软体品质与资讯安全41课件

軟體品質與資訊安全交通大學資訊工程系黃世昆OutlineBackgroundSoftwareAttackBasicSoftwareProcessVulnerabilitySoftwareExploitabilityDynamicandStaticDefenseConclusionSoftwareAttackBasicTheStrengthofCryptography“128-bitkeysmeanstrongsecurity,while40-bitkeysareweak”“triple-DESismuchstrongerthansingleDES”“2,048RSAisbetterthan1,024bitRSA”“lockyourfrontdoorwithfourmetalpins,eachofwhichinoneof10positions”.Therewillbe10,000possiblekeys…almostimpossibletobreakinNO!!!StrengthofCryptographyBurglarswon’ttryeverypossiblekeysorpickthelock.Theysmashwindows,kickindoors,andusechainsawtothehousewall.Mostofusdesign,analyzeandbreakcryptographicsystem.Fewtrytodoresearchonpublishedalgorithms,protocolsandactualproducts.SecurityAttackDynamicEventoccurduringtheexecutionofapieceofsoftware.Attackmadepossible:weaknessesmustexistinthesystemsequenceofweaknessexploitinginputsignalstothesystemisrequiredThreatthreat:anagentoutsideofasoftwaresystemtoexploitavulnerabilitythroughattacksStateSpaceVulnerabilitySystemstate:currentconfigurationoftheentitiesinthesystemAuthorizedorunauthorizedstate:giveninitialstateusingasetofstatetransitionsdefinedbysecuritypolicyVulnerabilitystate:authorizedstatefromwhichanunauthorizedstatecanbereachedusingauthorizedstateCompromisedstate:theauthorizedstateaboveAttack:beginsinvulnerabilitystateStateSpaceAttackVulnerabilityStateAuthorizedState(compromisedbytheattack)UnauthorizedStateAttack軟體系統缺陷運用軟體發展過程差異狀態溢寫（Y2K，maliciousbufferoverflow)密碼模組設計與實作弱點可執行內涵的安全（WebInternetPlatformSecurity)網路伺服應用軟體缺陷利用SoftwareAttacksImplementationflaws:BufferOverflowAttacksStackOverflowHeapOverflowsDataSegment,SharedMemorySegmentEnvironmentmismatch:TypeSystemAttackstypecontainmentnotsoundmismatchbetweendynamicloadedlibraryandactualargumentsBufferOverflowAttacksInternetWormfingerdinNov2,1988.Overflowthebufferofaremotedaemonorasetuidprograminjectmaliciousmachinecodetotheprogram’saddressspaceoverwritethereturnaddressofsomefunctionLackofagoodstringorbufferdatatypeinCandmisuseofthestandardClibrary’sstringfunction.OverflowAttackMadePossiblewheneverSoftwareFault(bugs)notremovedDeviationbetweenprocesstransition(inter-process)andPhaseinconsistencybetweenanalysis,design,implementationandapplication.Inter-processinconsistency:communicationflawswhenrequirementanalysis,languagetypeinconsistencywhenprogramimplementation,improperconfigurationwheninapplicationProblemsInterfaceCompatibilitySemanticsoflinkingdifferedbetweendistributedenvironmentSemanticGapbetweensecurityprotocolsandimplementationEnvironmentTransitionRestriction:Aprogramcanonlychangeitstypecontext,toanewtypecontextinawaysuchthatthenewcontextisaconsistentextensionoftheoriginalcontext.ComponentComposition:whatistheconsistentextensionofcomponentenvironment?SecurityProblemsRelatedtoSoftwareQualitySystemExploitability:thesystemcanbecompromisedfromanauthorizedstatetoanyunauthorizedstatesAnySystemexploitable?Howtoexploitit?AnySystemFailureexploitable?Howtodoit?Ifthecrashsitedetected,isthesystemexploitable?Howtodoit?Ifthecorruptsitedetected,isthesystemexploitable?Howtodoit?ThoughtsThoughmostCOTSsoftwarehavebeentested,therearestillvulnerabilitiesinsideandthatcausethesoftwarecrashed,eventobeexploited.Wemayfindtherootcauseofthevulnerabilitiesfromthecrashsite.SecurityBreachduetoQualityProblemsProgramscrashoccasionally.VulnerabilitiesinsidecausetheprogramcrashedTofindifwecanExploitthiscrashCouldruntimeexecutionauditingbehelpfultoexploitthiscrash?Instance:crashduetostackandheapoverrunThesituationofstackoverrunstillexists.Detectthesesituationssystematically.Possibletodevelopexploitiveattacksingeneral.SearchingforVulnerabilitiesTracingtool:trussinsolaris,straceinlinux,,RegMoninWindowsWatchingtheprograminteractingwithOS.DebuggersGuideline-BasedAuditingWatchingfordifferencewithdesigndocumentorspecSniffersWatchingtheinteractionbetweentheserverandclient.nm,objdumpUsingDisassemblerdisassemblewatchingforreferencingtovulnerablelibraryfunctions,Iffoundthengoto5.searchfor'subesp,<bignumber>'.(findlocalvariable)Iffoundthengoto5.lookforheapoverflowsandlogicerrorsfigureouthowtogetexecutionintoyourvulnerablefunctionWhatdoweneed?ExecutionpathtovulnerablefunctionCrashsiteapproximationbystackcheckpointWhereisthemaliciousinput?I/Ointerceptionbysystemcallwrapper/InputPollutantTracerBuffersizeExploitpayloadCorruptSiteDetectionConsiderationsLimitationofDebugger(suchasgdb):cannotgetthecallstackfromthecorethecrashiscausedbycorruptionofcallstack(EBP,return).Wecouldusetoolstocheckpointthecallstackperiodicallytodiscoverwhetherifbufferoverrunoccurs.CorruptsiteandCrashsiteFunctionA(…){……}FunctionB(…){callFunctionA(…);}FunctionC(…){callFunctionB(…)}Functioncrash-here(input){charbuf[10];……..statementstocorruptstacksprintf(buf,”%s”,input);callFunctionA(…);FurtherOperations;}CorruptSiteCrashSiteCorruptSiteDetectionnormalcorruptionExceptionhandlercrashKernel32->main->….??????->….Kerner32->exceptionhandler->….IDEA:stackinvariantdetection1.Innormalsituations,callstackcanbetracedbacktothemainfunction.2.InvariantViolation:Can’tbetracedbacktomainStackCorruptedorInterrupted,orEnterexceptionhandlerConsideration:1.TheprocessofCorruptionwon’tbetoolong,2.Itisachallengetofinecalibratethegranularityofstackcheckpoint3.AnotherSolution:FunctioncallwrapperCOTSSoftwareSecurity事前事發事終事後SourceCodeAuditingBufferOverflowDetectionTerminateProcessRecoverreturnaddressandsavedframepointerWhiteHat:BugTrackingBlackHat:DevelopingExploitVendorPatchRelatedWorksAnomalyDetectionUsingCallStackInformation,IEEES&P’03HEALERS:AToolkitforEnhancingtheRobustnessandSecurityofExistingApplications,IEEEDSN2003Run-TimeDetectionofHeap-basedOverflows,USENIXLISA2003RelatedWorkInstrumentingStackGuard(ACompilerforstackprotectionfromsmashingattacks)ProPolice(GCCextensionforprotectingfromstack-smashingattacks)StackShield(A"stacksmashing"techniqueprotectiontoolforLinux)Fat-pointersCyclone(ASafeDialectofC)CCured(Asource-to-sourcetranslatorforCtopreventallmemorysafetyviolations.)RelatedWorkPurify(memorycorruptionandleakdetection)Valgrind(amemorydebugger)BidirectionalDebuggingBitanBiswasandR.Mall,“ReverseExecutionofPrograms”,ACMSIGPLANNotices,Apr,1999BobBoothe,“EfficientAlgorithmsforBidirectionalDebugging”,PLDI2000StackGuardcanaryrandomcanaryterminatorcanaryparameter2parameter1returnaddresscanarybasepointerlocalvariable1localvariable2buffer[]StackShieldGlobalretstackarrayof256entriessavedreturnaddrwhenfunctionalloverwritewhenfunctionreturnRetrangecheckProtectionoffunctionpointeraglobalvariableasboundaryaddressparameter2parameter1returnaddressbasepointerlocalvariable1local