Anti-Subversion Software: Difference between revisions

Content deleted Content added

Inline

Latest revision as of 08:18, 8 September 2024

Software subversion is the process of making software perform unintended actions either by tampering with program code or by altering behavior in another fashion. For example, code tampering could be used to change program code to load malicious rules or heuristics, SQL injection is a form of subversion for the purpose of data corruption or theft^[1] and buffer overflows^[2] are a form of subversion for the purpose of unauthorised access. These attacks are examples of computer hacking.

Anti-Subversion Software detects subversion and attempts to stop the effects of the hack. Software applications are vulnerable to the effects of subversion throughout their lifecycle from development to deployment, but particularly in operation and maintenance.^[3]

Anti-subversion protection can be accomplished in both a static and dynamic manner:

Static anti-subversion is performed during the construction of the code. The code is statically tested and verified against various attack types by examining the program source code. Examples of static anti-subversion include security auditing, code verification, and fuzzing. Static anti-subversion is generally seen as a good coding practice, and is deemed necessary in some compliance regimes. However, static solutions cannot prevent all types of subversion attacks.
Dynamic anti-subversion is performed during code execution. The code is dynamically protected against subversion by continuously checking for unintended program behaviours. Examples of dynamic anti-subversion include application firewalls, security wrappers, and protection embedded in the software.^[4]

Software applications running on desktops, corporate servers, mobile devices and embedded devices are all at risk from subversion.^[5]

References

^ "Business Insights and Resources" (PDF). Archived from the original (PDF) on 2012-04-03.
^ Glynn, Fergal (2012-04-19). "On Buffer Overrun Vulnerabilities, Exploits and Attacks". Infosec Island. Archived from the original on 2020-01-03.
^ "Build Security in | CISA". Archived from the original on 2012-06-13. Retrieved 2012-05-11.
^ Metaforic^{[circular reference]}
^ "Security in the Age of Mobility" (PDF). Trend Micro. 2012. Archived from the original (PDF) on 2012-08-19.

[1] "Business Insights and Resources" (PDF). Archived from the original (PDF) on 2012-04-03.

[2] Glynn, Fergal (2012-04-19). "On Buffer Overrun Vulnerabilities, Exploits and Attacks". Infosec Island. Archived from the original on 2020-01-03.

[3] "Build Security in | CISA". Archived from the original on 2012-06-13. Retrieved 2012-05-11.

[4] Metaforic^{[circular reference]}

[5] "Security in the Age of Mobility" (PDF). Trend Micro. 2012. Archived from the original (PDF) on 2012-08-19.

[1]

[2]

[3]

[4]

[5]

@@ Line 1: / Line 1: @@
+<!-- Please do not remove or change this AfD message until the discussion has been closed. -->
+{{Article for deletion/dated|page=Anti-Subversion Software|timestamp=20240831145612|year=2024|month=August|day=31|substed=yes|help=off}}
+<!-- Once discussion is closed, please place on talk page: {{Old AfD multi|page=Anti-Subversion Software|date=31 August 2024|result='''keep'''}} -->
+<!-- End of AfD message, feel free to edit beyond this point -->
 [[Software subversion]] is the process of making software perform unintended actions either by tampering with program code or by altering behavior in another fashion. For example, code tampering could be used to change program code to load malicious rules or heuristics, [[SQL injection]] is a form of subversion for the purpose of [[data corruption]] or theft<ref>{{Cite web |title=Business Insights and Resources |url=http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf |archive-url=https://web.archive.org/web/20120403143752/http://www.verizonbusiness.com/resources/reports/rp_data-breach-investigations-report-2012_en_xg.pdf |archive-date=2012-04-03}}</ref> and [[buffer overflow]]s<ref>{{cite web |last1=Glynn |first1=Fergal |title=On Buffer Overrun Vulnerabilities, Exploits and Attacks |url=http://www.infosecisland.com/blogview/21004-On-Buffer-Overrun-Vulnerabilities-Exploits-and-Attacks.html |website=Infosec Island |archive-url=https://web.archive.org/web/20200103060338/http://www.infosecisland.com/blogview/21004-On-Buffer-Overrun-Vulnerabilities-Exploits-and-Attacks.html |archive-date=2020-01-03 |date=2012-04-19 |url-status=dead}}</ref> are a form of subversion for the purpose of unauthorised access. These attacks are examples of computer hacking.
-'''Anti-Subversion Software''' detects [[subversion]] and attempts to stop the effects of the hack. Software applications are vulnerable to the effects of subversion throughout their lifecycle from development to deployment, but particularly in operation and maintenance.<ref>{{Cite web|url=https://buildsecurityin.us-cert.gov/bsi/547-BSI.html|title = Build Security in &#124; CISA}}</ref>
+'''Anti-Subversion Software''' detects [[subversion]] and attempts to stop the effects of the hack. Software applications are vulnerable to the effects of subversion throughout their lifecycle from development to deployment, but particularly in operation and maintenance.<ref>{{Cite web|url=https://buildsecurityin.us-cert.gov/bsi/547-BSI.html|title=Build Security in &#124; CISA|access-date=2012-05-11|archive-date=2012-06-13|archive-url=https://web.archive.org/web/20120613221731/https://buildsecurityin.us-cert.gov/bsi/547-BSI.html|url-status=dead}}</ref>
 Anti-subversion protection can be accomplished in both a static and dynamic manner: