software security testing is important, different and difficult review by rayna burgess 4/21/2011
Post on 21-Dec-2015
215 views
TRANSCRIPT
![Page 1: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/1.jpg)
SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT
Review by Rayna Burgess4/21/2011
![Page 2: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/2.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
The Paper SelectionSecurity Testing is Important (Relevant)Security Testing is Different from Functional TestingSecurity Testing is Difficult
Security Engineer’s Tasks
Analyzing Security Risks
Types of Security Testing
Case Study: Java CardConclusion
Overview
4/21/2011 2 of 20
![Page 3: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/3.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
3 of 20
The Paper: Software Security Testing
4/21/2011
Gary McGraw, PhD, CTO of Cigital, Inc Series of Articles in IEEE Security &
Privacy
![Page 4: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/4.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
4 of 20
Security Testing is Important
4/21/2011
![Page 5: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/5.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
5 of 20
Security Testing is Different
4/21/2011
Malicious attacker Intelligent Adversary Vulnerabilities Exploited
![Page 6: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/6.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
6 of 20
Aaah! So many vulnerability lists!
4/21/2011
![Page 7: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/7.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
7 of 20
McGraw’s Vulnerability Taxonomy
4/21/2011
![Page 8: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/8.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
8 of 20
Vulnerability Name Dropping
4/21/2011
gets() (Buffer overflow problem, Morris Worm)
Race condition (time of check to time of use)
Insecure failure Transitive trust Trampoline Zero day exploits
![Page 9: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/9.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
9 of 20
SQL Injection Vulnerability
4/21/2011
![Page 10: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/10.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
The Paper SelectionSecurity Testing is Important (Relevant)Security Testing is Different from Functional TestingSecurity Testing is Difficult
Security Engineer’s Tasks
Analyzing Security Risks
Types of Security Testing
Case Study: Java CardConclusion
Where are we?
4/21/2011 10 of 20
![Page 11: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/11.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
11 of 20
SW Security Engineer’s Tasks
4/21/2011
![Page 12: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/12.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
12 of 20
Analyzing Security Risks
4/21/2011
Think like an attacker Vulnerability in weakest link can expose
the system Requires expertise Can practice/learn on
Webgoat DVWA Hacme Bank
![Page 13: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/13.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
13 of 20
Types of Security Testing
4/21/2011
Functional Security Testing Risk-Based Security Testing (hostile
attacks) Black Box/White Box Static/Dynamic
![Page 14: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/14.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
14 of 20
Static Security Analysis
4/21/2011
Risk Analysis of Design and Architecture Static Security Analysis Tools
Source Code or Byte Code Good at finding patterns Numerous False Positives
![Page 15: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/15.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
15 of 20
Penetration Testing
4/21/2011
Performed on a running system Can be used on COTS software too Penetration testing tools
Network and OS vulnerability scanners Nmap, Nessus, Aircrack
Automated Penetration Testing Tools Metasploit, CoreImpact, Canvas
Other useful tools Fuzzing tools, WebScarab,
Quality of pen testing depends on the human!
![Page 16: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/16.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
16 of 20
Case Study: Java Card
4/21/2011
Operating System for Smart Cards GlobalPlatform (Java Card, MULTOS)
Used on Bank Cards, (also SIMs, ID Cards, Medical)
Two Types of Testing Functional security design tests Risk-based attack tests
![Page 17: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/17.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
17 of 20
Functional Security Testing
4/21/2011
Tests security functionality Crypto Commands Compliance Testing (GALITT 3/2011)
All cards passed!
![Page 18: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/18.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
18 of 20
Risk-Based Security Testing (Attacks)
4/21/2011
Hostile Attacks, based on risk assessment All cards failed some part of this testing! Analysis of Java Card Design Identify automic transaction processing as
area of interest Consequence is “printing money” (Very High
Risk) Put on Black Hat, Don’t follow the rules:
Abort, fail to commit, fill buffers, nest transactions Exposes vulnerabilities before issued to public
![Page 19: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/19.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
The Paper SelectionSecurity Testing is Important (Relevant)Security Testing is Different from Functional TestingSecurity Testing is Difficult
Security Engineer’s Tasks
Analyzing Security Risks
Types of Security Testing
Case Study: Java CardConclusion
Almost done!
4/21/2011 19 of 20
![Page 20: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/20.jpg)
COMP 587 SW V&V Dr. Lingard | Security Testing Review – Rayna Burgess
20 of 20
Conclusion: SW Security Testing is…
4/21/2011
Important More software, more new attacks More functionality, more vulnerabilities Software is everywhere and connected!
Different Presence of a malicious, intelligent attacker Software Test Engineers have different skills
Difficult Exploits are subtle Automated static & dynamic tools insufficient Need a human!
![Page 21: SOFTWARE SECURITY TESTING IS IMPORTANT, DIFFERENT AND DIFFICULT Review by Rayna Burgess 4/21/2011](https://reader033.vdocuments.us/reader033/viewer/2022051619/56649d595503460f94a38b4b/html5/thumbnails/21.jpg)
“So now, when we face a choice between adding features and
resolving security issues, we need to choose security.”-Bill Gates