cs 412 software security
play

CS-412 Software Security Introduction Mathias Payer EPFL, Spring - PowerPoint PPT Presentation

Jun 14, 2023 •184 likes •681 views

CS-412 Software Security Introduction Mathias Payer EPFL, Spring 2019 Mathias Payer CS-412 Software Security Course outline Secure software lifecycle Security policies Attack vectors Defense strategies: mitigations and testing Case

  1. CS-412 Software Security Introduction Mathias Payer EPFL, Spring 2019 Mathias Payer CS-412 Software Security

  2. Course outline Secure software lifecycle Security policies Attack vectors Defense strategies: mitigations and testing Case studies: browser/web/mobile security Mathias Payer CS-412 Software Security

  3. Hack the planet! Figure 1: Mathias Payer CS-412 Software Security

  4. About me Instructor: Mathias Payer Research area: software/system security Memory/type safety Mitigating control-flow hijacking Compiler-based defenses Binary analysis and reverse engineering Avid CTF player (come join the polygl0ts) Homepage: http://nebelwelt.net Mathias Payer CS-412 Software Security

  5. Semester and master projects Interested in security? We supervise projects in software security! Software testing: fuzzing Software testing: sanitization Mitigation Program analysis Ping me if interested Figure 2: Mathias Payer CS-412 Software Security

  6. Internship/remote master project Internship number 24346 “TLS Certificate analyser” Who? DDPS, Marc Doudiet Ping me if interested Mathias Payer CS-412 Software Security

  7. Why should you care? Security impacts everybody’s day-to-day life Security impacts your day-to-day life User: make safe decisions Developer: design and build secure systems Researcher: identify flaws, propose mitigations Mathias Payer CS-412 Software Security

  8. Morris Worm Figure 3: Mathias Payer CS-412 Software Security

  9. Morris Worm: What it did Brought down most of the internet in 2nd November, 1988 Buffer overflow in fingerd , injected shellcode and commands. Debug mode in sendmail to execute arbitrary commands. Dictionary attack with frequently used usernames/passwords. Buggy worm: the routine that detected if a system was already infected was faulty and the worm kept reinfecting the same machines until they died. Reverse engineering of the worm Mathias Payer CS-412 Software Security

  10. C and C++ are unsafe. Humans too. Kostya Serebryany, Making C/C++ safer Lots of scary bugs with scary names and logos C and C++ are neither memory nor type safe Root causes: read/write out-of-bounds (OOB) or after-free (UAF), integer overflow, type confusion, . . . Consequences: (remote) code execution, information leak, privilege escalation, safety/reliability issues, . . . Mathias Payer CS-412 Software Security

  11. Android Figure 4: Mathias Payer CS-412 Software Security

  12. Google Chrome Figure 5: Mathias Payer CS-412 Software Security

  13. Low-level software is highly complex Low-level languages (C/C++) trade type safety and memory safety for performance Google Chrome: 76 MLoC Gnome: 9 MLoC Xorg: 1 MLoC glibc: 2 MLoC Linux kernel: 17 MLoC Mathias Payer CS-412 Software Security

  14. Software complexity (1/2) Figure 6: Mathias Payer CS-412 Software Security

  15. Software complexity (2/2) Figure 7: ~100 mLoC, 27 lines/page, 0.1mm/page equals roughly 370m Mathias Payer CS-412 Software Security

  16. Software Engineering versus Security Software engineering aims for Dependability: producing fault-free software Productivity: deliver on time, within budget Usability: satisfy a client’s needs Maintainability: extensible when needs change Software engineering combines aspects of PL, networking, project management, economics, etc. Security is secondary and often limited to testing. Mathias Payer CS-412 Software Security

  17. Definition: Security Security is the application and enforcement of policies through mechanisms over data and resources. Policies specify what we want to enforce Mechanisms specify how we enforce the policy (i.e., an implementation/instance of a policy). Mathias Payer CS-412 Software Security

  18. Security best practices Always lock your screen (on mobile/desktop) Unique password for each service Two-factor authentication Encrypt your transport layer (TLS) Encrypt your messages (GPG) Encrypt your filesystem (DM-Crypt) Disable password login on SSH Open (unkown) executables/documents in an isolated environment Mathias Payer CS-412 Software Security

  19. Definition: Software Security Software Security is the area of Computer Science that focuses on (i) testing, (ii) evaluating, (iii) improving, (iv) enforcing, and (v) proving the security of software. Mathias Payer CS-412 Software Security

  20. Why is software security difficult? Human factor (programmer, software architect, . . . ) Concept of weakest link Performance Usability Lack of resources (time, money) Mathias Payer CS-412 Software Security

  21. Software security best practices? Properly design software Clear documentation (design and implementation) Leverage frameworks (don’t reimplement functionality) Code reviews Add rigorous security tests to unit tests Formal verification for components that can be verified (protocols, small pieces of software) Red team software Offer bug bounties Mathias Payer CS-412 Software Security

  22. Definition: Software Bug A software bug is an error, flaw, failure, or fault in a computer program or system that causes it to produce an incorrect or unexpected result, or to behave in unintended ways. Bugs arise from mistakes made by people in either a program’s source code or its design, in frameworks and operating systems, and by compilers. Source: Wikipedia Mathias Payer CS-412 Software Security

  23. Common bugs: spatial memory safety violation void vuln() { char buf[12]; char *ptr = buf[11]; *ptr++ = 10; *ptr = 42; } Figure 8: Mathias Payer CS-412 Software Security

  24. Common bugs: temporal memory safety violation void vuln(char *buf) { free(buf); buf[12] = 42; } Figure 9: Mathias Payer CS-412 Software Security

  25. Common bugs: type confusion class Base {}; class Greeter : Base {}; class Exec : Base {}; Greeter *g = new Greeter(); Base *b = static_cast<Base*>(g); Exec *e = static_cast<Exec*>(b); ... Figure 10: Mathias Payer CS-412 Software Security

  26. Definition: Software Vulnerability A vulnerability is a software weakness that allows an attacker to exploit a software bug. A vulnerability requires three key components (i) system is susceptible to flaw, (ii) adversary has access to the flaw (e.g., through information flow), and (iii) adversary has capability to exploit the flaw. Mathias Payer CS-412 Software Security

  27. Problem: broken abstractions Figure 11: Mathias Payer CS-412 Software Security

  28. Course goals Software running on current systems is exploited by attackers despite many deployed defense mechanisms and best practices for developing new software. Goal: understand state-of-the-art software attacks/defenses across all layers of abstraction: from programming languages, compilers, runtime systems to the CPU, ISA, and operating system. Mathias Payer CS-412 Software Security

  29. Learning outcomes Understand causes of common weaknesses. Identify security threats, risks, and attack vector. Reason how such problems can be avoided. Evaluate and assess current security best practices and defense mechanisms for current systems. Become aware of limitations of existing defense mechanisms and how to avoid them. Identify security problems in source code and binaries, assess the associated risks, and reason about severity and exploitability. Assess the security of given source code. Mathias Payer CS-412 Software Security

  30. Syllabus: Basics Secure software lifecycle: Design; Implementation; Testing; Updates and patching Basic security principles: Threat model; Confidentiality, Integrity, Availability; Least privileges; Privilege separation; Privileged execution; Process abstraction; Containers; Capabilities Reverse engineering: From source to binary; Process memory layout; Assembly programming; Binary format (ELF) Mathias Payer CS-412 Software Security

  31. Syllabus: Policies and Attacks Security policies: Compartmentalization; Isolation; Memory safety; Type safety Bug, a violation of a security policy: Arbitrary read; Arbitrary write; Buffer overflow; Format string bug; TOCTTOU Attack vectors: Confused deputy; Control-flow hijacking; Code injection; Code reuse; Information leakage; Mathias Payer CS-412 Software Security

  32. Syllabus: Defenses Mitigations: Address Space Layout Randomization; Data Execution Prevention; Stack canaries; Shadow stacks; Control-Flow Integrity; Sandboxing; Software-based fault isolation Testing: Test-driven development; Beta testing; Unit tests; Static analysis; Fuzz testing; Symbolic execution; Formal verification Sanitizer: Address Sanitizer; Valgrind memory checker; Undefined Behavior Sanitizer; Type Sanitization (HexType) Mathias Payer CS-412 Software Security

  33. Syllabus: Case studies Browser security: Browser security model; Adversarial computation; Protecting JIT code; Browser testing Web security: Web frameworks; Command injection; Cross-site scripting; SQL injection Mobile security: Android market; Permission model; Update mechanism Mathias Payer CS-412 Software Security

  34. Course material Slides/homepage: https://nebelwelt.net/teaching/19-412-SoSe/ Text book: Mathias Payer, Software Security: Principles, Policies, and Protection Moodle for discussions Complementing books Trent Jaeger, Operating System Security Remzi H. Arpaci-Dusseau and Andrea C. Arpaci-Dusseau. Operating Systems: Three Easy Pieces Labs and exercises Mathias Payer CS-412 Software Security

Recommend

deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security

deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security

Software and Web Security deel 2 sws1 1 Software and Web Security - 1 &amp; 2 Software is the main source of security vulnerabilities esp in systems accessible via a network part 1 security problems in machine code, compiled from C(++)

1.35k views • 67 slides
Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software

Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software

1 Software and Web Security deel 2 deel 2 sws1 Software and Web Security - 1 &amp; 2 y Software is the main source of security vulnerabilities esp in systems accessible via a network i t ibl i t k part 1 part 1 security problems

672 views • 65 slides
Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software

Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software

Software Security By Hunter Stevenson Khalid Alharbi CSCI 5828 Foundations of Software Engineering Spring 2012 What is the talk NOT about? Cryptography. Database security. Operating Systems security. Network security.

1.37k views • 121 slides
Software Security: Defenses &amp; Principles CS 161: Computer Security Prof. Vern Paxson TAs:

Software Security: Defenses &amp; Principles CS 161: Computer Security Prof. Vern Paxson TAs:

Software Security: Defenses &amp; Principles CS 161: Computer Security Prof. Vern Paxson TAs: Devdatta Akhawe, Mobin Javed &amp; Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ January 25, 2011 Testing for Software Security Issues

444 views • 42 slides
Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust

Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust

Engineering Secure Software The Basics of Software Security Terminology Vulnerabilities Trust Boundary Attacks Threats Application Attacker Exploit Vulnerability : a software defect with security consequences Threat : a potential danger to

1.54k views • 80 slides
Software In-Security Buffer overflows Overview Web Application security Malware OS

Software In-Security Buffer overflows Overview Web Application security Malware OS

Lecture overview Table of contents: Introduction to SW security Software In-Security Buffer overflows Overview Web Application security Malware OS security topics Code scanning Emmanuel Benoist Taught by Ulrich

479 views • 13 slides
CS412 Software Security Secure Software Lifecycle Mathias Payer EPFL, Spring 2019 Mathias Payer

CS412 Software Security Secure Software Lifecycle Mathias Payer EPFL, Spring 2019 Mathias Payer

CS412 Software Security Secure Software Lifecycle Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security Software liveliness Software is not a one-shot effort Software development, production, and maintenance are cost/labor

449 views • 23 slides
CS412 Software Security Web Security Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Web Security Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Web Security Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security Web (and internet) security: two views Just a long running network service Complex application with multiple layers and components.

577 views • 47 slides
Introduction Gang Tan Penn State University Spring 2019 CMPSC 447: Software Security Why a

Introduction Gang Tan Penn State University Spring 2019 CMPSC 447: Software Security Why a

Introduction Gang Tan Penn State University Spring 2019 CMPSC 447: Software Security Why a course on software security? Software plays a major role in the modern society But is a major source of security problems. Software is the

659 views • 30 slides
Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr

Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr

Secure Software Development TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Original slides by Marcus Bendtsen Agenda Securing the software

1.91k views • 65 slides
Chapter 11 Software Security Secure programs Security implies some degree of trust that the

Chapter 11 Software Security Secure programs Security implies some degree of trust that the

Chapter 11 Software Security Secure programs Security implies some degree of trust that the program enforces expected C onfidentiality I ntegrity A vailability How can we look at software component and assess its

837 views • 49 slides
CS527 Software Security Secure Software Lifecycle Mathias Payer Purdue University, Spring 2018

CS527 Software Security Secure Software Lifecycle Mathias Payer Purdue University, Spring 2018

CS527 Software Security Secure Software Lifecycle Mathias Payer Purdue University, Spring 2018 Mathias Payer CS527 Software Security Software liveliness Software is not a one-shot effort Software development, production, and maintenance are

725 views • 23 slides
Web Security TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA)

Web Security TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA)

Web Security TDDC90 Software Security Ulf Kargn Institutionen fr Datavetenskap (IDA) Avdelningen fr Databas- och Informationsteknik (ADIT) Original slides by Marcus Bendtsen Some recent attacks 2 A game changer The Internet

1.17k views • 87 slides
Software Security Return to Libc and ROP Jan Nordholz Prof. Jean-Pierre Seifert Security in

Software Security Return to Libc and ROP Jan Nordholz Prof. Jean-Pierre Seifert Security in

Software Security Return to Libc and ROP Jan Nordholz Prof. Jean-Pierre Seifert Security in Telecommunications TU Berlin SoSe 2014 jan (sect) Software Security SoSe 2014 1 / 13 Recap: Overflow Bugs Ingredients: fixed-size buffer on the

429 views • 13 slides
CS527 Software Security Web Security Mathias Payer Purdue University, Spring 2018 Mathias Payer

CS527 Software Security Web Security Mathias Payer Purdue University, Spring 2018 Mathias Payer

CS527 Software Security Web Security Mathias Payer Purdue University, Spring 2018 Mathias Payer CS527 Software Security Daemons / Services / Servers A daemon is a long running service that serves outside requests. A web server, a mail

503 views • 31 slides
CS590-SWS/527 Software Security OS Security Asst. Prof. Mathias Payer Department of Computer

CS590-SWS/527 Software Security OS Security Asst. Prof. Mathias Payer Department of Computer

CS590-SWS/527 Software Security OS Security Asst. Prof. Mathias Payer Department of Computer Science Purdue University TA: Kyriakos Ispoglou https://nebelwelt.net/teaching/16-527-SoftSec/ Spring 2016 Unix security model Table of Contents

505 views • 27 slides
CS-527 Software Security Basic Security Principles Asst. Prof. Mathias Payer Department of

CS-527 Software Security Basic Security Principles Asst. Prof. Mathias Payer Department of

CS-527 Software Security Basic Security Principles Asst. Prof. Mathias Payer Department of Computer Science Purdue University TA: Kyriakos Ispoglou https://nebelwelt.net/teaching/17-527-SoftSec/ Spring 2017 Security goals Table of Contents

794 views • 26 slides
Buffer Software Security overflows and other memory safety vulnerabilities History

Buffer Software Security overflows and other memory safety vulnerabilities History

This time We will begin By investigating our 1st section: Buffer Software Security overflows and other memory safety vulnerabilities History Memory layouts Buffer overflow fundamentals Software security Security is a form

2.11k views • 190 slides
Who we are Eshard - Embedded Security Company Software &amp; Hardware Security What do we

Who we are Eshard - Embedded Security Company Software &amp; Hardware Security What do we

Who we are Eshard - Embedded Security Company Software &amp; Hardware Security What do we do: @eshardNews Tools: Side Channel / Code Analysis Consultancy https://www.eshard.com Audit contact@eshard.com Training

752 views • 54 slides
Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1314/ Chapter 10: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1314/ Chapter 10: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1314/ Chapter 10: 1 Chapter 10: Software Security Chapter 10: 2 Secure Software Software is secure if it can handle intentionally malformed input; the attacker picks (the

792 views • 42 slides
Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1516/ Chapter 10: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1516/ Chapter 10: 1 Chapter

Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1516/ Chapter 10: 1 Chapter 10: Software Security Chapter 10: 2 Secure Software Software is secure if it can handle intentionally malformed input; the attacker picks (the

708 views • 33 slides
Binary-Level Software Security Gang Tan Department of CSE, Lehigh University For Joint Summer

Binary-Level Software Security Gang Tan Department of CSE, Lehigh University For Joint Summer

Binary-Level Software Security Gang Tan Department of CSE, Lehigh University For Joint Summer Schools on Cryptography and Principles of Software Security @ Penn State; Jun 1st, 2012 High-Level Languages for Safety/Security 2 Java, C#,

1.54k views • 98 slides
CS412 Software Security Mitigations Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Mitigations Mathias Payer EPFL, Spring 2019 Mathias Payer CS412

CS412 Software Security Mitigations Mathias Payer EPFL, Spring 2019 Mathias Payer CS412 Software Security Model for Control-Flow Hijack Attacks Figure 1 Mathias Payer CS412 Software Security Widely-adopted defense mechanisms Hundreds of

1.34k views • 57 slides
Software Security Process &amp; Testing a primer for quality professionals Fred Pinkett VP,

Software Security Process &amp; Testing a primer for quality professionals Fred Pinkett VP,

Software Security Process &amp; Testing a primer for quality professionals Fred Pinkett VP, Product Management Security Innovation About Security Innovation Application Security Experts 10+ years research on vulnerabilities Security

690 views • 49 slides

More recommend