Please enable JavaScript.
Coggle requires JavaScript to display documents.
IT Sicherheit - 7. Security Engineering (Secure Coding Guidlines (use…
IT Sicherheit - 7. Security Engineering
Buffer Overflows
Types
Stack-based BO
Off-by_One BO
BSS BO
HEAP BO
application segments
Stack
local nonstatic variables, arguments, RET
Heap
malloc/new and free/delete
BSS
global non initialized variables
Data
initialized global and static local variables
Text
program code
Stack and register
LIFO structure
Pointer
EIP = Instruction Pointer
ESP = Stack Pointer
EBP = Base / Frame Pointer
function call
calling:
parameters pushed to stack
return adress is pushed to stack
EIP is changed to start of function
entering
save stack pointer
allocate space for local variables / parameters
execute code
cleanup stack and restore old frame pointer
return from function
attacks
Stack Smashing
Integer Overflow
Strnig format attacks
Countermeasures:
save coding
secure libraries, functions
code analyzers
data execution prevention
Linux PaX, Windows DEP
Canaries (Stack Guard)
Adress Space Layout Randomization (ASLR)
Return oriented programming (ROP)
write-able memory is not executable. So use already existing code snippets to execute instructions
Advantages
Turing complete
Circumvent DEP/NX
Gadgets can be found by tools
Number of Gadgets can be increased by shfiting oddset to instructions
Countermeasures:
Address Space Layout Randomization (ALSR)
Position independent execution (PIE)
Secure Coding Guidlines
use fiicent input validation
white list rather than blacklist
encode html input
never trust input to sql statements
use version / configuration control
adhere to the KISS-principle + Security
use libraries
use the latest compilers
defense against coding errors
use security design patterns
make security policy
use strong crypto
stay informed about new vulnerabilities
educate developers constantly
Security Patterns
describe features at a higher level of abstraction
template/description how to solve a problem
structure
Context
Problem
Requirements
Solutions
PrivSep Pattern
Pre-authentication
Post-authentication
Microsoft Security Development Lifecycle
Training
Core Security Training
security testing
secure coding
threat modeling
secure design
privacy
Requirements
Establish Security Requirements
Create Quality Gates / Bug Bars
Perform Security and Privacy Risk Assesment
Design
Establish Design Requirements
Perform attack surface Analysis / Reeduction
Use Threat Modeling
Implementation
Use Approved Tools
Deprecate unsage functions
perform static analysis
Verification
perform dynamic analysis
perform fuzz testing
conduct attack surface review
Release
Create an incident Response plan
Conduct final security review
Certify Release and archive
Response
execute incident response plan
Introduction
early detection of vulnerabilites often fails in the development lifecycle
Patch Management ist the result
Security Engineering ist about building system to remain dependable in the face of malice, error or mischance
Security: Make Sure certain things cannot happen
Functionality: Make sure certain things can happen
relevant disciplines
Cryptographie and computer security
chip design
social engineering
costs, financiel
secure passwords
construction of building, centers...
Abstraction Levels
high-level
system design
development process
mid-level
security patterns
coding guidelines
low-level
coding guidelines
specific knowledge of system architecture