design For Security Reduce Vulnerabilities Proactive
◦ Application Security Try to make software secure after it is released Reactive
◦ “Software Security is not Security Software”
The Solution
Examples of Application Security◦ Sandboxing Code
Programs run in some form of virtual environment (the “sandbox”)
Detained/separated from other parts of the system Can run untrusted code safely Java Virtual Machine
The Solution
Protection against malware◦ Anti-Virus Software
Symantec McAfee Norton
◦ Anti-Spyware Software Spybot Search & Destroy
◦ Firewalls◦ Issue: Must keep malware definitions up to date to
be protected
The Solution
Software Security◦ Incorporate Security measures into software
process◦ Security in mind each step of the way◦ Reduce or eliminate defects/vulnerabilities◦ Decrease costs
Maintenance Network security
◦ More Resilient Software◦ More secure networks
The Solution
Secure Software Development Life Cycle◦ Requirements
Specific requirements outlining what is to be done with regards to security
◦ Abuse Cases Similar to Use Cases Created with the mindset of how might someone
intentionally try to break the system
The Solution
Secure Software Development Life Cycle◦ Design
Unified security architecture Risk Analysis
Security analysts Should happen throughout the software life cycle
External Review
The Solution
Secure Software Development Life Cycle◦ Implementation/Coding
Use static analysis tools Search for vulnerabilities in code
Examples of static analysis tools Lint Understand Fortify LDRA Testbed
The Solution
Secure Software Development Life Cycle◦ Testing
Risk-based security testing Attack patterns Threat Models Penetration testing Security Test Plan
Should have traceability to specific security requirements
The Solution
Secure Software Development Life Cycle◦ Deployment
Monitor software in the field for security breaks Update software as needed Apply knowledge gained from attacks to improve
security process and risk analysis for other projects.
The Solution
Awareness◦ Training
Need to make engineers aware of security issues Threats Impacts Solutions
◦ Necessary for implementing a secure software process
◦ Our duty as software engineers
The Solution
Problem◦ Security constantly threatened◦ Vulnerabilities are inevitable◦ Unsecure software can lead to disaster◦ Trying to apply security after development is
costly and difficult Solution
◦ DESIGN SECURITY INTO SOFTWARE◦ Raise security awareness among engineers
Review
Andress, A. (2004). Surviving Security: How to Integrate People, Process, and Technology. Boca Raton, Florida: Auerbach Publications.
DACS. (2008, October). Enhancing the Development Life Cycle to Produce Secure Software. Retrieved January 31, 2010, from The Data & Analysis Center for Software: http://www.thedacs.com/techs/enhanced_life_cycles/
Goertzel, K. M. (2009, January 9). Introduction to Software
Security. Retrieved February 3, 2010, from Build Security In: https://buildsecurityin.us-cert.gov/daisy/bsi/547-BSI.html
McGraw, G. (2004). Software Security. IEEE Security & Privacy ,
80-83.
References
Peltier, T. R., Peltier, J., & Blackley, J. (2005). Information Security Fundamentals. Boca Raton, Florida: Auerbach Publications.
Stamp, M. (2006). Information Security: Principles and
Practice. Hoboken, New Jersey: John Wiley & Sons, Inc. Summers, R. C. (1997). Secure Computing: Threats and
Safeguards. New York: McGraw-Hill.
SANS. (2009, September). The Top Cyber Security Risks. Retrieved February 10, 2010, from SANS: http://www.sans.org/top-cyber-security-risks/
References (cont.)
top related