1

SECURITY IN
COMPUTING,
FIFTH EDITION
Chapter 3: Programs and Programming

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 2

Objectives for Chapter 3

• Learn about memory organization, buffer
overflows, and relevant countermeasures
• Common programming bugs, such as, race
conditions, and incomplete mediation
• Survey of past malware and malware capabilities
• Virus detection
• Tips for programmers on writing code for security

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 3

Program Security Failures

• Security failures can result from intentional or non-
malicious causes
• Intentional = Malware
• Non-malicious = Bad Coding

• Program error → fault(Mistakes) → a failure

• Incorrect operation is an integrity failing

• Benign errors can be and often are exploited for malicious

impact

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 4

Software Development
• SDLC (Software Development Life Cycle):
framework that defines the steps involved in the
development of software at each phase. It covers the
detailed plan for building, deploying and maintaining the
software.
SDLC Phases:
• 1) Requirement Gathering and Analysis.
• 2) Design.
• 3) Implementation or Coding.
• 4) Testing.
• 5) Deployment.
• 6) Maintenance.
 5

SDLC Principles

o Developers should always remember confidentiality, integrity,

and availability

▪ Confidentiality • Ensures that only authorized users can access the

data

▪ Integrity • Ensures that the data is not modified or altered without

permission

▪ Availability • Ensuring that data is available to authorized users

when it is needed

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 6

Computer Components
• Central Processing Unit (CPU)
• The calculator of the computer
• Process data and executes instruction

• Memory (RAM)
• A short-term location to store data and instructions to be
used by the CPU
• Data is cleared after reboot

• Hard Disk or Hard Drive

• A long-term place to store data
• Data is not cleared after reboot

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 7

Buffer Overflows
• Occurs when a process stores data outside the memory
range allocated by the developer
• An attacker’s inputs are expected to go into regions of memory
allocated for data
• Those inputs are instead allowed to overwrite memory holding
executable code

• Often come from innocent programmer oversights or

failures to document and check for excessive data

• The trick for an attacker

• Finding buffer overflow opportunities
• Finding the right code to input

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 8

Example Buffer Overflows

Phone number
4444-4321

Example of 8 digit buffer A

4 4 4 4 4 3 2 1

What happens if we try to enter a number that is too long?

555-444-432

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 9

Example Buffer Overflows

555-444-4321
Example of 8 digit buffer A

Example of 8 digit buffer A

4 5 5 4 4 4 4 3

Example of 8 digit buffer B

2 1
Buffer overflows

• Buffer: A temporary storage area that a program uses to

store data
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 10

Overflow Countermeasures

• Staying within bounds

• Check lengths before writing
• Limit input to the number of acceptable characters
• Many languages have overflow protections
• Code analyzers can identify many overflow vulnerabilities

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 11

Overwrite
• Another piece of your program’s data
• An instruction in your program
• Data or code belonging to another program
• Data or code belonging to the operating system
• Overwriting is a program’s instructions gives attackers
that program’s execution privileges
• Overwriting operating system instructions gives attackers
the operating system’s execution privileges

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 12

Incomplete Mediation
• Inputs to programs are often specified by
unauthorized users
• Complete Mediation: Verifying that the
subject is authorized to perform the
operation on an object
• Preventing incomplete mediation:
• Validate all input
• Limit users’ access to sensitive data and
functions
• Complete mediation using a reference monitor
From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 13

Race Conditions:
When system has a race condition, where the overlap in timing of the
requests causes errant behavior.
A Seat available? Book seat
Yes

Reservation system

B Seat available? No

Time

Example of no race condition

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 14

Race Conditions
A Seat available? Book seat
Yes

Reservation system

B Seat available? Book seat

Yes

Time

Example of race condition

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 15

Malware
• Software designed to infiltrate a computer system and
possibly damage it without the user’s knowledge

• Viruses
• Worms
• Trojan horses
• Ransomware
• Spyware
• Spam
• Logic Bomb

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 16

Malware
• Virus
Code that causes malicious behavior and spread copies of
itself to other programs.
• Worm
Code that propagates copies of itself through a network;
impact is usually degraded performance.
• Trojan horse
Code that, in addition to its stated effect, has a second,
nonobvious, malicious effect.
• Logic Bomb
Malicious code that has been inserted inside a program
and will execute only when certain conditions have been met

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 17

Malware

• Ransomware
Malware that restricts access to a victim’s computer sources
until a ransom is received.
• Spyware
Malware that secretly gathers information about the user
without their consent
• Spam
Activity that abuses electronic messaging systems, most
commonly through email

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 18

History of Malware

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 19

History of Malware (cont.)

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 20

Harm from Malicious Code

• Harm to users and systems:
• Sending email to user contacts
• Deleting or encrypting files
• Modifying system information, such as the Windows System
• Stealing sensitive information, such as passwords
• Attaching to critical system files
• Hide copies of malware in multiple complementary locations
• Harm to the world:
• Some malware has been known to infect millions of systems,
growing at a geometric rate
• Infected systems often become staging areas for new infections

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 21

Transmission and Propagation

• Setup and installer program
• Attached file
• Document viruses
• Autorun
• Using non-malicious programs:
• Viruses that surround a program

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 22

Malware Activation

• One-time execution (implanting)

• Application files
• Code libraries

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 23

Countermeasures for Users

• Use software acquired from reliable sources
• Test software in an isolated environment
• Only open attachments when you know them to be safe
• Treat every website as potentially harmful
• Create and maintain backups

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 24

Virus Detection
• Virus scanners look for signs of malicious code infection
in program files and memory
• Traditional virus scanners have trouble keeping up with
new malware—detect about 45% of infections

• Detection mechanisms:
• Known coding patterns in files or memory
• Execution patterns
• Storage patterns

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 25

Countermeasures for Developers

• Modular code: Each code module should be
• Single-purpose
• Small
• Simple
• Independent

• We follow the above to stop:

• Information hiding
• Mutual Suspicion
• Confinement the effect

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 26

Code Testing

• Unit testing
• Integration testing
• Function testing
• Performance testing
• Acceptance testing
• Installation testing

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 27

Design Principles for Security

• Least privilege
• Open design
• Complete mediation
• Separation of privilege
• Ease of use

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.
 28

Summary
• Buffer overflow attacks can take advantage of the fact that
code and data are stored in the same memory in order to
maliciously modify executing programs
• Programs can have a number of other types of
vulnerabilities, including off-by-one errors, incomplete
mediation, and race conditions
• Malware can have a variety of harmful effects depending
on its characteristics, including resource usage, infection
vector, and payload
• Developers can use a variety of techniques for writing and
testing code for security

From Security in Computing, Fifth Edition, by Charles P. Pfleeger, et al. (ISBN: 9780134085043). Copyright 2015 by Pearson Education, Inc. All rights reserved.