Technical and Vocational Training Institute (TVTI)

Course title: - Information system security

Course Code: IT 534 Section:1 Group-5

Submitted By: - Name ID No

No
1 Weldebirhan Tadesse TTMR/ 227 /16
2 Tafa Dadi TTMR/ 206 /16
3 Zerihun Basazin TTMR/240/16
4 Tseganew Kefie TTMR/220 /16
5 Seblewengel Yebulgawerk TTMR/192/16

Submitted To: - Brknesh Weldeyohans (PhD) Addis Ababa,

Ethiopia
1
JAN 2024 e.c
1.Software Security
 practice of ensuring that software applications are designed,
developed, and maintained in a way that protects them from
threats and vulnerabilities throughout their lifecycle.
 focuses on building and maintaining software systems. that
are resistant to
 unauthorized access, manipulation, and exploitation.

 It encompasses:-
 secure coding practices,
 threat anticipation,
 defense mechanisms to ensure data integrity,
confidentiality, and availability.

OF-FTI-ALL -18 Iss 2

ue No 1
1. Software Security Issues
Software is inherently vulnerable to various issues,
including bugs, design flaws, and insufficient
defenses against attacks.
Common security issues include:
 Buffer overflows
 Injection attacks
 Race conditions
 Insecure interactions with external systems

OF-FTI-ALL -18 Iss 3

ue No 1
 1. Buffer Overflows
Occurs when a program writes more data to a buffer
(temporary storage) than it can hold, leading to memory
overwrites.
Cause: Lack of input size validation or improper memory
handling.
Impact: May overwrite critical memory, causing crashes,
or allow arbitrary code execution.
Example: A login system that doesn't restrict username
length, causing excess data to overwrite executable
code.
Solution for Buffer Overflows
To prevent buffer overflows, implement robust/comfortable
4
coding and input validation practices:
Solution for Buffer Overflows…….
1. Input Size Validation:
Restrict the size of input data to match the buffer's
capacity.
Example: Limit username input to 50 characters in login
forms.
2.Use Safe Functions:
Replace unsafe functions (e.g., gets, strcpy) with safe
alternatives (e.g., fgets, strncpy) that include buffer size
checks.
Example: Use strncpy(destination, source, size) to avoid
exceeding the buffer limit.

5
Solution for Buffer Overflows……...

3. Bounds Checking
Explicitly verify buffer sizes before writing data.
Example: Before copying input, check if the source
size exceeds the buffer capacity.
4. Modern Programming Practices
 Use programming languages or frameworks with
built-in buffer overflow protections (e.g., Java,
Python).
 Enable compiler options like fstack
protector(arbitrary code execution) or Address
Space Layout Randomization (ASLR) to mitigate
overflows.
6
2. Injection Attacks
An attacker introduces malicious code or commands into a
program by exploiting improper input handling.
Cause: Failure to sanitize or validate user input in queries or
commands.
Impact: Can lead to unauthorized data access, code execution,
or manipulation.
Example: SQL injection, where a user inputs DROP TABLE
Users
into a database query to delete critical tables.
Solution to Injection Attacks
Injection attacks can be prevented by properly validating,
sanitizing, and handling user inputs.
7
Below are key strategies to mitigate injection vulnerabilities:
a. Input Validation
Ensure user inputs conform to expected formats and reject
invalid data.
Example: Use regular expressions to validate email addresses
or phone numbers.
b. Sanitize Input
 refers to the practice of cleaning and validating user input
before it is processed by a program or application.
 Ensure that the input meets specific criteria (e.g., type,
length, format). Reject inputs that do not comply with
expected values.
 prevents various types of attacks, such as SQL injection and
cross-site scripting (XSS).

OF-FTI-ALL -18
Issue No 1
8
c. Least Privilege Principle
Restrict application permissions to minimize potential
damage.
Example: Allow database accounts to execute queries
but not to drop tables or modify schemas.
d. Use Security Libraries or Frameworks
Leverage tools like OWASP ESAPI (Enterprise Security API)
or web frameworks with built-in protection against
injection attacks.
Example: Django ORM automatically escapes queries to
prevent SQL injection.

9
3. Race Conditions

A flaw that occurs when multiple threads or processes

access shared resources simultaneously, causing
unpredictable behavior.
Cause: Improper synchronization/mix mechanisms for
concurrent access to resources.
Impact: Can lead to data corruption, unexpected
program states, or security breaches/lack rule
respecting/.
Example: Two processes simultaneously withdrawing
money from the same bank account, bypassing balance
checks.
10
Solution to Race Conditions
Race conditions can be mitigated by using synchronization
techniques and careful design to manage concurrent access to
shared resources. Below are key strategies:
a. Use Synchronization Mechanisms
Implement locks, semaphores, or mutexes to ensure only one
thread or process accesses a shared resource at a time.
lock: is a general synchronization primitive that restricts access
to a resource by allowing only one thread to enter a critical section
at a time.
Semaphore: is a signaling mechanism that controls access to a
resource by maintaining a count of available resources.
mutexes: is a specialized type of lock that ensures mutual
exclusion. It allows only one thread to access a resource at any
given time. 11
 Solution to Race
Conditions…….
b. Atomic Operations
Use atomic operations for actions that must be completed
as a single, indivisible step.
Example: Use std::atomic in C++ to ensure thread-safe
increments:
std::atomic<int> counter(0);counter++; 3. Avoid Shared
State
Minimize or eliminate shared resources whenever possible
by using local or thread-specific data.

OF-FTI-ALL -18 Iss 12

ue No 1
4. Insecure Interactions with External
Systems
Vulnerabilities arise during interactions with operating
systems, APIs, libraries, or other programs.
Cause: Untrusted data exchanges, lack of input/output
validation, or incorrect privilege levels.
Impact: Can lead to data leakage, privilege escalation, or
system compromise.
Example: A program using predictable temporary file
names in /tmp, allowing attackers to replace files with
malicious ones.

OF-FTI-ALL -18 Iss 13

ue No 1
 Solution to Insecure Interactions with
External Systems
To address vulnerabilities arising from insecure interactions,
it is crucial to enforce secure practices during system
interactions.
Here are effective solutions:
a. Validate Input and Output:Ensure all data exchanged with
external systems is validated for integrity and expected
formats.
Example: Sanitize filenames and paths to prevent directory
traversal attacks.
b. Use Secure APIs and Libraries
Prefer secure, well-maintained APIs and libraries with built-in
protections.
OF-FTI-ALL -18 Iss 14
ue No 1
c. Implement Least Privilege Principle
Minimize the privileges of processes interacting with external
systems.
Example: Run a web server as a non-root user to prevent
privilege escalation.
d. Use Sandboxing
Isolate processes interacting with external systems to contain
potential damage.
Example: Use Docker or chroot to limit a program's access to the
filesystem.
e. Encrypt Data in Transit
Use secure communication protocols (e.g., TLS) to protect data
exchanged with external systems.
Example: Use HTTPS for API interactions to prevent
eavesdropping and man-in-the-middle attacks 15
Issue Cause Impact Example solution

Memory
Writing overly long data into
Lack of input size corruption, Validate input sizes and use
Buffer Overflow a buffer, overwriting adjacent
validation crashes, or code safe functions like strncpy.
memory.
execution
Unauthorized
Unsanitized or SQL injection to manipulate Use prepared statements and
Injection Attack access or code
unvalidated input or delete database records. sanitize inputs.
execution

Concurrent Data corruption Two threads withdrawing from Use locks or atomic
Race Condition access to shared or security the same bank account operations to synchronize
resources bypass without synchronization. access.

Trusting
unvalidated data Data leaks, Using predictable temp file Validate inputs, use secure
Insecure External
or improper privilege names, enabling malicious APIs, apply least privilege,
Interaction
privilege escalation overwrites. and use secure temp files.
management

16
 1.1 Introducing Software Security and
Defensive Programming
Software security aims:-
to create systems that are resistant to attacks, focusing
on secure coding, risk management, and proactive
defenses.
Defensive programming
 is a development approach that anticipates potential
errors or malicious activities and includes safeguards to
ensure software functions securely, even in unexpected
situations.
 is a mindset that anticipates potential failures and
proactively implements safeguards.

OF-FTI-ALL -18 Iss 17

ue No 1
Key Principles Defensive Programming

a/Principle of Least Privilege (POLP):

Grant only the minimum permissions required for a program or user to
perform its tasks.
Example: A web server should run as a non-root user, restricting access
to critical system files.
b/Fail-safe Defaults:
When an error occurs, the system should default to the most secure
state to prevent vulnerabilities.
Example: Denying access to a resource by default unless explicit
permission is granted.
N.B Defensive programming minimizes security risks by preparing for
potential failures and reducing the attack surface of the system.
18
2. Handling Program Input

 Input is the most common attack vector.

 Proper handling ensures the system remains robust
against malicious or malformed data.
 Handling program input securely is crucial to prevent
attackers from exploiting improper or unsafe input.
 Key practices include validating, sanitizing, and testing
input to ensure it does not introduce vulnerabilities.

19
2.1 Input Size and Buffer Overflow
A buffer overflow occurs when input exceeds allocated memory size,
potentially overwriting adjacent memory.
Example: A login form allows an unlimited username length, causing
memory corruption.
Solution: Validate input size and use safe functions like strncpy in C or
Prevent stack overflow in login forms by restricting username length to
20 characters.
2.2 Interpretation of Program Input
Definition: Misinterpreted input can cause unexpected behavior or
vulnerabilities.
Example: SQL injection, where input like '; DROP TABLE Users; --
manipulates database queries.
Solution: Use parameterized queries or prepared statements to prevent
malicious SQL commands.
20
2.3 Validating Input Syntax
 Ensures that input matches expected formats to block
invalid or malicious entries.
 Ensure input conforms to the expected format using
techniques like regular expressions.
Example: Allowing only numeric input in a phone number
field prevents injecting scripts or special characters.
Solution: Use regular expressions to validate inputs (e.g.,
for emails or dates).
Validate email inputs with patterns like `^[a-z A-Z 0-9 _%
+-]+@[a-z A-Z 0-9.-]+\.[a-z A-Z ]{2,}$`.
Example: Disallow special characters in username fields to
avoid command injection.
21
2.4 Input Fuzzing
 Is a software testing technique used to identify vulnerabilities,
bugs, and unexpected behavior in software systems by
feeding them unexpected, random, or invalid inputs.
 The goal is to test the robustness and security of the system
by pushing it beyond its typical operational limits.
Example: Using fuzzing tools like AFL (American Fuzzy Lop) to
find inputs that cause crashes or errors.
Solution: Incorporate fuzz testing in the development process
to discover edge cases.
 Properly handling input ensures that malicious or malformed
data cannot disrupt or exploit software.
 Validating input size, format, and behavior minimizes
vulnerabilities and enhances system security.

22
How Input Fuzzing Works
a/ Input Generation:
A fuzzing tool generates a wide range of inputs, often
random, malformed, or invalid.
These inputs might include oversized data, unexpected
characters, or invalid formats.
Inputs can be generated in several ways:
Random fuzzing: Completely random inputs.
Mutation-based fuzzing: Modifies valid inputs to
create test cases.

23
b/ Execution:
• The software under test is executed with these
generated inputs, simulating real-world scenarios or
edge cases.
c/ Monitoring:
• The behavior of the software is monitored to detect
crashes, errors, or unexpected outputs.
• Logs and system metrics (e.g., memory usage, CPU
activity) are analyzed for anomalies.
d/ Bug Analysis
If issues are detected, the problematic input is
recorded for further analysis to identify the root cause.
24
3. Writing Safe Program Code
 Writing safe program code ensures that software
remains reliable, secure, and resistant to
vulnerabilities under all circumstances.
3.1 Correct Algorithm Implementation
Algorithms must follow precise specifications to avoid
unintended flaws or vulnerabilities.
Example:1 Incorrect cryptographic implementations can
weaken encryption (e.g., weak random number
generators).
Solution: Implement algorithms according to established
best practices and standards.
25
 4. Interacting with the Operating System
and Other Programs

 Secure interaction with operating systems and

external programs is essential to
prevent vulnerabilities stemming from improper
handling of resources, permissions, and external
inputs.

26
5. Handling Program Output
 Securely managing program output is essential to
prevent the unintentional leakage of sensitive data and
protect systems from injection attacks.
 Or Secure output handling ensures sensitive
information is not leaked.
Solution: Encode output to prevent injection attacks.
Example: Use HTML encoding to prevent XSS in web
applications (`&lt` instead of `<`).
Output sanitization is also critical for error messages to
avoid exposing stack traces or internal system details.

OF-FTI-ALL -18 Iss 27

ue No 1
a/ Preventing Injection Attacks:
Improperly handled output can lead to injection vulnerabilities, such
as Cross-Site Scripting (XSS).
Solution: Encode special characters in output to ensure they are
treated as data rather than executable code.
Example: In web applications, use HTML encoding (&lt; instead of
<) to prevent XSS.
b/ Output Sanitization:
Error messages and logs can unintentionally reveal internal system
details, such as stack traces, database schemas, or configuration
paths.
Solution: Sanitize error messages and avoid exposing unnecessary
technical details.
Example: Replace detailed stack traces with generic error
messages like "An unexpected error occurred." 28
The end!!!

OF-FTI-ALL -18 Iss 29

ue No 1