Map
Index
Random
Help
Topics
th

Topic: security leaks and weaknesses

topics > computer science > Group: security



Topic:
database security
Topic:
distributed system security
Topic:
encryption
Topic:
limitations of system security
Topic:
operating system security
Topic:
reliability of distributed systems
Topic:
security by audit trail
Topic:
security of remotely executed code
Topic:
security by secure domains
Topic:
World-Wide Web
Subtopic: virus up

Quote: first computer virus (1971); self-propagating code which grabbed all available disk space [»daviA7_2006]

Subtopic: security problems up

Quote: a survey and taxonomy of actual security flaws [»landCE9_1994]
Quote: easily attacked Multics security via hardware, software, and procedures; extracted or modified sensitive data without detection; 250 manhours of effort [»kargPA6_1974]
Quote: security violations are: unauthorized release of information, modification of information, and denial of resource usage [»satyM8_1989]
Quote: computer security concerns unauthorized disclosure, unauthorized alteration, and denial of service [»mcleJ1_1990]
Quote: risks for computational email--destruction of resources, theft of resources, and deprivation of resources [»boreNS11_1992]
Quote: a security leak occurs if secret data is sent on a public channel instead of a secret channel

Subtopic: weakest link up

Quote: secure the weakest link in the attack tree; look at the entire vulnerability landscape [»schnB_2000]

Subtopic: complexity up

Quote: secure systems should be as simple as possible; complexity is the worst enemy of security [»schnB_2000]

Subtopic: evidence of attack up

Quote: storing the evidence of an attack on the computer under attack is mostly useless

Subtopic: simple failures up

Quote: cryptosystems fail because of organizational problems instead of high-tech attacks; blunders, insider information, or simplistic technical procedures [»andeRJ11_1994]
Quote: no matter what is done, small mistakes with large consequences will still occur; prolonged field testing is necessary for a payment system [»andeRJ5_1996]
Quote: most frauds were due to loopholes caused by design and management errors; exploited opportunistically by operators and customers; for example, shorting the 11 kV feeder to credit a meter [»andeRJ5_1996]
Quote: security setup constributes nothing to useful output; only noticed if audit or attack [»lampBW6_2004]

Subtopic: web attacks up

Quote: use PQL for runtime security protection; dynamically detect and correct SQL injection, cross-site scripting, and path traversal attacks [»martM10_2005]
Quote: URLs can leak authenticators through the Referer header, allows cross-site scripting attacks without eavesdropping [»fuK8_2001]

Subtopic: SQL injection attack up

Quote: precise, sound, efficient analysis for SQL injection; tracks user input non-terminals of a context-free grammar for string variables; tested with PHP [»wassG6_2007]
Quote: an SQL injection attack changes the intended syntactic structure of generated queries

Subtopic: weak password or protocol up

Quote: nearly all cryptographic failures due to protocol or password deficiences; e.g., using nine random characters to protect PGP's private keys [»lensAK9_2001]

Subtopic: buffer overrun up

Quote: Multics avoids buffer overflow -- PL/I strings have a fixed maximum length; data can not be executed; virtual addresses are segmented; stacks grew up instead of down [»kargPA12_2002]
Quote: NUL-terminated strings important for efficiency; allows fixed-length buffer that holds variable-length strings; problem of overrun [»jimT6_2002]
Quote: C allows pointer beyond end of array; leads to buffer overflow [»jimT6_2002]
Quote: tested reliability under system crash by injecting faults; random bit flips in kernel; imitate programming errors such as pointer corruption, copy overrun, off-by-one; most crashes happened within 15 seconds [»chenPM9_1996]
Quote: Java guarantees memory and type safety at runtime and compile time; programs cannot forge pointers, overrun arrays, or apply an operator to the wrong type [»hartPH12_2001]

Subtopic: out-of-thin-air up

Quote: disallow out-of-thin-air changes for incorrectly synchronized code; e.g., x,y=0; y=x and x=y; x==42 [»mansJ1_2005]

Subtopic: covert channel, out-of-channel signaling up

Quote: can circumvent a security system by out-of-channel signaling, e.g., by toggling use of a file [»dennPJ_1980]
Quote: secure file manager maintains a complete history of the last five minutes; prevents frequent versions of the same file for a pattern-of-use channel [»rushJ7_1983]
Quote: can use statistical methods to violate security of access-control systems [»dennPJ_1980]
Quote: a secure kernel still may prevent access due to poor scheduling, or communicate implementation via behavior under load [»robiL9_1975, OK]
Quote: covert channel analysis--bound the rate that high-level input can effect low-level output [»mcleJ1_1990]
Quote: covert channels easily leak a cryptographic key; created through a shared resource such as white space [»schnB_2000]
Quote: secure systems need to confine data to a domain; problems if share resource, e.g., channel of 'disk hits' allows 70baud
Quote: remotely-loaded code may have security flaws. For example, Java has many security flaws such as covert channels and lacking a formal security policy [»deanD5_1996]

Subtopic: insecure language up

Quote: Microsoft gave up on security by adding C and C++ to the CLR; unsafe regions in C# allow unrestricted pointer operations [»allmE7_2004]
Quote: Cyclone is a safe dialect of C; avoids buffer overflows, format string attacks, and memory management errors; static analysis plus run-time checks and annotations [»jimT6_2002]

Subtopic: denial of service up

Quote: Andrew does not guarantee resource denial; e.g., flooding network with packets has no clear solution
Quote: EROS truncates messages to undefined destinations; otherwise, fault handlers may lead to denial-of-service, buffering creates local state, and timeouts are not repeatable under load [»shapJS1_2002]
Quote: computer security concerns unauthorized disclosure, unauthorized alteration, and denial of service [»mcleJ1_1990]
Quote: survey of denial of service attacks, Internet vulnerabilities, defense mechanisms, and countermeasures [»pengT4_2007]
Quote: botnet software supports SYN flood, ICMP flood, HTTP flood, and denial of service configuration; update to maximize the similarity between attack trafic and normal traffic [»pengT4_2007]
Quote: denial of service defense requires cooperation between ISPs to block malicious traffic near its source [»pengT4_2007]

Subtopic: trap door up

Quote: QA and ethical hacks are useless against trap doors triggered by a unique key [»kargPA12_2002]
Quote: easily demonstrated malicious software attacks; e.g., a trap door triggered by a password, not found by quality assurance [»kargPA12_2002]
Quote: invisible trap door in a compiler that installed trap doors into Multics; used by Ken Thompson [»kargPA12_2002]
Quote: can recompile the C compiler to introduce Trojan horse bugs invisibly [»thomK8_1984]
Quote: a compiler or assembler can insert a trap door when compiling a ring 0 module; hidden even when recompiling the compiler [»kargPA6_1974]
Quote: use system initialization code to insert trap doors as the system is booted; initialization is complex and poorly understood [»kargPA6_1974]
Quote: conventional computer systems do not enforce multilevel security; subverted by trap doors and trojan horses [»rushJ7_1983]
Quote: the World Wide Military Command and Control System was developed and deployed by uncleared personnel using an open time sharing system; vulnerable to trap door insertions [»kargPA6_1974]

Subtopic: man-in-the-middle up

Quote: verify the integrity of an embedded device by computing partial hash of its contents; problem of man in the middle attack [»spinD2_2000]
Quote: an active adversary can see and modify all communications traffic; e.g., a proxy service and man-in-the-middle attacks [»fuK8_2001]
Quote: public-key cryptosystems are vulnerable to forgery and man-in-the-middle attacks [»zimmPR_1995]

Subtopic: remote code up

Quote: remotely-loaded code may have security flaws. For example, Java has many security flaws such as covert channels and lacking a formal security policy [»deanD5_1996]

Subtopic: superuser access up

Quote: an active security mechanism builds a security envelope between clients and storage; system administrators have full access
Quote: the Unix super-user has unrestricted access rights [»ritcDM7_1978a]

Subtopic: replay attack up

Quote: synchronized clocks in Kerberos reject replay attacks without cost of challenge-response protocols; every connection has a new session-key; uses a replay cache [»daviD6_1995]
Quote: an eavesdropping adversary can see, but not modify, traffic between users and server; can replay authenticators and act as an interrogative adversary [»fuK8_2001]
Quote: Andrew's authentication procedure depends on a shared, encrypted handshake key; randomized to prevent replay attacks [»satyM8_1989]

Subtopic: phishing up

Quote: SSL establishes a secure connection between a browser and an unknown SSL server; users ought to check the SSL certificate that identifies the server [»schnB_2000]

Subtopic: adaptive attack up

Quote: fast public-key encryption based on modular squaring; secure against an adaptive chosen-ciphertext attack [»nishM12_2001]

Subtopic: masquerade attack up

Quote: a call-back, prevents a site from masquerading as another site [»nowiDA8_1978]
Quote: can catch masquerades if each machine maintains a sequence count with other machines and verifies the previous count [»nowiDA8_1978]

Subtopic: audit attack up

Quote: an attacker can bypass the auditing capabilities of a security system by erasing evidence [»kargPA12_2002]

Subtopic: cryptographic key size up

Quote: guidelines for selecting the cryptographic key size; acceptable security for commercial applications [»lensAK9_2001]

Subtopic: hardware failures up

Quote: the subverter frequently sampled the security sensitive hardware; identified code that allowed illegal access to a protected segment; was due to a field modification [»kargPA6_1974]

Subtopic: soft memory attack up

Quote: can write a Java or .NET program so that most memory errors break security of the virtual machine; defend with error-correcting memory [»goviS5_2003]
Quote: computers do not guarantee absence of hardware faults; breaks proof of soundness of link-time type-checking; e.g., cosmic rays or heat-induced faults
[»goviS5_2003]

Related Topics up

Topic: database security (12 items)
Topic: distributed system security (17 items)
Topic: encryption (45 items)
Topic: limitations of system security (39 items)
Topic: operating system security (18 items)
Topic: reliability of distributed systems (35 items)
Topic: security by audit trail (18 items)
Topic: security of remotely executed code (24 items)
Topic: security by secure domains (45 items)
Topic: World-Wide Web
(42 items)

Updated barberCB 6/05
Copyright © 2002-2008 by C. Bradford Barber. All rights reserved.
Thesa is a trademark of C. Bradford Barber.