SlideShare a Scribd company logo

Lecture 3

Download as PPT, PDF
E
Education

Computer Network Security PPT

Engineering
1 of 57
Computer Network Security 1 Program security Two types of program flaws Non-malicious program flaws Malicious program flaws
Computer Network Security 2 Non malicious program errors Buffer overflows Incomplete mediation Time-of-check to time-of-use errors
Computer Network Security 3 Buffer overflow The computer equivalent of trying to pour two litre of water into a one-litre pitcher A buffer is a space in which data can be held Since memory is finite, so is the buffer The programmer must declare the buffer size
Computer Network Security 4 Buffer overflow char sample[10] sets aside ten bytes of memory sample[10]=‘A’; sample[i]=‘A’; All program and data are in memory during execution, sharing the space with the OS, other code and resident routines
Computer Network Security 5 Buffer overflow If the extra character overwrites user’s data, it may affect the program’s results but not other programs If it overflows into the user’s program area, and overwrites an instruction to be executed the machine will try to execute 0x41
Computer Network Security 6 Security implications The attacker may replace code in system space by other instructions which will cause control to be transferred to the attacker with OS privileges The attacker could replace the return address
Computer Network Security 7 Security implementation Identify what you are trying to protect. Determine what you are trying to protect them from. Determine how likely the threats are. Implement steps that protect your assets in a cost effective manner Review the process continuously making improvements when you find a weakness
Computer Network Security 8 Incomplete mediation http://www.somesite.com/subpage/userinput&para m1=(808)555-1212&param2=2002Jan01 What if param2 were 1800Jan01? Or 1800Feb30? Or 2048Min32? Or 1Aardvark2Many? A routine could fail on a data type error Receiving program generates wrong result The receiving program might have a default condition
Computer Network Security 9 Time-to-check to time-of-use errors Involves synchronization Modern OSs and processors usually change the order of instruction execution to increase performance Instructions that appear to be adjacent may not be executed immediately after each other, because of intentionally changed order or the effects of other processes in concurrent execution
Computer Network Security 10 Time-to-check to time-of-use errors Every requested access must be governed by an access policy stating who is allowed access to what, then the request must be mediated by an access policy enforcement agent An incomplete mediation problem occurs if the access is not checked universally
Computer Network Security 11 Time-to-check to time-of-use errors A person draws five $20 bills from his pocket, carefully counts them and places them in front of the seller. When the seller turns around to make his bill, he takes back one $20 bill, hands over the stack of bills, takes his buy and leaves
Computer Network Security 12 Time-to-check to time-of-use errors An application request access to a file and passes a data structure. The mediator stores the filename locally and checks for access rights. While the mediator checks for access, the user may modify the locally stored file name and gain access to a different file
Computer Network Security 13 Security implication Checking one action and performing another is an example of ineffective access control Solutions: Digital signatures and certificates. Time-of- check is when someone signs and time-of-use is when anyone verifies the signature. If the private key is exposed, the key must be revoked
Computer Network Security 14 Failures due to non-malicious flaws ARPANET had hard coded 347 as the size of the node table When a host’s node table reached 348, it crashed
Computer Network Security 15 Viruses and other malicious code Much of the work done by programs is invisible to users. How can you tell if a game program does nothing in addition to its expected interaction with you? Malicious people can make programs serve as vehicles to access and change data and other programs Unanticipated or undesired effects in program parts
Computer Network Security 16 Malicious code-possibilities Write a message to the screen Stopping a running program Generating a sound Erasing a stored file
Computer Network Security 17 Kinds of malicious code 􀂄 Virus 􀂄 Trojan horse 􀂄 Logic bomb 􀂄 Backdoor 􀂄 Worm 􀂄 rabbit
Computer Network Security 18 Virus A program that can pass on malicious code to other non-malicious programs by modifying them Virus can be transient or resident Transient virus’s life depends on the life of its host: the virus runs when the host does A resident virus locates itself in memory
Computer Network Security 19 Trojan horse A Trojan horse is malicious code that, in addition to its primary effect, has a second, nonobvious malicious effect. As an example of a computer Trojan horse, consider a login script that solicits a user’s identification and password, passes the identification information on to the rest of the system for login processing, but also retains a copy of the information for later, malicious use.
Computer Network Security 20 logic bomb A logic bomb is a class of malicious code that “detonates” or goes off when a specified condition occurs. A time bomb is a logic bomb whose trigger is a time or date.
Computer Network Security 21 Backdoor A trapdoor or backdoor is a feature in a program by which someone can access the program other than by the obvious, direct call, perhaps with special privileges. For instance, an automated bank teller program might allow anyone entering the number 990099 on the keypad to process the log of everyone’s transactions at that machine.
Computer Network Security 22 Worm A worm is a program that spreads copies of itself through a network. The primary difference between a worm and a virus is that a worm operates through networks, and a virus can spread through any medium (but usually uses copied program or data files). Additionally, the worm spreads copies of itself as a standalone program, whereas the virus spreads copies of itself as a program that attaches to or embeds in other programs.
Computer Network Security 23 Rabbit Some literature also defines a rabbit as a virus or worm that self-replicates without bound, with the intention of exhausting some computing resources. A rabbit might create copies of itself and store them on disk, in an effort to completely fill the disk, for example.
Computer Network Security 24 How viruses attach A virus will do nothing and will not spread unless it is executed. There are many ways to ensure that a virus is executed A setup program may call dozens or even hundreds of other programs, on the distribution disk, already residing on the computer, or resident in memory Human intervention is necessary to start the process
Computer Network Security 25 How viruses attach Email attachments The virus code can be embedded in an executable file attachment Objects such as graphics files can contain code to be executed by the editor, so they can be transmission agents for viruses
Computer Network Security 26 How viruses attach Appended viruses Viruses that surround a program Integrated virus and replacements
Computer Network Security 27 Appended viruses Usually a virus inserts a copy of itself before the first executable instruction in a program Simple and usually effective Typically the user does not notice the effects of the virus since the program does its job as usual
Computer Network Security 28 Viruses that surround a program Has control before and after a program execution A virus’ presence may be given away by the file size of the program, so the virus writer may infect the file listing display program to regain control after the file listing is generated but before it is displayed
Computer Network Security 29 Integrated viruses and replacements Virus replaces some of its target Virus writer has to know the exact structure of the program Could replace the entire target
Computer Network Security 30 Document viruses Most popular Implemented within a formatted document, which contains not only data, but also commands, such as formulae, formatting controls and links etc User sees only the contents of the document, so the virus writers includes the virus in the commands
Computer Network Security 31 How viruses gain control A virus has to be invoked instead of the target The virus has to either seem to be the target, or has to push the target out of the way and become a substitute A virus could replace a target by assuming its name The virus can overwrite the target on disk
Computer Network Security 32 How viruses gain control The virus can change the pointers in the file tables so that the virus is located instead of the target
Computer Network Security 33 Desirable qualities in viruses Hard to detect Not easily destroyed Spreads widely Re-infect its home program or other programs Easy to create Machine independent and OS independent
Computer Network Security 34 Homes for viruses One time execution Boot sector viruses Memory-resident viruses Other homes
Computer Network Security 35 One-time execution Majority of viruses today execute only once, spreading their infection and causing their effect in that one execution A virus often arrives as an email attachment of a document virus and is executed just by opening it
Computer Network Security 36 Boot sector viruses A given hardware platform can run many different OS The boot sector contains a boot loader to load the particular OS into memory and run it To accommodate large boot loaders, chaining is used The virus may break the chain anywhere and insert itself Appeal: virus gains control early, when no detection tool is running, and is invisible to file listing
Computer Network Security 37 Memory resident viruses Some portions of the OS and a few specialized user programs would take too long to reload each time they are needed, so they are kept in memory and are called resident code e.g., routines that interpret keys pressed on the keyboard, error control, alarm clock Virus attached to resident code
Computer Network Security 38 Other homes for viruses Application macros Libraries Compilers, linkers Runtime monitors, runtime debuggers Anti-virus
Computer Network Security 39 Virus signatures A virus can not be completely invisible Code must be stored somewhere and must be in memory A virus executes in a particular way and uses a certain method to spread Each of these characteristics yields a telltale pattern called a signature
Computer Network Security 40 Virus effects and causes
Computer Network Security 41 Virus effects and causes
Computer Network Security 42 Execution patterns A virus writer may want a virus to do several things at the same time Spread infection Avoid detection Cause harm
Computer Network Security 43 Transmission patterns Viruses can travel During the boot process Over a network connection Host’s execution Remain in memory to infect other diskettes
Computer Network Security 44 Polymorphic viruses Virus signature is the most reliable way to detect a virus A clever virus writer can cause something other than specific strings to be in portions where a virus scanner would look for those strings A virus that can change its appearance is called a polymorphic virus
Computer Network Security 45 Polymorphic viruses Two-form virus can be treated as two independent viruses, so the virus writer will want a large or unlimited number of forms A polymorphic virus has to randomly reposition all parts of itself and randomly change all fixed data A virus may randomly intersperse harmless instructions throughout its code
Computer Network Security 46 Prevention of virus infection Not to share executable code with infected source This was easy to do, as executable files had a particular extension Today seemingly non-executable files can contain executable code Programs are usually configured to activate this code automatically, such as open attachments
Computer Network Security 47 Prevention of virus infection The file type is hidden in a field at the start of a file, so Windows would try to open an executable file with a non-executable extension, with the appropriate program, failing which the executable code will be run Since you can not know which sources are infected, assume that every outside source is infected
Computer Network Security 48 Prevention Use only software acquired from reliable and well-established vendors Test all software on an isolated computer Open attachments only when you know them to be safe Make a recoverable system image and store it safely Make and retain backup copies of executable system files Use virus detectors
Computer Network Security 49 Trapdoors An undocumented entry point into a module Inserted during code development, perhaps to test the module, or to provide hooks by which to connect future modifications, or enhancements, or to allow access if the module should fail in the future
Computer Network Security 50 Trapdoors-Examples Programs are prepared in modules, each tested in “unit testing” and then integrated and tested in “integration testing”, to see how they function as they send messages and data from one to the other Rather than paste all modules together in a big bang approach, the modules are grouped into several logical clusters of a few components each Each cluster is tested in a way that allows testers to control and understand what might make a component or its interface fail
Computer Network Security 51 Trapdoors-Examples During component testing, the tester cannot use the surrounding routines that prepare input or work with output, so they write “stubs” and “drivers” to inject data in and extract results These stubs and drivers are later discarded because they are replaced by the actual components The programmers embed debugging code into suspicious components To control stubs or invoke debugging code, the programmer embeds special control sequences in the component’s design, specifically to support testing
Computer Network Security 52 Trapdoors-Examples Command insertion is a recognized testing practice, if left in place after testing, the extra commands can become a problem The Internet Worm spread itself due to exactly this kind of a trapdoor in an email program Poor error checking is another source of trapdoors Trapdoors can be useful for system auditing or testing, but they must be documented and access must be protected
Computer Network Security 53 Trapdoors-causes Trapdoors can persist in programs because the developer: forgot to remove them Intentionally left it there for testing Intentionally left it for maintenance Left there for covert access
Computer Network Security 54 Covert channels Programs that communicate information to people who shouldn’t receive it The communication accompanies other perfectly proper communications e.g., a student may communicate correct answer choices by coughing once for ‘a’, clearing her throat for ‘b’ and so on One way for the programmer to have a covert channel is to write to a file, print it out A programmer should not have access to data once the program is in operation
Computer Network Security 55 How to create covert channels A printed report would be too obvious Encode data values into a different report format Storage channels: pass information by using the presence or absence of objects in storage e.g., lock or not lock a file to signal one bit of information Other ways would be consume disk quota Timing channels: pass information by the speed at which things happen e.g., using or not using an assigned amount of computing time (quantum)
Computer Network Security 56 How to prevent these flaws Good software engineering practices Operating system controls Administrative controls Program controls in general
Computer Network Security 57 ANY QUESTIONS ?

Recommended

Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
Program security
Program securityProgram security
Program securityG Prachi
 
Computer Worms
Computer WormsComputer Worms
Computer Wormssadique_ghitm
 
Chapter 2 program-security
Chapter 2 program-securityChapter 2 program-security
Chapter 2 program-securityVamsee Krishna Kiran
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer securityArzath Areeff
 

Recommended

Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
Program security
Program securityProgram security
Program securityG Prachi
 
Computer Worms
Computer WormsComputer Worms
Computer Wormssadique_ghitm
 
Chapter 2 program-security
Chapter 2 program-securityChapter 2 program-security
Chapter 2 program-securityVamsee Krishna Kiran
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Network attacks
Network attacksNetwork attacks
Network attacksManjushree Mashal
 
Firewall Design and Implementation
Firewall Design and ImplementationFirewall Design and Implementation
Firewall Design and Implementationajeet singh
 
Basic concepts in computer security
Basic concepts in computer securityBasic concepts in computer security
Basic concepts in computer securityArzath Areeff
 
Web security
Web securityWeb security
Web securityJatin Grover
 
Design issues for the layers
Design issues for the layersDesign issues for the layers
Design issues for the layersjayaprakash
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Chapter 01
Chapter 01Chapter 01
Chapter 01nathanurag
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network SecurityDushyant Singh
 
Malicious software
Malicious softwareMalicious software
Malicious softwarerajakhurram
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Keyloggers.ppt
Keyloggers.pptKeyloggers.ppt
Keyloggers.pptChetanmalviya8
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
Computer system architecture
Computer system architectureComputer system architecture
Computer system architecturevenkateswarlu G
 
Web Security
Web SecurityWeb Security
Web SecurityDr.Florence Dayana
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security PresentationPraphullaShrestha1
 
Worm
WormWorm
WormS.M. Towhidul Islam
 
Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3Education
 
unit 2 -program security.pdf
unit 2 -program security.pdfunit 2 -program security.pdf
unit 2 -program security.pdfKavithaK23
 

More Related Content

What's hot

Design issues for the layers
Design issues for the layersDesign issues for the layers
Design issues for the layersjayaprakash
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITYafaque jaya
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network SecurityDushyant Singh
 
Malicious software
Malicious softwareMalicious software
Malicious softwarerajakhurram
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacksphanleson
 
Network security
Network securityNetwork security
Network securityEstiak Khan
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
Computer system architecture
Computer system architectureComputer system architecture
Computer system architecturevenkateswarlu G
 
Operating system security
Operating system securityOperating system security
Operating system securityRamesh Ogania
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewMohamed Loey
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and SpywaresAnkit Mistry
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security PresentationPraphullaShrestha1
 

What's hot (20)

Web security
Web securityWeb security
Web security
 
Design issues for the layers
Design issues for the layersDesign issues for the layers
Design issues for the layers
 
NETWORK SECURITY
NETWORK SECURITYNETWORK SECURITY
NETWORK SECURITY
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Chapter 01
Chapter 01Chapter 01
Chapter 01
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 
Keyloggers.ppt
Keyloggers.pptKeyloggers.ppt
Keyloggers.ppt
 
Ch03 Network and Computer Attacks
Ch03 Network and Computer AttacksCh03 Network and Computer Attacks
Ch03 Network and Computer Attacks
 
Network security
Network securityNetwork security
Network security
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
 
Computer system architecture
Computer system architectureComputer system architecture
Computer system architecture
 
Web Security
Web SecurityWeb Security
Web Security
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Computer Security Lecture 1: Overview
Computer Security Lecture 1: OverviewComputer Security Lecture 1: Overview
Computer Security Lecture 1: Overview
 
Network Security
Network SecurityNetwork Security
Network Security
 
Keyloggers and Spywares
Keyloggers and SpywaresKeyloggers and Spywares
Keyloggers and Spywares
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Worm
WormWorm
Worm
 

Similar to Lecture 3

Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3Education
 
unit 2 -program security.pdf
unit 2 -program security.pdfunit 2 -program security.pdf
unit 2 -program security.pdfKavithaK23
 
maliciouse code malwere dan bentuk penyebarannya
maliciouse code malwere dan bentuk penyebarannyamaliciouse code malwere dan bentuk penyebarannya
maliciouse code malwere dan bentuk penyebarannyaSYYULIANISKOMMT
 
Presentation2
Presentation2Presentation2
Presentation2Jeslynn
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
Application'sand security
Application'sand securityApplication'sand security
Application'sand securityarun nalam
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethicsArgie242424
 
Final Project _Smart Utilities
Final Project _Smart UtilitiesFinal Project _Smart Utilities
Final Project _Smart UtilitiesPasan Alagiyawanna
 
Software security
Software securitySoftware security
Software securityjes_d
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System ThreatsReddhi Basu
 
Computer virus
Computer virusComputer virus
Computer virusDark Side
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilitiesricharddxd
 
Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & preventionKhaleel Assadi
 
Form4 cd2
Form4 cd2Form4 cd2
Form4 cd2smktsj2
 

Similar to Lecture 3 (20)

Program security chapter 3
Program security chapter 3Program security chapter 3
Program security chapter 3
 
unit 2 -program security.pdf
unit 2 -program security.pdfunit 2 -program security.pdf
unit 2 -program security.pdf
 
Ch19
Ch19Ch19
Ch19
 
maliciouse code malwere dan bentuk penyebarannya
maliciouse code malwere dan bentuk penyebarannyamaliciouse code malwere dan bentuk penyebarannya
maliciouse code malwere dan bentuk penyebarannya
 
Presentation2
Presentation2Presentation2
Presentation2
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
Application'sand security
Application'sand securityApplication'sand security
Application'sand security
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
 
INT 1010 05-3.pdf
INT 1010 05-3.pdfINT 1010 05-3.pdf
INT 1010 05-3.pdf
 
Final Project _Smart Utilities
Final Project _Smart UtilitiesFinal Project _Smart Utilities
Final Project _Smart Utilities
 
Software security
Software securitySoftware security
Software security
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
 
Computer virus
Computer virusComputer virus
Computer virus
 
Computer virus
Computer virusComputer virus
Computer virus
 
Virus and Worms
Virus and WormsVirus and Worms
Virus and Worms
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilities
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwares
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & prevention
 
Form4 cd2
Form4 cd2Form4 cd2
Form4 cd2
 

More from Education

A friendly introduction to differential equations
A friendly introduction to differential equationsA friendly introduction to differential equations
A friendly introduction to differential equationsEducation
 
High-order Assembly Language/Shuttle (HAL/S)
High-order Assembly Language/Shuttle (HAL/S)High-order Assembly Language/Shuttle (HAL/S)
High-order Assembly Language/Shuttle (HAL/S)Education
 
assembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUassembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUEducation
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2Education
 
Data warehousing labs maunal
Data warehousing labs maunalData warehousing labs maunal
Data warehousing labs maunalEducation
 

More from Education (11)

A friendly introduction to differential equations
A friendly introduction to differential equationsA friendly introduction to differential equations
A friendly introduction to differential equations
 
High-order Assembly Language/Shuttle (HAL/S)
High-order Assembly Language/Shuttle (HAL/S)High-order Assembly Language/Shuttle (HAL/S)
High-order Assembly Language/Shuttle (HAL/S)
 
assembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YUassembly language programming and organization of IBM PC" by YTHA YU
assembly language programming and organization of IBM PC" by YTHA YU
 
Network security chapter 1,2
Network security chapter 1,2Network security chapter 1,2
Network security chapter 1,2
 
Lecture 7
Lecture 7Lecture 7
Lecture 7
 
Lecture 6
Lecture 6Lecture 6
Lecture 6
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
Lecture 4
Lecture 4Lecture 4
Lecture 4
 
Lecture 2
Lecture 2Lecture 2
Lecture 2
 
Lecture 1
Lecture 1Lecture 1
Lecture 1
 
Data warehousing labs maunal
Data warehousing labs maunalData warehousing labs maunal
Data warehousing labs maunal
 

Recently uploaded

ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 

Recently uploaded (20)

ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 

Lecture 3

  • 1. Computer Network Security 1 Program security Two types of program flaws Non-malicious program flaws Malicious program flaws
  • 2. Computer Network Security 2 Non malicious program errors Buffer overflows Incomplete mediation Time-of-check to time-of-use errors
  • 3. Computer Network Security 3 Buffer overflow The computer equivalent of trying to pour two litre of water into a one-litre pitcher A buffer is a space in which data can be held Since memory is finite, so is the buffer The programmer must declare the buffer size
  • 4. Computer Network Security 4 Buffer overflow char sample[10] sets aside ten bytes of memory sample[10]=‘A’; sample[i]=‘A’; All program and data are in memory during execution, sharing the space with the OS, other code and resident routines
  • 5. Computer Network Security 5 Buffer overflow If the extra character overwrites user’s data, it may affect the program’s results but not other programs If it overflows into the user’s program area, and overwrites an instruction to be executed the machine will try to execute 0x41
  • 6. Computer Network Security 6 Security implications The attacker may replace code in system space by other instructions which will cause control to be transferred to the attacker with OS privileges The attacker could replace the return address
  • 7. Computer Network Security 7 Security implementation Identify what you are trying to protect. Determine what you are trying to protect them from. Determine how likely the threats are. Implement steps that protect your assets in a cost effective manner Review the process continuously making improvements when you find a weakness
  • 8. Computer Network Security 8 Incomplete mediation http://www.somesite.com/subpage/userinput&para m1=(808)555-1212&param2=2002Jan01 What if param2 were 1800Jan01? Or 1800Feb30? Or 2048Min32? Or 1Aardvark2Many? A routine could fail on a data type error Receiving program generates wrong result The receiving program might have a default condition
  • 9. Computer Network Security 9 Time-to-check to time-of-use errors Involves synchronization Modern OSs and processors usually change the order of instruction execution to increase performance Instructions that appear to be adjacent may not be executed immediately after each other, because of intentionally changed order or the effects of other processes in concurrent execution
  • 10. Computer Network Security 10 Time-to-check to time-of-use errors Every requested access must be governed by an access policy stating who is allowed access to what, then the request must be mediated by an access policy enforcement agent An incomplete mediation problem occurs if the access is not checked universally
  • 11. Computer Network Security 11 Time-to-check to time-of-use errors A person draws five $20 bills from his pocket, carefully counts them and places them in front of the seller. When the seller turns around to make his bill, he takes back one $20 bill, hands over the stack of bills, takes his buy and leaves
  • 12. Computer Network Security 12 Time-to-check to time-of-use errors An application request access to a file and passes a data structure. The mediator stores the filename locally and checks for access rights. While the mediator checks for access, the user may modify the locally stored file name and gain access to a different file
  • 13. Computer Network Security 13 Security implication Checking one action and performing another is an example of ineffective access control Solutions: Digital signatures and certificates. Time-of- check is when someone signs and time-of-use is when anyone verifies the signature. If the private key is exposed, the key must be revoked
  • 14. Computer Network Security 14 Failures due to non-malicious flaws ARPANET had hard coded 347 as the size of the node table When a host’s node table reached 348, it crashed
  • 15. Computer Network Security 15 Viruses and other malicious code Much of the work done by programs is invisible to users. How can you tell if a game program does nothing in addition to its expected interaction with you? Malicious people can make programs serve as vehicles to access and change data and other programs Unanticipated or undesired effects in program parts
  • 16. Computer Network Security 16 Malicious code-possibilities Write a message to the screen Stopping a running program Generating a sound Erasing a stored file
  • 17. Computer Network Security 17 Kinds of malicious code 􀂄 Virus 􀂄 Trojan horse 􀂄 Logic bomb 􀂄 Backdoor 􀂄 Worm 􀂄 rabbit
  • 18. Computer Network Security 18 Virus A program that can pass on malicious code to other non-malicious programs by modifying them Virus can be transient or resident Transient virus’s life depends on the life of its host: the virus runs when the host does A resident virus locates itself in memory
  • 19. Computer Network Security 19 Trojan horse A Trojan horse is malicious code that, in addition to its primary effect, has a second, nonobvious malicious effect. As an example of a computer Trojan horse, consider a login script that solicits a user’s identification and password, passes the identification information on to the rest of the system for login processing, but also retains a copy of the information for later, malicious use.
  • 20. Computer Network Security 20 logic bomb A logic bomb is a class of malicious code that “detonates” or goes off when a specified condition occurs. A time bomb is a logic bomb whose trigger is a time or date.
  • 21. Computer Network Security 21 Backdoor A trapdoor or backdoor is a feature in a program by which someone can access the program other than by the obvious, direct call, perhaps with special privileges. For instance, an automated bank teller program might allow anyone entering the number 990099 on the keypad to process the log of everyone’s transactions at that machine.
  • 22. Computer Network Security 22 Worm A worm is a program that spreads copies of itself through a network. The primary difference between a worm and a virus is that a worm operates through networks, and a virus can spread through any medium (but usually uses copied program or data files). Additionally, the worm spreads copies of itself as a standalone program, whereas the virus spreads copies of itself as a program that attaches to or embeds in other programs.
  • 23. Computer Network Security 23 Rabbit Some literature also defines a rabbit as a virus or worm that self-replicates without bound, with the intention of exhausting some computing resources. A rabbit might create copies of itself and store them on disk, in an effort to completely fill the disk, for example.
  • 24. Computer Network Security 24 How viruses attach A virus will do nothing and will not spread unless it is executed. There are many ways to ensure that a virus is executed A setup program may call dozens or even hundreds of other programs, on the distribution disk, already residing on the computer, or resident in memory Human intervention is necessary to start the process
  • 25. Computer Network Security 25 How viruses attach Email attachments The virus code can be embedded in an executable file attachment Objects such as graphics files can contain code to be executed by the editor, so they can be transmission agents for viruses
  • 26. Computer Network Security 26 How viruses attach Appended viruses Viruses that surround a program Integrated virus and replacements
  • 27. Computer Network Security 27 Appended viruses Usually a virus inserts a copy of itself before the first executable instruction in a program Simple and usually effective Typically the user does not notice the effects of the virus since the program does its job as usual
  • 28. Computer Network Security 28 Viruses that surround a program Has control before and after a program execution A virus’ presence may be given away by the file size of the program, so the virus writer may infect the file listing display program to regain control after the file listing is generated but before it is displayed
  • 29. Computer Network Security 29 Integrated viruses and replacements Virus replaces some of its target Virus writer has to know the exact structure of the program Could replace the entire target
  • 30. Computer Network Security 30 Document viruses Most popular Implemented within a formatted document, which contains not only data, but also commands, such as formulae, formatting controls and links etc User sees only the contents of the document, so the virus writers includes the virus in the commands
  • 31. Computer Network Security 31 How viruses gain control A virus has to be invoked instead of the target The virus has to either seem to be the target, or has to push the target out of the way and become a substitute A virus could replace a target by assuming its name The virus can overwrite the target on disk
  • 32. Computer Network Security 32 How viruses gain control The virus can change the pointers in the file tables so that the virus is located instead of the target
  • 33. Computer Network Security 33 Desirable qualities in viruses Hard to detect Not easily destroyed Spreads widely Re-infect its home program or other programs Easy to create Machine independent and OS independent
  • 34. Computer Network Security 34 Homes for viruses One time execution Boot sector viruses Memory-resident viruses Other homes
  • 35. Computer Network Security 35 One-time execution Majority of viruses today execute only once, spreading their infection and causing their effect in that one execution A virus often arrives as an email attachment of a document virus and is executed just by opening it
  • 36. Computer Network Security 36 Boot sector viruses A given hardware platform can run many different OS The boot sector contains a boot loader to load the particular OS into memory and run it To accommodate large boot loaders, chaining is used The virus may break the chain anywhere and insert itself Appeal: virus gains control early, when no detection tool is running, and is invisible to file listing
  • 37. Computer Network Security 37 Memory resident viruses Some portions of the OS and a few specialized user programs would take too long to reload each time they are needed, so they are kept in memory and are called resident code e.g., routines that interpret keys pressed on the keyboard, error control, alarm clock Virus attached to resident code
  • 38. Computer Network Security 38 Other homes for viruses Application macros Libraries Compilers, linkers Runtime monitors, runtime debuggers Anti-virus
  • 39. Computer Network Security 39 Virus signatures A virus can not be completely invisible Code must be stored somewhere and must be in memory A virus executes in a particular way and uses a certain method to spread Each of these characteristics yields a telltale pattern called a signature
  • 40. Computer Network Security 40 Virus effects and causes
  • 41. Computer Network Security 41 Virus effects and causes
  • 42. Computer Network Security 42 Execution patterns A virus writer may want a virus to do several things at the same time Spread infection Avoid detection Cause harm
  • 43. Computer Network Security 43 Transmission patterns Viruses can travel During the boot process Over a network connection Host’s execution Remain in memory to infect other diskettes
  • 44. Computer Network Security 44 Polymorphic viruses Virus signature is the most reliable way to detect a virus A clever virus writer can cause something other than specific strings to be in portions where a virus scanner would look for those strings A virus that can change its appearance is called a polymorphic virus
  • 45. Computer Network Security 45 Polymorphic viruses Two-form virus can be treated as two independent viruses, so the virus writer will want a large or unlimited number of forms A polymorphic virus has to randomly reposition all parts of itself and randomly change all fixed data A virus may randomly intersperse harmless instructions throughout its code
  • 46. Computer Network Security 46 Prevention of virus infection Not to share executable code with infected source This was easy to do, as executable files had a particular extension Today seemingly non-executable files can contain executable code Programs are usually configured to activate this code automatically, such as open attachments
  • 47. Computer Network Security 47 Prevention of virus infection The file type is hidden in a field at the start of a file, so Windows would try to open an executable file with a non-executable extension, with the appropriate program, failing which the executable code will be run Since you can not know which sources are infected, assume that every outside source is infected
  • 48. Computer Network Security 48 Prevention Use only software acquired from reliable and well-established vendors Test all software on an isolated computer Open attachments only when you know them to be safe Make a recoverable system image and store it safely Make and retain backup copies of executable system files Use virus detectors
  • 49. Computer Network Security 49 Trapdoors An undocumented entry point into a module Inserted during code development, perhaps to test the module, or to provide hooks by which to connect future modifications, or enhancements, or to allow access if the module should fail in the future
  • 50. Computer Network Security 50 Trapdoors-Examples Programs are prepared in modules, each tested in “unit testing” and then integrated and tested in “integration testing”, to see how they function as they send messages and data from one to the other Rather than paste all modules together in a big bang approach, the modules are grouped into several logical clusters of a few components each Each cluster is tested in a way that allows testers to control and understand what might make a component or its interface fail
  • 51. Computer Network Security 51 Trapdoors-Examples During component testing, the tester cannot use the surrounding routines that prepare input or work with output, so they write “stubs” and “drivers” to inject data in and extract results These stubs and drivers are later discarded because they are replaced by the actual components The programmers embed debugging code into suspicious components To control stubs or invoke debugging code, the programmer embeds special control sequences in the component’s design, specifically to support testing
  • 52. Computer Network Security 52 Trapdoors-Examples Command insertion is a recognized testing practice, if left in place after testing, the extra commands can become a problem The Internet Worm spread itself due to exactly this kind of a trapdoor in an email program Poor error checking is another source of trapdoors Trapdoors can be useful for system auditing or testing, but they must be documented and access must be protected
  • 53. Computer Network Security 53 Trapdoors-causes Trapdoors can persist in programs because the developer: forgot to remove them Intentionally left it there for testing Intentionally left it for maintenance Left there for covert access
  • 54. Computer Network Security 54 Covert channels Programs that communicate information to people who shouldn’t receive it The communication accompanies other perfectly proper communications e.g., a student may communicate correct answer choices by coughing once for ‘a’, clearing her throat for ‘b’ and so on One way for the programmer to have a covert channel is to write to a file, print it out A programmer should not have access to data once the program is in operation
  • 55. Computer Network Security 55 How to create covert channels A printed report would be too obvious Encode data values into a different report format Storage channels: pass information by using the presence or absence of objects in storage e.g., lock or not lock a file to signal one bit of information Other ways would be consume disk quota Timing channels: pass information by the speed at which things happen e.g., using or not using an assigned amount of computing time (quantum)
  • 56. Computer Network Security 56 How to prevent these flaws Good software engineering practices Operating system controls Administrative controls Program controls in general
  • 57. Computer Network Security 57 ANY QUESTIONS ?