CSCI262SystemSecurity Spring2011 (Wollongong)
CSCI262SystemSecurity Spring2011 (Wollongong)
(Wollongong Campus)
Examination Paper
Spring Session 2011
Part A
1) The phrase “Something you have, something you
the bases of
know, or something you are” refers to ___________
authentication. In authentication, something you
___________________________________________
have, something you know or something you are
___________________________________________
refers to the three factors use in authentication. An
___________________________________________
example of something you have is a staff card,
___________________________________________
something you know is a password, and something
___________________________________________
you are is a fingerprint
____________________.
SIM-2016-S3-CSCI262-S, Slide
Part A
viruses , Trojan
2) Three types of malware are _______ horses
___________
worms
and _______.
SIM-2016-S3-CSCI262-S6a, Slide 8
Part A
3) Stack randomization is used to protect against ___
buffer overflow attack
_________________________ and works by ____
randomizing the new buffer location, the new
________________________________________
instance of the program run is probably in a
________________________________________
different memory location and hence make the
________________________________________
overflow attack difficult.
_____________________
Part A
DOS
4) CAPTCHA can be used as protection against ______
(Denial of Services) attacks because ____________
________________ bot (zombies)
__________________________________________
or automated system cannot read distorted image
and hence this can be used to differentiate
__________________________________________
between a human (person) accessing system and a
__________________________________________
zombie accessing a system
______________________.
Part A
protecting a database
5) SQL rand is a mechanism for __________________
adding a random key to
against SQL injection by ______________________
__________________
SQL keyword (internally). Before the keywords are
___________________________________________
actually sent to the database, the random key is
___________________________________________
_________
removed.
SIM-2016-S3-CSCI262-S9c, Slide 10
Part A
6) Salt is used in UNIX
_______________________________
based password system, where
___________________________
the password and salt is hashed to hide the
a user and the password
relationship between _________________________
used. In the event an intruder is able to get the
___________________________________________
password file, the intruder is not able establish the
___________________________________________
association of the password to its user because the
___________________________________________
salt is a value that is randomly generated.
___________________________________
SIM-2016-S3-CSCI262-S2a, Slide 43
Part A
an abbreviation for cross site scripting. It is
7. XSS is _____________________________________
a type of injection attacks in which an attacker can
__________________________________________
use to send a malicious script to an unsuspecting
__________________________________________
user and exploits ___________________________
____ vulnerabilities of dynamic web
pages, in particular, it involves the use of those
__________________________________________
vulnerabilities to gather data from a user that should
___________________________________________
not be gathered.
______________
SIM-2016-S3-CSCI262-S5b, Slide 38
Part A
removing
8) Sanitisation in the context of logs involves ________
information from the log that a user should not be
___________________________________________
able to see to provide _______________________.
__________ confidentiality of the log
Part A
9) Two classes of intruder that an intrusion detection
clandestine,
system may attempt to find are: _______________
who try to avoid the intrusion detection or
_________________________________________
auditing system and _______________________
______________ masquerader, who pretend
to be a legitimate user.
________________________________
SIM-2016-S3-CSCI262-S8a, Slide 5
Part A
“It is
10) Cohen’s undecidability theorem states __________
undecidable whether an arbitrary program
_________________________________________
contains a computer virus.”
_______________________
SIM-2016-S3-CSCI262-S6a, Slide 64
Part A
internal attackers
11) A firewall cannot protect against _______________
services that by-pass the firewall, e.g., dial-up
or _______________________________________
connection
__________.
SIM-2016-S3-CSCI262-S8c, Slide 9
Part A
entry as a
12) Single sign-on has a single point of ______
multiple systems, using a master
gateway to _________________________________
password, necessitating an equivalent number of
_________________________________________
sign-on dialogues, each of which may involve
_________________________________________
different usernames and authentication
_________________________________________
information
___________.
Part A
13) A minimum time between password changes is
specified so users ___________________________
are able (force) to change the
__________________________________________
password and to make sure that the passwords are
__________________________________________
secured from attacker who may be trying to hack
______________.
their passwords
Part A
14) The channels uses in two channel authentication
between each other where one
are different _______________________________
channel is between client and server, and the
__________________________________________
other is between server to client and must be ____
___________________________
independent
___________.
Part A
Role-base
15) Protection rings are an example of _____________
access control
____________.
Part A
permission may be
16) The BLP ds-property provides _________________
passed from an authorized subject to another,
_________________________________________
level authorized subject
____________________.
Part A
17) The two primary aims of digital forensics are to
gather evidence from computer devices to
_______________________________________
investigate a crime or to recover lost data
______________________________________.
Part A
18) Pharming is more technical and less social
engineering than deceptive phishing because
it involves technology to perform the phishing act. It
___________________________________________
is carried out by modifying the hosts file through
___________________________________________
virus or “poison” DNS servers
__________________________.
Part A
19) Consider that file A is infected with a virus, and that
file B is not currently infected. File B can be directly
infected by the actions of Carol if ________________
she executes file A
and writes file B after that. By executing file A, Carol
___________________________________________
will be infected with the virus and by writing file B,
___________________________________________
the virus will be spread to infect file B
________________________________.
Part A
20) An advantage of stateless puzzles over stateful puzzle
is that __________________________________.
the answer to stateless puzzle is nothing
Part B – Question 1 …1
1) Describe why tailored, or spear, phishing attacks, and tailored
dictionary attacks, are more effective than, respectively, general
phishing or dictionary attacks. You will need to explain the idea of
tailoring.
Tailored/spear phishing and tailored dictionary attack are
more effective than general phishing. This is because,
tailored phishing attack involves using what we know about
somebody to increase the chances of the attack being
successful while general phishing is total brute force which
is inefficient compared to tailored phishing.
Part B – Question 2 ...1
2) Describe in detail how the one-time password system of Lamport
works.
One-time password refers to a password that can be used only for
one session or one transaction. Lamport’s one-time password is one
example of such password. Lamport’s one-time password consists of
two parts, the setup and the process as follows:
Setup:
• In the setup process, a user is selecting a password that is secret to
him/her.
• The system will then use this password, together with some value,
say n, generate a sequence of passwords 𝑝1 , 𝑝2 , … 𝑝𝑛 .
Part B – Question 2 ...2
Process:
• A user, let’s say Alice, request for connection to a server.
• The server issues a challenge n;
• The user responds with one-time password which is generated as
ℎ𝑛−1 𝑝𝑎𝑠𝑠𝑤𝑜𝑟𝑑
• The server checks if ℎ ℎ𝑛−1 𝑝𝑎𝑠𝑠𝑤𝑜𝑟𝑑 = ℎ𝑛 𝑝𝑎𝑠𝑠𝑤𝑜𝑟𝑑
• If it matches, then server accepts the communication request. If it
does not, the server rejects the communication request.
• Once the user has been authenticated, the server needs to update its
information.
Part B – Question 2 ...3
Process: (cont…)
• The system will then replace 𝑥𝑛 = ℎ𝑛 𝑝𝑎𝑠𝑠𝑤𝑜𝑟𝑑 with the one-time
password sent by the user’s, that is, 𝑥𝑛−1 = ℎ𝑛−1 𝑝𝑎𝑠𝑠𝑤𝑜𝑟𝑑 .
• The value 𝑛 is replaced by 𝑛 − 1.
• When 𝑛 reaches 0, the system will have run out of passwords in the
hash chain and will have to run a new setup process, with a new base
password.
Part B – Question 2 ...4
• Lamport’s one-time password works because the system define 𝑝𝑖 to
be 𝐻 𝑛−1 𝑝 where H is a hash function known to all, e.g., MD5() in
our Assignment 1. In this way, attacker cannot derive future password
from a past password. For example, after 𝑝6 , which is equals
𝐻 𝑛−6 𝑝 , the attacker can compute 𝐻 𝑝6 , which equals 𝐻 𝑛−5 𝑝 ,
the already used password 𝑝5 . The attacker cannot compute 𝑝7
because 𝑝7 equals 𝐻 𝑛−7 𝑝 , and computing 𝐻 7 𝑝 from 𝐻 6 𝑝
would require the attacker to computer the inverse of 𝐻 or to know
p, but H is a cryptographic hash function.
Part B – Question 3 …1
3) Explain what inference and aggregated data are, and
how one uses the other. Explain the context and
describe how indirect attacks use something more
than aggregate data.
Part B – Question 3 …2
Aggregate data is a single aggregated value over the
column information and inference data are data which
are derived using the aggregated data. Aggregate over
a small sample leaks out information which is known as
direct attacks. Indirect attack is where information from
the external source is combined with the aggregate
data.
Part B – Question 3 …3
An example of direct attack is an average salary of all employees older
than 60 discloses an exact value of salary if exactly one employee older
than 60 is employed.
An example of indirect attack is that we know, independent of the
database, who lives in which suburb and who is a member of which
department, the query …
SELECT SUM(SALARY), COUNT(*)
FROM EMPLOYEE
WHERE GROUP BY DEPTNAME, SUBURB;
… may then disclose the salaries of the employees who are the only
people employed in a department and living in a particular suburb.
Part B – Question 4 …1
4) Briefly explain the difference between logging and
auditing. Describe two specific considerations when
determining what should be logged and audited, and
explain how they may influence your decisions.
Part B – Question 4 …2
Logging is the recording of events or statistics to provide
information about the system use, misuse and performance.
Auditing is analysis of log records obtained by logging and
present information about the system in a clear and
understandable manner. The two considerations are, we need
to consider how attempts to violate the security policies could
be made and we need to consider how such attempts can be
detected. It may influence many decision as there is no point
detecting the problem if we do not know the indicating
factors.
Part B – Question 5 …1
5) Explain the ideas of threshold models and statistical
models in the context of an intrusion detection
system. Give a specific example of applying a
threshold. Explain the idea of data aging in the
context of the statistical models.
Part B – Question 5 …2
Statistical model for anomaly detection is where statistic of
past data is used to detect the anomaly and threshold model
which is the simplest statistical model is where an alarm is
triggered if more than the certain number of something
happened or less than the certain number of something is
happened. An example is login event. If there is more than 5
login per day, an alarm may be raised. We should not heavily
rely on old statistic. If we are accumulating data over a period
of time and taking it all into account, we should weight the
data as a function of time.
Part B – Question 6 …1
6) What is a “sandbox environment”? What role do
sandbox environments play in the security of mobile
code, in the detection of malware and in honeypots?
Sandbox environment is a virtual environment which
restrict sharing by controlling the domain
boundaries. it plays an important role since if a
software is suspected to be malware and it is
affected, only that virtual environment vector is
affected leaving the domain environment safe.
Part B – Question 7 …1
7) What are obfuscation and reverse engineering?
Explain how they are related. Describe two simple
transformations that could be used in obfuscation.
Reverse engineering is to take an executable and figuring out what
is going on the inside or the design process and obfuscation in
terms of code obfuscation is to encode/encrypt the source code so
that it is not easily readable. They are related where reverse
engineering is trying to produce the source code from the
executable but code obfuscation make it difficult to reverse
engineer and obtain the code.
Part B – Question 8 …1
8) What role does a bastion host play in firewall
deployment? Sketch the model of a system
containing a single-homed bastion host.
Bastion host are the host that the firewall
administrator identifies as critical points in the
security of the network. They usually have a limited
functionality, to reduce exposure to weakness and
improve performance and serve as a platform for an
application-level gateway.
Part B – Question 8 …2
SIM-2016-S3-CSCI262-S8c, Slide 27
Part C – Question 1 …1
1) This question relates to access control models:
a) State what BLP attempts to control, and the BLP policy.
b) State what Biba attempts to control, and the Biba policy.
c) The BLP and Biba rules are apparently very restrictive if applied
together. Explain why. Explain how this apparent conflict can be
resolved.
d) If we have a lattice model with security levels (secret, {A,B}) and
(secret, {B,C}) is it necessary for there to be a security level that
dominates both? Justify your answer.
Part C – Question 1 …2
a) State what BLP attempts to control, and the BLP policy.
BLP attempts to control the confidentiality of the data. The BLP
policy is no read up, and no write down, and the permission can be
passed from an authorized person to another, level authorized
person.
Part C – Question 1 …3
b) State what Biba attempts to control, and the Biba policy.
a. What are the subject, objects and actions for this scenario?
b. Draw an access control matrix for this scenario. Name and give
an example of each of the list representations. Be sure to label
all parts of your answer.
Part C – Question 5 …2
c. If we want to efficiently determine all the actions available to a
subject, which of the two list representations are appropriate
and why?
d. Assuming the statements were not going to change, could we
simplify the representation of access control using some sort of
grouping? Explain your answer carefully.
Part C – Question 6 …1
6) The following questions relate to database security.
a. Name and describe two methods of providing protection against
inferential attacks.
b. What is the purpose of a role in a database system?
c. Name and describe two of the ACIDity properties.
d. In what way do the entity integrity and referential integrity rules
relate to the consistency of a database system?
Part C – Question 6 …2
a. Name and describe two methods of providing protection
against inferential attacks.