Program security

 Software failure
 Unexpected behavior
• A departure from the systems required behavior.
• Error in operation
• Loss of data

 Secure program- Program source code that is

written to withstand failures.
 Flow
◦ Felt
◦ Frailer
 Patch
◦ Piece of software designed to fix problems
◦ Updated program or data to fix a problem

Patch may cause new problems

 Non malicious programs Errors
◦ Programmer mistakes
◦ Program malfunctions

 malicious programs
◦ Software designed to does something that user did
not intend to do

 Malicious attacker can exploit non malicious program flow for

malicious purposes
1. Buffer overflows
2. Incomplete mediation
3. Time of check to Time of use error
 Data structure
 Program or process store data
 Temporary data storage area
 Finite amount of data
 Resource sharing
 Overflow
◦ Program or process tries to store data in a buffer
than it was intended to hold.
 Translator
◦ an error message warning
 subscript out of bounds

 Some languages
◦ buffer sizes do not have to be predefined
 Attacker can replace instructions in OS code
area or Data area
◦ Masquerade as OS - get higher priority
 replace code in system space
◦ Use stack pointer- sub procedure
◦ Replace return register
◦ Code Injection
 Attacker access a resource because code does
not properly validate
 Data type error
 Data range error

 Generates wrong result

 Default condition
 Anticipate potential problems
 Client side validation
 Only valid choices

 Web applications - Editing URL

Exploited less often than buffer overflows but easily

exploitable
 Access policy – who access what
 Request must be mediated

 While the security is checked

 condition changed
 Attacker gains access to a low security object,
but switches it with a high security
 Request to access a file presented as a data
structure
◦ File name
◦ Access mode
 Authorized
◦ Witting queue to be served
 Ensure serial integrity – avoid loss of control
 Access checking SW must own the data until
the access is complete.
 Ensure not to expose critical parameters
during loss of control
 Software designed to does something that
user did not intend to do
◦ Secretly access a computer system without the
owner's knowledge
◦ Disrupt software execution
◦ Modifies or destroys data
◦ Steals data - spy
◦ Allows unauthorized access
◦ Initiate unnecessary communications

◦ Agent
 Trigger on
◦ Date or time -
◦ Event –program execution, program end , file
access
◦ Condition – particular user activity
◦ Count –

 Malicious code runs under the user authority

 Source
◦ Downloads
◦ Software plug-in
◦ ActiveX controls
◦ Applets
◦ Setup programs

 Installing downloads
◦ Setup take over the control
◦ Update files
◦ Delete files
◦ change registry
 Independents
◦ self contained programs that can be scheduled and
run by the OS
 Needs host :
◦ Programs that cannot exist independently of some
program
 Virus
◦ Replicate itself
◦ Pass malicious code to other programs
◦ Modify files
◦ ham the data and operations
◦ Two types
 Transient : life depends on the life of it’s host: the
virus runs when the host does
 Resident : virus locates itself in memory
 Trojan Hose
◦ Software attach itself to a harmless file
◦ Software that appears to perform a desirable
function
◦ Also perform functions unexpected by user
 Logic bomb
◦ wait till triggered by a specific event
 Time Bomb
◦ Wait till the date or time to trigger
 Backdoor/Trapdoor
◦ Feature in a program which someone can access
◦ Perhaps with special privileges

 Warms
◦ Computer program that copy itself through a
network
◦ Send copies of itself to other nodes
◦ No need to attach itself to an existing program
◦ Consuming bandwidth
 Rabbit
◦ Virus or trogon which self replace without bounds
◦ Consume resources