3. Cross-site scripting (XSS)
• is a type of computer security vulnerability typically found in web
applications. XSS enables attackers to inject client-side script into web
pages viewed by other users. A cross-site scripting vulnerability may be
used by attackers to bypass access controls such as the same-origin policy.
Cross-site scripting carried out on websites accounted for roughly 84% of all
security vulnerabilities documented by Symantec as of 2007.Their effect
may range from a petty nuisance to a significant security risk, depending on
the sensitivity of the data handled by the vulnerable site and the nature of
any security mitigation implemented by the site's owner.
5. Emerging defensive technologies
• Content security policy
• JavaScript sandbox tools
• Auto-escaping templates
These mechanisms are still evolving but promise a future of
heavily reduced XSS attack occurrence.
6. SQL Injection
• SQL injection is a Code injection technique, used to attack data-driven applications, in which
malicious SQL statements are inserted into an entry field for execution (e.g. to dump the
database contents to the attacker).
• A denial-of-service (DoS) attack is an attempt to make a machine or network resource
unavailable to its intended users, such as to temporarily or indefinitely interrupt or
suspend services of a host connected to the Internet.
• A distributed denial-of-service(DDoS) is where the attack source is more than one–and
often thousands of-unique IP addresses.
7. Defense techniques
• Firewalls
• Switches
• Routers
• Application front end hardware
• Application level Key Completion Indicators
• IPS based prevention
• DDS based defense
• Black holing and sink holing
• Clean pipes
8. Arbitrary Code Execution
• Arbitrary code execution is used to describe an attacker's ability to execute any
commands on a target machine or in a target process.
• Arbitrary code execution vulnerability to describe a software bug that gives an
attacker a way to execute arbitrary code.
• A program that is designed to exploit such a vulnerability is called an arbitrary code
execution exploit.
• The ability to trigger arbitrary code execution from one machine on another
(especially via a wide-area network such as the Internet) is often referred to
as remote code execution.
• Arbitrary code execution is commonly achieved through control over the instruction
pointer of a running process.
9. Memory Corruption
•
• Memory corruption occurs in a computer program when the contents of a memory
location are unintentionally modified due to programming errors; this is termed violating
memory safety.
• Memory corruption is one of the most intractable class of programming errors, for two
reasons:
The source of the memory corruption and its manifestation may be
far apart, making it hard to correlate the cause and the effect.
Symptoms appear under unusual conditions, making it hard to
consistently reproduce the error.
10. Memory Corruption
• Memory corruption errors can be broadly classified into four categories:
• Using uninitialized memory
• Using none-owned memory
• Using memory beyond the memory that was allocated (buffer overflow)
• Faulty heap memory management
11. Cross-Site Request Forgery
• Cross-site request forgery, also known as a one-click attack or session riding.
• Several things have to happen for cross-site request forgery to succeed:
The attacker must target either a site that doesn't check the referrer
header or a victim with a browser or plugin that allows referer spoofing
The attacker must find a form submission at the target site, or a URL
that has side effects, that does something (e.g., transfers money, or changes the victim's e-mail
address or password).
The attacker must determine the right values for all the forms or URL
inputs; if any of them are required to be secret authentication values or IDs that the attacker
can't guess, the attack will most likely fail (unless the attacker is extremely lucky in their
guess).
The attacker must lure the victim to a Web page with malicious code
while the victim is logged into the target site.
13. DATA BREACH
•
• A data breach is the intentional or unintentional release of secure information to an untrusted
environment.
• Other terms for this phenomenon include unintentional information disclosure, data
leak and also data spill.
• A data breach is a security incident in which sensitive, protected or confidential data is
copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.
• Many jurisdictions have passed data breach notification laws, requiring a company that has
been subject to a data breach to inform customers and take other steps to remediate possible
injuries.
14. Example of a chart
0
10
20
30
40
50
60
70
80
90
1st Qtr 2nd Qtr 3rd Qtr 4th Qtr
East
West
North
South
16. Examples of default styles
• Text and lines are like
this
• Hyperlinks like this
• Visited hyperlinks like
this
Table
Text box
Text box
With shadow
17. Reference
"Web Application Security Overview". 2015-10-23.
Jump up^ "The Ghost in the Browser" (PDF). Niels Provos et al.
May 2007.
Jump up^ "All Your iFrames Point to Us" (PDF). Niels Provos et al.
February 2008.
Jump up^ "Improving Web Application Security: Threats and
Countermeasures". Microsoft Corporation. June 2003.
Jump up^ "Microsoft fortifies IE8 against new XSS exploits". Dan
Goodin, The Register. February 2009.
Jump up^ "Testing and Comparing Web Vulnerability Scanning
Tools for SQL Injection and XSS Attacks" (PDF). Fonseca, J.; Vieira,
M.; Madeira, H., Dependable Computing, IEEE. Dec 2007.
Jump up^ "CWE/SANS Top 25 Most Dangerous Programming
Errors". CWE/SANS. May 2009.
18. Reference
• Jump up^ "2012 Global Losses From Phishing Estimated At $1.5 Bn".
FirstPost. February 20, 2013. Retrieved December 21, 2014.
• Jump up^ "2012 Trends Report: Application Security Risks". Cenzic, Inc.
11 March 2012. Retrieved 9 July 2012.
• Jump up^ Shuaibu, Bala Musa; Norwawi, Norita Md; Selamat, Mohd
Hasan; Al-Alwani, Abdulkareem (2013-01-17). "Systematic review of web
application security development model". Artificial Intelligence
Review 43 (2): 259–276. doi:10.1007/s10462-012-9375-6. ISSN 0269-2821.
• Jump up^ "The Web Hacking Incidents Database". WASC. January 2010.
• Jump up^ "Web Application Vulnerability Scanners". NIST.
• Jump up^ "Source Code Security Analyzers". NIST.
• Jump up^ "Fuzzing". OWASP.
• Jump up^ "Web application firewalls for security and regulatory
compliance". Secure Computing Magazine. February 2008.
•