chapter 3 – program security section 3.1 secure programs section 3.2 nonmalicious program errors...
TRANSCRIPT
Chapter 3 – Program SecuritySection 3.1 Secure Programs
Section 3.2 Nonmalicious Program ErrorsSection 3.3 Viruses and Other Malicious Code
In this SectionProgramming errors with security
implicationsMalicious Code
Program Development and ControlsControls to protect against flaws in execution
Programs (lots of them)have errorsHow do we keep programs from flaws?How do we protect computing resources
against programs that contain flaws?
Secure ProgramsWhat is a secure program?Everyone has there own requirement of
secure.Part of assessing software qualityDoes it meet security requirements in
specification? (is requirements complete?)
In general, we often look at quantity and types of faults for evidence of security (or lack of it). We track these things.
Who’s Fault is it?Finding lots of faults in software early.
NOT GOOD.Early approaches were “Penetrate” and then
“Patch”NOT GOOD.
Repairing with a patch is a narrow focus and not the more important requirements.
Patches can cause other problems.Non obvious side effectsFix one places – fails anotherPerformance or function suffers
Types of FlawsValidation error (incomplete or inconsistent):
permissions checksDomain error: controlled access to dataSerialization and aliasing: program flow
orderInadequate identification and authentication:
basis for authorizationBoundary condition violation: failure on first
or last caseOther exploitable logic errors
Unexpected BehaviorUnexpected behavior is a program security
flaw.Does the program behave as it was designed?Behavior can be:
Vulnerability (class of fault)Flaw (fault or failure)
Flaw (human)InadvertentIntentional
Nonmalicious Program ErrorsBuffer Overflows
Excess information provided – overfilling the bucket
Buffer – space in which data is held (array or string)
char sample[10] or char sample[i]For (i=0; I<=9; i++)
sample[i] = ‘A’;sample[10] = ‘B’;
Figure 3-1 Places Where a Buffer Can Overflow.
Nonmalicious Program ErrorsIncomplete Mediation
Supplying the wrong type of data being requested.Supplying the wrong length of data being
requested.Problem
System Fails Supply of Bad Data
Must be checked by programmerClient side verses Server Side
Time-of-Check to Time-of-Use ErrorsOld bait-n-switch
Viruses and Other Malicious CodeWhy worry about it?
HarmWhat is it?
Unexpected or undesired effects in program or data caused by an agent intent on damage.
Agent is the writer of the codeMistakes are not malicious (human error)Virus – program that replicates itself to other
programs by altering the program code. Transient virus – runs when host runs Resident virus – resides in memory (active as a stand
alone)
Trojan Horse – in addition to primary effect, has a second, non-obvious malicious effect. Passwords
Logic Bomb – only on a conditionTime bomb – only at certain timeTrapdoor (backdoor) – other means of
privileged access; intentional and non-intentional
Worm – spreads virus via network Rabbit – replicates to exhaust recourses
Viruses can append, surround and integrate
Figure 3-4 Virus Appended to a Program.
Figure 3-5 Virus Surrounding a Program.
Figure 3-6 Virus Integrated into a Program.
Figure 3-7 Virus Completely Replacing a Program.
Viruses (Continued)Document Virus
Within the format of a documentMacro Virus
Appealing Qualities for Virus WritersHard to detectNot easily destroyedSpreads widelyRe-infects easilyEasy to createMachine and OS independent
Viruses (Continued)Where do they live?
One-Time Execution Virus – come in on EMAIL; these are popular
Boot Sector Virus From the bootsrap (bootup); bootse ctor of the hard
disk
Viruses (Continued)Where do they live?
Memory-Resident Viruses Terminate and Stay Resident (TSR) Infects Windows System Registry to reload
ApplicationsMacrosScriptsLibrariesImagesDocuments
Viruses (Continued)Virus Signatures
Viruses are no completely invisibleThey all leave a signature pattern (DNA)Patterns are found with Virus ScannersVirus patterns
Always at same location Top of file location File size grows Strange code; jump statements Hash or checksum change (later chapters)
Figure 3-9 Recognizable Patterns in Viruses.
Viruses (Continued)Transmission PatternsPolymorphic Virus – every changing virusEncrypting Virus – tries to hide
PreventionCommercial software applicationsTest all softwareOpening attachmentsMake system imagesKeep copies of executable files and data filesVirus Detection Software
Viruses (Continued)Truths and Misconceptions about Viruses
Viruses infect only Windows (False)Viruses can modify “hidden” or “read-only” files
(True)Files only appear in executable files (False)Viruses spread only on disks or only through EMAIL
(false)Viruses cannot remain in memory when power is off
(True/False)Viruses can not infect hardware. (True/False)Viruses can be malevolent, benign or benevolent
(True)