Principles Defense in Depth • Use multi layers to protect against defense failure • E.g. firewalls, IDS, Load balancers, IP restrictions Least Privilege • Grant fewer access to the system as possible • E.g. restrict access to DB Least Complicated • Complexity generates mistakes 3
Practices Filter input • Ensure coming data it invalid Escape output • Ensure outgoing data is not misinterpreted Input Application Output 4
Secure the networkSecure the host Runtime services Platform Secure the application Services Presentation Data Access Business Logic Operating Logic Logic System 5
Anatomy of web attack Survey and Exploit and Escalates assess penetrate privileges Maintain Deny access service 6
Threat Categories • STRIDE: based on goals and purposes of attacker • Three categories based on the three-tiered approach Application Network Host 7
Spoofing • Gain access to system with false identity Tampering • Unauthorized modification of data • Ability of user to deny of performing specific Repudiation actions or transactions Information • Exposure of private data disclosureDenial of Service • Making the system unavailable Elevation of • user with limited privileges assumes the identity Privilege of a full privileged user 8
• Strong authentication, SSL, avoid plaintext to Spoofing store and send sensitive data Tampering • Data Hashing, Digital signature, Authorization Repudiation • Secure audit trails, Digital Signature Information • Strong authorization and encryption, avoid disclosure plaintexts, secure communication links • Validate and filter input, bandwidth throttling Denial of Service techniques, AAA ProtocolElevation of Privilege • Follow principle of “Least Principle” 9
Information • Discover and profile network devices to gathering find vulnerabilities • Eavesdropping data across over the Sniffing network traffic • Hide one’s true ID and access the system Spoofing and work around ACLsSession hijacking • Main in the middle attack • Denies legitimate access to server orDenial of service services 10
Information • Configure routers to restrict to footprinting, disabled gathering unused protocols and ports • Use strong physical security, network Sniffing segmentation, encrypt communication Spoofing • Filter incoming packets and outgoing packets • encrypted session negotiation and communicationSession hijacking channelsDenial of service • IDS, appropriate registry settings of TCP/IP stack 11
Viruses, Trojan • perform malicious acts and causehorses, and worms disruption to OS • Try to reveal valuable information of the Footprinting systemPassword cracking • try to establish an authenticated connection with server Arbitrary code • execute malicious code on the server execution Unauthorized • Try to access restricted information or access perform restricted operations 12
Viruses, Trojan • Harden weak, default configurationhorses, and worms settings, anti-virus applications • Disable unused ports and Footprinting protocols, IDS, “defense in depth” • Strong passwords, lockout policies, AuditPassword craking failed logins attempts Arbitrary code • Lock down system commands & utilities with execution restricted ACLs, update patches and updates Unauthorized • Secure web permission, Lock down files and access folders 13
Input Validation • Cross-site scripting(XSS), SQL injection Authentication • Dictionary attacks, brute-force attacksSession management • Session hijacking, man in the middle • Poor key generation or key management, weak or Cryptography custom encryption Parameter • Query string & form field manipulation, cookie manipulation manipulation, HTTP header manipulation Exception • Information disclosure, denial of service Management 14
• Validate input, Encode user output, Use Input Validation parameterized stored procedures Authentication • Strong passwords with hashesSession management • SSL, expiration period on the session cookie, HMACs • Secure encryption system, DPAPI, use proven Cryptography cryptographic services Parameter • Session identifier, HTTP Post, Encrypt query manipulation strings, HMACs Exception • Exception Handling and logging Management 15
By understanding STRIDE, it is more effective when applying countermeasures. Also understanding common threats, it can be prevented from compromising the application Thank You! 16
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.