Samara University

College of Engineering and

Technology
Department of Information
Technology
Information Assurance and Security (ITec4133)
4th Year IT
Chapter Five
Application Security

By Jemal Gugsa (Msc)

April 25,
2025.
Application Security (AppSec)
• Application security
(AppSec) is the practice of
implementing security
measures and safeguards to
protect software
applications from threats
and vulnerabilities
throughout their lifecycle.
• Planning
• Requirement gathering
• Design
• Implementation – Writing the
programming code.
• Testing - Verifying and
validating the software.
• Deployment- Releasing the
software.
• Maintenance - Supporting
and updating the software
• Application security
encompasses all aspects
of securing applications,
from initial design to
maintenance.
Continued
• Application security is the
practice of using security
software and best practices to
protect computer applications
from external security threats.
• Application through Mobile,
web, PCs, tablets provides
services which contains user
personal information.
Why is Application
Security Important?
1. Protecting private
information or data of the
application users.
2. Preventing an
organization from
financial damage.
3. Maintaining
Confidentiality, Integrity
and Availability.
Continued
• With new applications, new security
vulnerabilities are also discovered.
This vulnerability can put personal
data of user at risk.
• Once an attacker has found
application vulnerability and
determined how to access it, it can
exploit the application vulnerability
to facilitate a cyber-crime.
• These crimes target the CIA of
resources possessed by an
application.
• Application security helps
identify, fix and prevent
security
vulnerabilities in any kind
of software application.
• Web application
• Desktop application
• Mobile application
Types of Application Security
• Securing web, mobile, • These measures help
and desktop protect against various
applications involves a threats like malicious,
layered approach, phishing, and
including strong
authentication and unauthorized access.
authorization, data
encryption, secure
coding, regular security
audits and continuous
monitoring.
A) Mobile Application Security
• Mobile application
security refers to the
technologies and security
procedures that protect
mobile applications against
cyberattacks and data theft.
• In Developer Level
• In End Users Level
Continued
• Mobile device usage has • Traditionally a headache
been steadily increasing reserved for celebrities
in recent years. and are now a legitimate
• Recent statistics note concern for anyone who
that owns a cell phone.
about 90% of the global in • Mobile applications are
ternet population crucial today for
uses a mobile device to businesses and personal
go online. use.
• For hackers, this means • Each year, the number of
more people to victimize, mobile apps developed is
making increasing – with the
endpoint security for mobi increasing number of
Continued
• However, as mobile • Furthermore, if a business
applications increase, it gives is in the process of
more chances to hackers to
penetrate thousands of devices
developing their own app,
– mobile apps have become they have to make sure
their gateway to steal that it is secured from
consumer data. hackers.
• Businesses also use mobile
apps in the workplace,
therefore, it is necessary to
take careful consideration and
implement policies for
protection.
Mobile application Security
practice
1. Secure Development 3. Strong Authentication
Lifecycle (SDLC) • Implementing robust user
• Integrating security authentication
considerations into every mechanisms, such as multi-
phase of development, from factor authentication.
planning to maintenance. • Programmer Level
• Programmer Level
4. Secure Authorization
2. Secure Coding
• Ensuring users can only
Practices
access the features and
• Writing code that minimizes
data they are permitted to.
common vulnerabilities
• Programmer Level
• Programmer Level
Continued
5. Session Management End users security practice
• Protecting user sessions
from hijacking.
• Programmer Level
6. Programmer Level
(Others)
• Input Validation
• Regular Updates
• Monitoring and Logging
• User Education
• Incident Response
• Use antivirus software
• Set Strong password and
you will periodically
change it.
• Delete apps. If you see any
apps on your phone that
you didn’t download,
delete them.
• Report to administrative
body
B) Web Application Security
• A web application is
software that runs on a web
server and is accessible via
the Internet. Internet exposes
them to a range of
vulnerabilities.
• Web application security
is the practice of protecting
websites, web applications, and web
services from various threats and
user information are safe from
malicious attacks.
Continued
• The evolution of the Internet has addressed some web application
vulnerabilities – such as the introduction of HTTPS, which creates an
encrypted communication channel.
• Application security, have introduced solutions especially designed to
secure web applications.
• Examples include the web application firewall (WAF), a security tool
designed to detect and block application-layer attacks.
Web application Security
practice
1. Secure Communication: 4. Secure Coding Practices
• HTTPS/TLS Encryption
5. Web Application Firewalls
2. Enforcing strong (WAFs)
authentication and
authorization. 6. Access Control and Least
• Strong Authentication Privilege
• MFA 7. Monitoring and Logging
3. Input Validation • Alerting
C) Desktop Application Security
• Desktop application
security focuses on protecting
software installed and running
directly on a user's computer
from security threats and risks.
• These applications often handle
sensitive data and have direct
access to system resources,
making their security crucial.
Continued
• Desktop application security
involves practices and measures • Once inside your computer, these
implemented to protect desktop can spread quickly to your apps
software from various threats
and vulnerabilities. and throughout your network.
• Viruses or malware, whatever
you call it, this is one of the most
common risks to desktop apps.
Vulnerabilities
• Vulnerability is a • Weakness
weakness in an IT system • A vulnerability is a flaw, error, or
that can be exploited by gap in a system and process.
an attacker to deliver a • Exploitability
successful attack. • It's a weakness that an attacker can
• They can occur through take advantage of to compromise
the system.
flaws, features or user
error. It can be a flaw in • Potential for harm
software, hardware, • Vulnerabilities can lead to data
breaches, unauthorized access,
network, or even human system crashes, or other negative
practices. outcomes.
The Importance of Application
Security
• Application security is
crucial for protecting
software from vulnerabilities
and cyber threats, ensuring
data integrity and
confidentiality.
• It's vital for safeguarding
sensitive data and
maintaining business
continuity.
• Reducing the Attack Surface
• Cost-Effectiveness:
• Addressing application
security vulnerabilities during
development and deployment
is more cost-effective than
trying to fix them after a
breach has occurred.
Malicious Program (Code)
• Malicious Program (code) ,is
software program (code) to
harm or exploit computer
systems, networks, or users.
Which is developed by a
programmer.
• Malicious Program can take
various forms, including viruses,
worms, trojan horses,
ransomware, spyware, and
adware.
Continued
• According to SPECTRIA InfoSec Services, malicious code is defined as
software which interferes with the normal operation of a computer
system or software, which executes without the express consent of
the user.
• Perhaps the most sophisticated types of threats to computer systems
are presented by malicious codes that exploit vulnerabilities in
computer systems.
• Any code which modifies or destroys data, steals data, allows
unauthorized access Exploits or damage a system, and does
something that user did not intend to do, is called malicious code.
Continued
• Its intent is typically to 3. Think twice before clicking links
• Disrupt and Damage or downloading anything.
• Gain unauthorized access to 4. Don't trust pop-up windows
computer systems asking you to download software.
• Generally, compromising the 5. Use Strong Passwords
CIA of data.
6. Enable MFA
Users should uses security
7.Enable Firewall
measures (General Measures)
such ; 8.Back Up Your Data
1. Keep Software Updated
2. Use Antivirus Software
Types of malicious code
1. Viruses, is a program that infects a
computer by attaching itself to
another program, and propagating
itself when that program is
executed.
2. Worms, is a standalone malware
computer program that replicates
itself in order to spread to other
computers.
• No need of executing the infected
program when the worms are
propagated.
Continued
• Computer viruses are Computer Virus
malicious programs that • Infection:
require a host file to • Requires a user to open the infected file
or execute the program containing the
infect a system. virus.
• While computer • Replication:
worms are standalone • Spreads by being copied and distributed
programs that can self- as part of the host file.
replicate and spread • Example:
across networks without • A virus attached to an email attachment
a host file. or a macro in a Microsoft Office
document.
Continued
Computer Worms • Example:
• Infection: • The Morris worm was a
• Worms can exploit vulnerabilities famous example of a
in software to enter a system and worm that exploited
replicate themselves. vulnerabilities in Unix
systems.
• Replication:
• Most of the time worm
• Worms spread by automatically
attack an OS level.
replicating themselves across
networks and infecting vulnerable
systems.
Continued
• Executable files, such as • When an infected file is
those with the .exe executed, the virus code
or .com extensions, are is activated, potentially
most frequently targeted causing damage or
by computer viruses and spreading to other files on
worms. the system.
• These files are designed
to be run by the operating
system, and viruses can
exploit this by attaching
themselves to them.
Continued
3. Trojan horses
• A Trojan horse, in the context
of cybersecurity, is a type of
malicious program that
pretend to be itself as
legitimate software to trick
users into downloading and
running it on their systems.
• A Trojan horse usually carries a hidden
destructive function that is activated
when the application is started.
Continued
• It's named after the legendary
Greek wooden horse used to
infiltrate the city of Troy.
• Unlike viruses or worms,
Trojans don't self-
replicate; they require a user
to initiate their execution.
• Once activated, they can
cause various harm, such as
stealing data, gaining
unauthorized access, or
installing other malware.
Continued
4. Spyware
• Spyware is a type of malicious
software that secretly collects
information from a computer or
device and sends it to a third party
without the user's knowledge.
• Spyware can capture
keystrokes, monitor website
visits, track browsing
history, and even access the
camera and microphone.
Continued
5. Adware
• It is software that
displays unwanted
advertisements, often
installed unknowingly by
users.
• It that can disrupt
browsing and potentially
collect user data. Some
adware can also be spyware.
Continued
• It generates revenue for its
developers by displaying
ads, which can appear as
pop-ups in browser.
Data collection:
• Adware can collect
information about users'
browsing habits, which can
be used for targeted
advertising or potentially
shared with third parties.
Potential for harm:
• In addition to disrupting
the user experience,
adware can also
potentially harm a device
by slowing it down,
hijacking the browser, or
even installing viruses or
spyware.
Continued
6. Trapdoor (Backdoor) Malicious Uses:
• In cybersecurity it is refers to a
hidden mechanism that allows • However, backdoors
someone to bypass normal
security protocols and gain
can also be exploited
unauthorized access to a system. by attackers to gain
Legitimate Uses: unauthorized access
• Sometimes, backdoors are
intentionally included by to systems and
developers for legitimate data.
purposes, such as troubleshooting
or system maintenance
Continued
7. keylogger
• A keylogger is a type of
software or hardware that
secretly records the keystrokes
and other input data on a
computer or device, essentially
acting as a spy on your
actions.
• It can be used for malicious
purposes, such as stealing
passwords, credit card
information, or other sensitive
data.
Continued
• Keyloggers are a
particularly insidious type
of spyware.
• However, keyloggers can
also enable cybercriminals
to eavesdrop on you,
watch you on your system
camera, or listen over
your smartphone’s
microphone.
1. Software-based keyloggers:
• These are programs installed on a
computer that record every
keystroke and other input data,
which is then sent to a remote
server controlled by the attacker.
1. Hardware-based keyloggers:
• These are devices physically
connected to the computer's
keyboard or other input devices,
intercepting and recording the
input data.
Continued
Malicious purposes: Legitimate uses:
1. Stealing passwords, 1. Parental monitoring of
usernames, and other children's online
login credentials. activities.
2. Accessing financial 2. Employee productivity
accounts monitoring.
3. Theft of personal 3. Legal investigations
information (Identity (with proper
theft and fraud) authorization).
Continued
8. Zombie:
• A zombie is a program that
secretly takes over another
internet attached computer and
then uses that computer to
launch attacks that are difficult
to trace to the zombie‘s creator.
• Zombies are used in Denial of
service attacks, typically against
targeted web sites.
Continued
9. Phishing
• It is fraudulent (ማጭበርበር) emails,
text messages, phone calls to
trick users into sharing
sensitive information or
personal data.
• The attacker's goal is to steal
money, gain access to sensitive
data and login information, or
to install malware on the
victim's device.
Continued
• Successful phishing attacks • Social engineering attacks
often lead to identity theft, rely on human error and
credit card fraud, ransomware
attacks, data breaches, and
pressure tactics for
huge financial losses for success.
individuals and corporations.
• Phishing is the most common
type of social engineering, the
practice of deceiving,
pressuring or manipulating
people into sending
information or assets to the
wrong people.
General Classification of
Computer Virus
1) Memory-Resident Virus 4) Stealth Virus (ስውርነት)
• Main system memory. Whenever • A virus which uses various
the operating system executes a
file,
stealth techniques in order to
• example, a program file (C).
hide itself from detection by
anti-virus software.
2) Program File Virus
• This will infect programs like .EXE.
5) Email virus
• A virus spread by email messages.
3) Boot Sector Virus
• This type will infect the system
6) Macro Virus (Word documents
area of a disk. files)
Tips for Preventing Computer
Virus
1. Install antivirus or 7. Keep your personal
2. Keep your antivirus information secure
software up to date 8. Don’t use unsecured
3. Run antivirus scans Wi-Fi
regularly 9. Back up your files
4. Keep your operating 10. Use different
system up to date passwords
5. Think before you click
suspicious link
Symptoms of infected
computers by virus
1. A program takes longer time 4. Popping up of new
than usual to execute. windows or browser
2. A sudden reduction in advertisements.
system memory or available 5. Abnormal restarts or
disk space. shutdowns of the computer.
3. A number of unknown or
new files, programs or
processes on the computer.
The life cycle of a computer
virus
• The life cycle of a 2. Propagation phase
computer virus can be • In the propagation phase, the
divided into four phases: virus starts propagating by
replicating itself.
1. Dormant phase
• The virus places a copy of
• The virus is idle in the itself into other programs or
dormant phase. It has accomplishes certain system
accessed the target device areas on the disk.
but does not take any • Each infected program will
action. contain a clone of the virus,
• Note: Not all viruses have which will enter its own
the dormant phase. propagation phase as well.
Continued
3. Triggering phase
• The triggering phase starts when
the dormant virus is activated. It
will perform the actions it is
supposed to accomplish.
4. Execution phase
• In the execution phase, the
payload will be released. It can
harm deleting files, crashing the
system, and so on.
• It can be harmless too and pop
some humorous messages on
screen.
End