Residency Research
ISOL 536
Security Architecture and Design
Using Resources to Promote
Critical Thinking
Critical thinking is an integral part of any educational program
At UC, we encourage and provide applicable resources for the promotion of critical thinking
In order to properly research and complete course papers, proper resources must be utilized
Critical Thinking helps us to:
Understand the links between ideas.
Determine the importance and relevance of arguments and ideas.
Recognize, build and appraise arguments.
Identify inconsistencies and errors in reasoning.
Approach problems in a consistent and systematic way.
Reflect on the justification of their own assumptions, beliefs and values.
http://www.skillsyouneed.com/learn/critical-thinking.html
Researching Using the Critical Questions
When using research resources, it is imperative to review the six critical questions and implement that data into your writings.
Proper Resources for Research
When asked to completed a research paper in the UC School for Computer and Information Sciences, you must use scholarly, peer-reviewed articles.
A peer-reviewed article is one that has “been evaluated by several researchers or subject specialist in the academic community prior to accepting it for publication” and is “also known as scholarly or refereed.”
Your professor or the UC Librarian team can help you determine whether or not an article is peer-reviewed.
Proper Resources for Research
Examples of sites with peer-reviewed resources
UC Library Site
EBSCOhost
JSTOR
Google Scholar
Examples of sites with unacceptable resources
PC Magazine
Cisco
Ars Technica
Reddit
Proper Format is Important
All papers written for courses within the School for Computer and Information Sciences must follow the American Psychological Association (APA) writing style.
University Resources
The UC Library provides a myriad of online resources to assist students with proper research
Resources referring to Information Security can be found inside the UC Library site
www.ucumberlands.edu/library
Groups
Group 1
Group Topic: Meltdown
[email protected][email protected][email protected][email protected][email protected][email protected]
Group 2
Group Topic: Spectre
[email protected][email protected][email protected][email protected][email protected][email protected]
Group 3
Group Topic: ZombieLoad
[email protected][email protected][email protected][email protected][email protected][email protected]
Group 4
Group Topic: RIDL
[email protected][email protected][email protected][email protected][email protected]
Group 5
Group Topic: Fallout
[email protected][email protected][email protected][email protected][email protected]
Research Topic
Security researchers have discovered major vulnerabilities with the design of Intel chips
The vulnerabilities stem from several issues and their immediate remediations create severe loss of performance
Each vulnerability is similar but different
Res.
Residency ResearchISOL 536 Security Architecture and Design.docx
1. Residency Research
ISOL 536
Security Architecture and Design
Using Resources to Promote
Critical Thinking
Critical thinking is an integral part of any educational program
At UC, we encourage and provide applicable resources for the
promotion of critical thinking
In order to properly research and complete course papers,
proper resources must be utilized
Critical Thinking helps us to:
Understand the links between ideas.
Determine the importance and relevance of arguments and
ideas.
Recognize, build and appraise arguments.
Identify inconsistencies and errors in reasoning.
Approach problems in a consistent and systematic way.
Reflect on the justification of their own assumptions, beliefs
and values.
http://www.skillsyouneed.com/learn/critical-thinking.html
Researching Using the Critical Questions
When using research resources, it is imperative to review the
2. six critical questions and implement that data into your
writings.
Proper Resources for Research
When asked to completed a research paper in the UC School for
Computer and Information Sciences, you must use scholarly,
peer-reviewed articles.
A peer-reviewed article is one that has “been evaluated by
several researchers or subject specialist in the academic
community prior to accepting it for publication” and is “also
known as scholarly or refereed.”
Your professor or the UC Librarian team can help you
determine whether or not an article is peer-reviewed.
Proper Resources for Research
Examples of sites with peer-reviewed resources
UC Library Site
EBSCOhost
JSTOR
Google Scholar
Examples of sites with unacceptable resources
PC Magazine
Cisco
Ars Technica
Reddit
Proper Format is Important
All papers written for courses within the School for Computer
and Information Sciences must follow the American
Psychological Association (APA) writing style.
3. University Resources
The UC Library provides a myriad of online resources to assist
students with proper research
Resources referring to Information Security can be found inside
the UC Library site
www.ucumberlands.edu/library
Groups
Group 1
Group Topic: Meltdown
[email protected][email protected][email protected][email prote
cted][email protected][email protected]
Group 2
Group Topic: Spectre
[email protected][email protected][email protected][email prote
cted][email protected][email protected]
Group 3
Group Topic: ZombieLoad
[email protected][email protected][email protected][email prote
cted][email protected][email protected]
4. Group 4
Group Topic: RIDL
[email protected][email protected][email protected][email prote
cted][email protected]
Group 5
Group Topic: Fallout
[email protected][email protected][email protected][email prote
cted][email protected]
Research Topic
Security researchers have discovered major vulnerabilities with
the design of Intel chips
The vulnerabilities stem from several issues and their
immediate remediations create severe loss of performance
Each vulnerability is similar but different
Research Topic
DO
Provide a working knowledge of your assigned vulnerability
Compare and contrast your assigned vulnerability with others
Deeply research the use of threat modeling and secure
architecture
Tie your research back to recommendations for remediation of
the vulnerability
DO NOT
Dive deep into the mathematics of the vulnerability
Disassociate your peer-reviewed scholarly research from the
5. vulnerability
Plagiarize and copy/paste from sites
Forget the topics of our course (e.g. STRIDE)
Research Paper
10-15 pages
Double spaced APA style
At least 10 references
At least 5 of your references must be scholarly peer-reviewed
articles
Research Paper
Find and review peer-reviewed scholarly articles concerning
security architecture, secure design, and threat modeling
Find and review other information that associates with your
topic area
Apply research from articles on chosen topic area to create
research paper
Research Presentation
Goal is to summarize your research and recommendations
Must present for at least 25 minutes but no more than 30
minutes
Your group will be randomly selected for presentation
All group members need to participate in the presentation
6. ISOL536 | Security Architecture and Design
Dr. Justin O. Hensley
School of Computer and Information Sciences
1
Overview and stride review
2
Ways to Find Security Issues
Static analysis of code
Fuzzing or other dynamic testing
Pen test/red team
Wait for bug reports after release
All of these are fine, but as you go down the list, you’re going
later and later in the development process. So when you find
7. bugs, you may have a hard time fixing them, because you might
have dependencies on behavior such as taking large complex
input from an untrusted party, or your libraries may not handle
issues like sql injection well, or you might be using an untyped
language like C.
3
Ways to Find Security Issues
Threat modeling!
Think about security issues early
Understand your requirements better
Don’t write bugs into the code
And the subject of this course
4
Definitions
What is a threat?
How is it different from a
vulnerability,
risk,
or just a problem?
What is a model?
Many people get stuck on these. Definitions matter. Many
8. people don’t understand the definition of a threat and how it’s
different from a vulnerability, a risk, or a problem.
“Threat” means the bad thing that might happen. “Threat” can
also refer to a person, or a piece of malware, but we don’t use
those definitions here.
“Vulnerability” is a term of art for code that can be
automatically exploited, or more generally, a weakness that can
be exploited.
MODEL: a system or thing used as an example to follow or
imitate.
5
How to Threat Model
What are you building?
What can go wrong?
What are you going to do about it?
Did you complete a good analysis?
The course will teach you practical skills for each of these
6
Addressing the Threat
10. g something or someone else.Pretending to be any of Bill Gates,
Paypal.com or ntdll.dllTamperingIntegrityModifying data or
codeModifying a DLL on disk or DVD, or a packet as it
traverses the networkRepudiationNon-repudiationClaiming to
have not performed an action.“I didn’t send that email,” “I
didn’t modify that file,” “I certainly didn’t visit that web site,
dear!”Information DisclosureConfidentialityExposing
information to someone not authorized to see itAllowing
someone to read the Windows source code; publishing a list of
customers to a web site.Denial of ServiceAvailabilityDeny or
degrade service to usersCrashing Windows or a web site,
sending a packet and absorbing seconds of CPU time, or routing
packets into a black hole.Elevation of
PrivilegeAuthorizationGain capabilities without proper
authorizationAllowing a remote Internet user to run commands
is the classic example, but going from a limited user to admin is
also EoP.
9
What Can Go Wrong?
Track issues as you find them
“attacker could pretend to be a client & connect”
Track assumptions
“I think that connection is always over SSL”
Both lists are inputs to “what are you going to do about it?”
11. 10
Spoofing On the Local MachineThreat ExampleWhat the
Attacker DoesNotes/ExamplesSpoofing a process
Creates a file before the real processThen your process relies on
itAbuses namesCreate a version of “sudo” and alter
PATHSpoofing a filenameCreates a file in the local
directoryLibrary, executable or config fileCreates a link,
changes itAlso called ‘race condition’ or TOCTOUCreates many
files in a target directoryCode can easily create all possible
/tmp/foo.random
11
Tampering with MemoryThreat ExampleWhat the Attacker
DoesNotes/ExamplesModifying codeChanges your code to suit
themselvesHard to defend against if the attacker is running code
inside the trust boundariesModifying data they’ve
suppliedSupplies data to a pass by reference API, then changes
itWorks because of TOCTOU issuesSupplies data into a shared
memory segment, then changes it
12
RepudiationThreat ExampleWhat the Attacker
12. DoesNotes/examplesRepudiating an actionClaims to have not
clickedMaybe they did, maybe they didn’t, maybe they’re
honestly confusedClaims to not have received1. Electronic or
physical
2. Receipt is strange; does a client downloading email mean
you’ve seen it? Did a network proxy pre-fetch images? Was a
package left on a porch?Claims to be a fraud victimUses
someone else’s account
13
Information Disclosure (Processes)Threat ExampleWhat the
Attacker DoesNotes/ExamplesExtracts user dataExploits bugs
like SQL injection to read db tablesCan find this by looking to
data stores, but here the issue is the process returning data it
shouldn’tReads error messages Extracts machine secretsReads
error messagesCannot connect to database ‘foo’ as user ‘sql’
with password ‘&IO*(^&’Exploits bugs“Heartbleed”
14
Information Disclosure (Data Stores)Sub-categoryWhat the
Attacker DoesPermissionsTake advantage of missing or
inappropriate ACLsTake advantage of bad database
permissionsFile files protected by obscuritySecurityFind crypto
keys on disk or in memoryGet data from logs/temp filesGet data
13. from swap filesSee interesting information in
filenames/directory namesNetworkSee data traversing a
networkMiscObtain device, boot in new OS
15
Information Disclosure (Data Flow)Sub-categoryWhat the
Attacker DoesNetworkRead data on a networkRedirects traffics
to enable reading data on the networkMetadataLearns secrets by
analyzing trafficLearns who talks to whom by watching the
DNSLearns who talks to whom by analyzing social network
information
16
Denial of ServiceThreat ExampleWhat the Attacker
DoesNotes/ExamplesAgainst a processAbsorb memory (ram or
disk)Absorb CPUUses a process as an amplifierAgainst business
logic“Too many login attempts”Against a data storeFills the
data storeMakes enough requests to slow the systemAgainst a
data flowConsumes network resources
Can be temporary (as the attack continues; fill the network) or
persist beyond that (fill a disk)
14. 17
Elevation of Privilege (“EoP”)Threat ExampleWhat the Attacker
DoesNotes/ExamplesEoP Against process via corruptionSends
inputs the code doesn’t handle properlyVery common, usually
high impactGains read/write access to memoryWriting memory
more obviously badEoP via misused authorization checksEoP
via buggy authorization checksCentralizing checking makes
consistency, correctness easierEoP via data tamperingModify
bits on disk
18
ISOL536 | Security Architecture and Design
Dr. Justin O. Hensley
School of Computer and Information Sciences
19
15. ISOL536 | Security Architecture and Design
Dr. Justin O. Hensley
School of Computer and Information Sciences
1
Introduction
and expectations
2
Introduce yourself
16. 3
Goals for Residency
Successfully complete part of course requirements
Strengthen research skills
Make professional connections
Increase social and soft skills
Have fun!
4
Expectations for Residency
Come early
Give attention
Respect colleagues
Participate equally
Produce exceptional work
5
Review schedule
17. 6
ISOL536 | Security Architecture and Design
Dr. Justin O. Hensley
School of Computer and Information Sciences
7