Bernard Lietaer - Intentional Cities, Intentional Economies - Creating Wealth
Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering?...
Transcript of Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering?...
![Page 1: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/1.jpg)
Lecture 4: Security Threats, Errors
and their types
138$
![Page 2: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/2.jpg)
What is Security engineering?
139
Security engineering is concerned with lowering the
risk of intentional unauthorized harm to valuable assets to level that is
acceptable to the system’s stakeholders by preventing and
reacting to malicious harm, misuse, threats, and security risks.
Firesmith,$2003$
![Page 3: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/3.jpg)
Outline
• Malware types • Seven pernicious kingdoms • Security threats
– Examples in distributed systems
• Attack trees
141$
![Page 4: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/4.jpg)
Outline
• Malware types • Seven pernicious kingdoms • Security threats
– Examples in distributed systems
• Attack trees
142$
https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
![Page 5: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/5.jpg)
Malicious software https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
• Software used to cause harm to the computer – Compromise computer functions – Steal data – Bypass access controls – …
144$
![Page 6: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/6.jpg)
Malicious software https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
• Symptoms: – Increased CPU usage – Slow computer or web browser speeds – Problems connecting to networks – Freezing or crashing – Modified or deleted files – Appearance of strange files, programs, or desktop icons – Programs running, turning off, or reconfiguring themselves – Strange computer behavior – Emails/messages being sent automatically and without user’s
knowledge
145$
![Page 7: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/7.jpg)
Malicious software https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
• Symptoms: – Increased CPU usage – Slow computer or web browser speeds – Problems connecting to networks – Freezing or crashing – Modified or deleted files – Appearance of strange files, programs, or desktop icons – Programs running, turning off, or reconfiguring themselves – Strange computer behavior – Emails/messages being sent automatically and without user’s
knowledge
146$
Adware Spyware Bot Bug Ransomware
Rootkit Trojan horse Virus Worm Spam
![Page 8: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/8.jpg)
Malware types https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
147$
• Adware (advertising supported software) – automatically delivers
advertisements – Pop-up ads on Websites – Come with spyware
• to track-user activities • to steal information
• Spyware – spy on user activity without
their knowledge • activity monitoring • collecting keystrokes • data harvesting
(account information, logins, financial data)
![Page 9: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/9.jpg)
Malware types https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
• Bot – automatically perform
specific operations – used in botnets – collections
of computers to be controlled by third parties
• DDoS attacks • spambots
148$
• Bug – A flaw that produces an
undesired outcome – Security bugs are the most
severe type of bugs • Attackers can
– bypass user authentication
– override access privileges – steal data
![Page 10: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/10.jpg)
149$
Malware types https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
• Ransomware – holds a computer system
captive while demanding a ransom
– restricts user access to the computer
• encrypting files • locking down the system
and displaying messages to force the user to pay the malware creator
• Rootkit – remotely access or control a
computer without being detected
• remotely execute files • access/steal information • modify system configurations • alter software (especially
security software that could detect the rootkit)
• install concealed malware • control the computer as part of
a botnet
![Page 11: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/11.jpg)
• Virus – copying itself and spreading
to other computers • by attaching themselves to
various programs, executing code when a user launches those programs
• through script files, documents, and cross-site scripting vulnerabilities in web apps
– used to • steal information, money • harm host computers and
networks • create botnets • render advertisements
150$
• Worm – spread over computer networks
by exploiting operating system vulnerabilities
– harm to host networks by consuming bandwidth and overloading web servers
– Have the ability to self-replicate and spread independently
– Worms often spread by sending mass emails with infected attachments to users’ contacts
Malware types https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
![Page 12: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/12.jpg)
• Trojan Horse – disguises itself as a normal
file or program to trick users into downloading and installing malware
– can give a malicious party remote access
– once an attacker has access to an infected computer
• to steal data • install more malware • modify files • monitor user activity • use the computer in botnets • …
151$
• Spam – electronic sending of mass
unsolicited messages • email, instant messages, texting,
blogs, web forums, search engines, social media
– it is very common for malware to spread through spamming
• when infected computers (with viruses, worms, …) are used to distribute spam messages containing more malware
Malware types https://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/
![Page 13: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/13.jpg)
Outline
• Malware types • Seven pernicious kingdoms • Security threats
– Examples in distributed systems
• Attack trees
152$
Tsipenyuk K., Chess B., McGraw G., Seven Pernicious Kingdoms: A Taxonomy of Software Security Errors, IEEE Security and Privacy, 2005
![Page 14: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/14.jpg)
Seven Pernicious Kingdoms
$154$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
![Page 15: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/15.jpg)
$155$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
• Caused by o Meta-characters, alternate encoding,
numeric representation
• Problems result from o Lack of input validation o Representation issues
• easy target • often-used point of attack
• Resulting problems o Buffer overflows o Cross-site scripting attacks o SQL injection o Command injection o Setting Manipulation o String termination error o …
![Page 16: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/16.jpg)
$156$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
• Caused by o The callee failing to honor its end of
the contract
• Case o If a program fails to call chdir() after
calling chroot(), it violates the contract that specifies how to change the active root directory in a secure fashion
• Resulting problems o Dangerous functions o Often misused exception
handling o Unchecked return value o Directory restriction o …
• An API is a contract between a caller and a callee
![Page 17: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/17.jpg)
$157$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
• Caused by o Incorrect implementation o Incorrect use of security features
like • Authenticity, Access control,
Cryptography, Digital signatures, …
• Resulting problems o Insecure randomness o Missing access control o Password management o Privacy violation o …
• Software security is not security software
![Page 18: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/18.jpg)
$158$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
• Caused by o Distributed computing o Sharing state o Multithreading o A programmer’s belief that
everything happens in one continuous sequence
• Resulting problems o Deadlock o Failure to begin a new session
upon authentication o Insecure temporary file o File access race condition
(TOCTOU) o …
• In order for more than one component to communicate, state must be shared, and all that takes time
![Page 19: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/19.jpg)
$159$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
• Caused by o Unexpected input – unexpected
behaviour o Concept of exceptions in modern
programming languages o Insecure use and handling of
exceptions
• Resulting problems o Catch NullPointerException o Empty catch block o Overly-broad catch block o Overly broad throw declaration o Unchecked return value
• Errors and error handling represent a class of API
• Errors related to error handling are so common that they deserve a special kingdom of their own
![Page 20: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/20.jpg)
$160$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
• Caused by o Lack of compliance with design o Insecure code is buggy code o Code readability o Complexity of code vs.
complexity the human brain is able to manage
o Forgetting to remove old code
• Resulting problems o Inconsistent implementation o Memory leak o Obsolete code o Underfined behaviour o Uninitalised variable o Unreleased resource o Use after free o …
![Page 21: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/21.jpg)
$161$$
• Caused by o Lack of clear boundaries
• Between WebApp and system resources
• Between validated and unvalidated data
• Between classes with various methods
o Lack of attention to trust models and trust boundaries
• Resulting problems o Comparing classes by name o Data leaking between users o Leftover debug code o Mobile code: non-final public
field o Trust boundary violation o …
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
![Page 22: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/22.jpg)
$162$$
1. Input validation and Representation
2. API Abuse 3. Security Features 4. Time and State
5. Error Handling 6. Code Quality 7. Encapsulation
* Environment
• Caused by o The software you are developing
running on a machine… o ... with an operating systems… o … and other software… o … quite possibly connected to other machines
through a network… o … all the stuff that is outside the code but is
still critical to the security of the created software
• Resulting problems o Misconfiguration issues o Insecure compiler
optimisation o …
![Page 23: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/23.jpg)
Outline
• Malware types • Seven pernicious kingdoms • Security threats
– Examples in Distributed Systems
• Attack trees
163$
Uzunov A. V., E. B. Fernandez, An extensible pattern-based library and taxonomy of security threats for distributed systems, Computer Standards & Interfaces, 36 (4), 2014, June 734-747.
![Page 24: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/24.jpg)
Functional Decomposition
• User interaction – Interfacing and/or interacting
with users
• Data/storage management – Storing and management of
applications or information
• Resource management – Resource allocation, global
scheduling, process migration, – Dynamic configuration of
active software components 166$
• Distribution control – Component collaboration – Coordination of local/remote
execution – Synchronization/concurrency
control
• Communication – Network communication
• Addressing – Address, identifier and/or name
allocation, distribution and discovery/lookup
![Page 25: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/25.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
167$
![Page 26: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/26.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
168$
• Attacker attempts to fabricate or misuse identities in a system
• Examples – Identity spoofing – Advantageous identity allocation
![Page 27: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/27.jpg)
Threats to the System (first level threats)
• Identify attacks • Network
communication attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
169$
• Threats to communication between distributed components
• Examples – Message secrecy violation – Message integrity violation – Message authenticity violation – Traffic analysis, protocol sniffing – Covert network channel – Session hijacking – Session state poisoning – Route poisoning – Message flooding
![Page 28: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/28.jpg)
Threats to the System (first level threats)
• Identify attacks • Network
communication attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
170$
• Threats to communication between distributed components
• Examples – Message secrecy violation – Message integrity violation – Message authenticity violation – Traffic analysis, protocol sniffing – Covert network channel – Session hijacking – Session state poisoning – Route poisoning – Message flooding
![Page 29: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/29.jpg)
Threats to the System (first level threats)
• Identify attacks • Network
communication attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
171$
• Threats to communication between distributed components
• Examples – Message secrecy violation – Message integrity violation – Message authenticity violation – Traffic analysis, protocol sniffing – Covert network channel – Session hijacking – Session state poisoning – Route poisoning – Message flooding
![Page 30: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/30.jpg)
Threats to the System (first level threats)
• Identify attacks • Network
communication attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
172$
• Threats to communication between distributed components
• Examples – Message secrecy violation – Message integrity violation – Message authenticity violation – Traffic analysis, protocol sniffing – Covert network channel – Session hijacking – Session state poisoning – Route poisoning – Message flooding
Messages in transit • intercepted and their contents read
by an attacker • intercepted and modified, replaced,
corrupted or simply deleted by an attacker
![Page 31: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/31.jpg)
Threats to the System (first level threats)
• Identify attacks • Network
communication attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
173$
• Threats to communication between distributed components
• Examples – Message secrecy violation – Message integrity violation – Message authenticity violation – Traffic analysis, protocol sniffing – Covert network channel – Session hijacking – Session state poisoning – Route poisoning – Message flooding
Messages in transit • intercepted and their contents read
by an attacker • intercepted and modified, replaced,
corrupted or simply deleted by an attacker
![Page 32: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/32.jpg)
Threats to the System (first level threats)
• Identify attacks • Network
communication attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
174$
• Threats to communication between distributed components
• Examples – Message secrecy violation – Message integrity violation – Message authenticity violation – Traffic analysis, protocol sniffing – Covert network channel – Session hijacking – Session state poisoning – Route poisoning – Message flooding Secure communication • message encryption • message hashing, error
detection codes
![Page 33: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/33.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
175$
• Threats specifically to the network protocols used for communication
• Examples – Message replay – Message reuse – Protocol field modification – Use of abnormal packet size – Use of abnormal package
sequencing – Use of reserved protocol packet
![Page 34: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/34.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
176$
• Input data is manipulated by attacker for some malicious purpose
• Examples – Injection
![Page 35: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/35.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data
attacks • Stored data attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
177$
• Input data is manipulated by attacker for some malicious purpose
• Examples – Corruption
![Page 36: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/36.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data
attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
178$
• Extracting information from a component or remotely, i.e., over network
• Examples – Scanning (information gathering – Probing (vulnerability checking) – Output information disclosure – Data inference
![Page 37: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/37.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data
attacks • Remote information
inference • Loss of accountability • Uncontrolled operations
179$
• Impact accountability attributes
• Examples – Track erasing – Repudiation
![Page 38: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/38.jpg)
Threats to the System (first level threats)
• Identify attacks • Network communication
attacks • Network protocol attacks • Passing illegal data
attacks • Remote information
inference • Loss of accountability • Uncontrolled
operations
180$
• Exploits existing system functionality in ways that would not normally be allowed (e.g., race conditions, access to data)
• Examples – Unauthorized access – Invoking unauthorized operations – Spoofing privileged processes – Unsafe code execution – Exploitation of tight component coupling – Process overflow attack – Exploiting concurrency flaws – Resource exhaustion – Targeted process crashing
![Page 39: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/39.jpg)
Threats to Security Infrastructure (second level threats)
• Cryptography attacks • Countermeasure
design • Configuration/
administration • Network protocol
threats
182$
![Page 40: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/40.jpg)
Threats to Security Infrastructure (second level threats)
• Cryptography attacks • Countermeasure
design • Configuration/
administration • Network protocol
threats
183$
• Threats to countermeasures using cryptography
• Examples – Forging cryptographic credentials – Abuse of weak algorithm – Exploiting vulnerable security
protocol – Password attacks (guessing,
brute force, rainbow tables)
![Page 41: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/41.jpg)
Threats to Security Infrastructure (second level threats)
• Cryptography attacks • Countermeasure
design • Configuration/
administration • Network protocol
threats
184$
• Threats to the way certain countermeasures are (or may be) designed
• Examples – Use of default credentials – Bypassing controls – Leveraging authorization model
![Page 42: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/42.jpg)
Threats to Security Infrastructure (second level threats)
• Cryptography attacks • Countermeasure
design • Configuration/
administration • Network protocol
threats
185$
• Threats related to configuration and/or administration of the security system
• Examples – Exploiting bad policies – Unauthorized modification of rights
![Page 43: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/43.jpg)
Threats to Security Infrastructure (second level threats)
• Cryptography attacks • Countermeasure
design • Configuration/
administration • Network protocol
threats
186$
• Also at the first level • Threats applicable to secure
protocol design
![Page 44: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/44.jpg)
Outline
• Malware types • Seven pernicious kingdoms • Security threats
– Examples in distributed systems
• Attack trees
187$
Schneier B., Attack Trees: Modeling security threats, Dr. Dobb's Journal December 1999
![Page 45: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/45.jpg)
189$
![Page 46: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/46.jpg)
What did we learn today?
192$
• Malware types • Seven pernicious kingdoms • Security threats
– Examples in distributed systems
• Attack trees
![Page 47: Lecture 4: Security Threats, Errors and their types · 2016-03-10 · What is Security engineering? 139 Security engineering is concerned with lowering the risk of intentional unauthorized](https://reader034.fdocuments.in/reader034/viewer/2022042313/5ee011d3ad6a402d666b52de/html5/thumbnails/47.jpg)
$193$$193$