FIT3173: Software Security in a Nutshell
Dr Jaigirdar
Department of Software Systems and Cybersecurity
Faculty of Information Technology
Copyright By PowCoder代写 加微信 powcoder
Feedback of This Unit
• Completing an evaluation is easy and takes only 3-5 minutes.
• SETU can be accessed directly through the SETU survey landing page
• https://monash.bluera.com/monash
• Choose FIT3173 unit and teaching staffs you wish to evaluate
• Select your responses, provide your additional comments, and submit your evaluation
Software Security
• Software – a program consists of data, and instructions that manipulate the data
• Software security is about the secure design and implementation of software
• Focus of study
• the code (secure implementation)
• the design (threat modelling)
• the workflow (secure software development cycle)
Why is software security a problem? • Strong incentives for finding and exploiting vulnerabilities
Financial (black market for vulnerabilities/malware)
Political/Espionage (cyber warfare/intelligence) • Made worse by increasing software
• Complexity (millions of code lines)
• Connectivity (more potential threats, zero-day vulnerabilities) • Extendability (online updates)
Secure Software
• Secure software continues to function correctly under malicious attacks
• When a program is executed, the state of a number of objects may change
• A program is said to be secure if new states of the objects modified by the program are collective in an acceptable (safe) state
• Safety: a good (acceptable) state can only be transformed into another good state, even in the presence of adversarial (intentionally malicious) user behaviour
Secure Software
• This has to happen every time when you use that software • DEPENDABILITY
• Or you need to guarantee that this will happen • RELIABILITY
• Dependability/Reliability: safety guaranteed every time the software is used
• SAFETY, DEPENDABILITY(RELIABILITY) ->Trustworthiness
Buffer Overflow (W2)
• Describe and analyse how buffer overflow works
• Know how to prevent and mitigate buffer overflows
• Understand other known memory exploits, i.e., format string vulnerabilities, integer overflow, read overflow
High-level Description
• Program allocates a buffer of length N for user input
• Then it copies user input data without checking input length
• If length(input) > N, excess input will overwrite memory addresses after the buffer • With honest users, it causes a program crash
• But, if carefully controlled, it can be used by the attacker to:
• Overwrite critical program variables (Demo example 1)
• Overwrite function return address to point to either desired existing program code (Demo example 2) or code injected by hacker (Demo example 3)
Stack and Function Calls • Stack frame stores each called function’s local variables/arguments (grows from high addresses to low addresses)
• Stack pointer (ESP register) points to the current top of stack
• Push instruction inserts value on top of stack, decrements ESP
• Pop instruction removes a value from top of stack, increments ESP
Low address: 0x00000000 local vars
Top of stack (esp)
flag offset: [ebp-4]
Current framer pointer (ebp)
test_function() stack frame
Saved frame pointer (SFP)
test_function ret. addr
previous frame pointer return address
High address: 0xffffffff
Tips to Prevent Buffer Overflow
• Ban unsafe function calls
• Use safer functions
• Take length as explicit parameter, do not rely on null termination. • Always do bounds checking
• Use thorough testing and code review
System-Level Mitigations
• Address randomisation: randomise the start location of a stack, and other types of memory, such as heap, libraries, etc.
• Stackshield: copy return address at some other place to check whether it is modified.
• StackGuard: place a guard between the return address and the buffer to detect modification of return address.
• Hardware protection: modern CPU supports NX (No-eXecute) bit. OS can mark memory region as non-executable.
Other Memory Exploits (W3)
• Format string vulnerabilities
• How can format string vulnerabilities be exploited?
• Integer overflow
• How can integer overflow vulnerabilities be exploited?
• Read overflow
• How can read overflow vulnerabilities be exploited?
Memory Defence and Secure Implementation (W3)
• Understand the meaning of memory safety
• Analyse violations of temporal safety and spatial safety
• Understand the meaning of type safety
• Know how to adopt secure coding principles and rules in programming
More Vulnerabilities (W3)
• Command injection
• Understand how to exploit vulnerabilities to launch command injection • Know how to prevent command injection
• Race condition
• Understand how to exploit race condition vulnerabilities • Know how to mitigate race condition based attacks
Cryptographic Pitfalls (W4)
• Understand how to use cryptographic hash functions properly in different application contexts
• Know the properties of poor and good random number generator
• Analyse Key/IV re-use vulnerability in stream cipher
• Adopt modes of AES (Advanced Encryption Standard)
Trusted Execution and Intel SGX (W5)
• Understand trusted execution and isolation • Intel SGX
• Understand the threat models and security guarantees of Intel SGX • Understand how SGX-based applications work
• Understand basic programming model of SGX
• Understand the side-channel attacks against SGX
Secure Testing (W6)
• Understand security testing and its difference from functionality testing • Know security testing approaches
• Source code review (i.e. white-box testing)
• Penetration testing (i.e. black-box testing)
• Analyse testing specific types of applications • Develop security test plans
Web Security (W7)
• Understand the significance of web security and threats in Web
• Evaluate the security of web cookies and understand session hijacking
• Know how SQL injection works
• Analyse the vulnerability of second-order SQL injection • Know the countermeasures against SQL injection
Web Security (W8)
• Cross-Site Request Forgery (CSRF) attack
• Identify CSRF vulnerability in real-world web applications • Know how to apply defences against CSRF
• Cross-Site Scripting (XSS) attack
• Identify XSS vulnerability in real-world web applications • Know how to apply defences against XSS
Secure Software Development & Threat Modelling (W10)
• Understand secure software development process
• Know the definition of threat modelling and how to apply threat modelling • Identify threats using data flow diagram
• Analyse design flaws and code errors during design and implementation • Apply secure software development principles
Topics not to be assessed
• Advanced fuzzy testing (guest lecture W9) • Capture The Flags (CTF) (Lecture W11)
Extra Secure Coding Exercise
Q: What will be printed by this program on the console? And explain why.
Extra Secure Coding Exercise
Q: What are the vulnerabilities in this program?
Extra Secure Coding Exercise
Q: What are the vulnerabilities in this program?
Thank you…
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com