Documente Academic
Documente Profesional
Documente Cultură
Reporter: MSc student Alexander Beloborodov Scientific advisor: Dr.Sc. Anatoliy Gorbenko Odesa 2012
Motivation
Computer Crime and Security Survey Report 2010
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
10,0% 0,0% 70,0% 60,0% 50,0% 40,0% 30,0% 20,0%
Malware infection (67,1%) Denial of service (17%) Web site defacement (7%) Exploit of users's social network profile (5%) System penetration by outsider (11%)
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions"
08.07.2012
Training Content
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
The main definitions Vulnerability database analysis Vulnerability lifecycle analysis Cloud platform to avoid intrusions Common suggestions to protect our home systems Conclusions
08.07.2012
Dependability
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
, . , , , , (, ), , .
[ .. / . ., .., , 2008 . 29]
Dependability is a complex characteristic of a system to provide the required services, which can be justifiably trusted. It includes reliability, availability, survivability, safety, security (integrity, confidentiality), high confidence, maintainability.
[Translated from E.S. Bakhmach Fail-safe programmable logic in the I&CS / ed. V.S. Kharchenko, V.V. Sklyar, Kharkiv, 2008 - p. 29]
08.07.2012
Vulnerability
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
, , , .
[ National Information Assurance (IA) Glossary. http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf]
Vulnerability is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited by a threat source.
[National Information Assurance (IA) Glossary. http://www.cnss.gov/Assets/pdf/cnssi_4009.pdf]
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
Vulnerability Examples
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
08.07.2012
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
CWE-264
Failure to enforce permissions or other access restrictions for resources, or a privilege management problem.
Buffer Errors
CWE-119
Buffer overflows and other buffer boundary errors in which a program attempts to put more data in a buffer than the buffer can hold, or when a program attempts to put data in a memory area outside of the boundaries of the buffer. Causing a system to read an attacker-controlled file and execute arbitrary code within that file. Includes PHP remote file inclusion, uploading of files with executable extensions, insertion of code into executable files, and others. Failure to ensure that input contains well-formed, valid data that conforms to the applications specifications. Note: this overlaps other categories like XSS, Numeric Errors, and SQL Injection. Allowing user-controlled input to be injected into command lines that are created to invoke other programs, using system() or similar functions.
Code Injection
Input Validation OS Command Injections
CWE-94
CWE-20
CWE-78
Fault
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
, , , ( ) , . Fault is any version inequality to specification requirements, a result of an error made in a development, its occurrence by using the system (implementation versions) leads to a computational error or control of the process, crash or system failure - the transition to the defective or inoperable.
08.07.2012
Fault Vulnerability
10
Access
HTML, XML HTML, XML HTML, XML, SQL Dump HTML HTML
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
National Vulnerability Database (NVD) Common Vulnerabilities and Exposures (CVE) Open Source Vulnerability Database (OSVDB) Open Vulnerability and Assessment Language (OVAL) Computer Emergency Response Team (CERT) Secunia
www.secunia.com/
HTML
Problems: Completeness of the information Timeliness The presence of direct-access and the ability to copy the entire database Accuracy of the information
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
11
12
08.07.2012
13
VulnerabilityTracker (1)
Content
Definitions VDB Analysis
Graph
Edit Configuration
Cloud Platform Protect your PC Conclusions
Main
Products Tree
Vulnerability Details
08.07.2012
14
VulnerabilityTracker (2)
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
Viewing comparison results of similar dates (publication, modification, etc.) in various databases by calculating the day differences
In the picture date difference is showed between dates of NVD (date1) and CVE (date2) concerning RedHat Enterprise Linux 5, Apple MacOS Server 10.5.8, Microsoft Windows Server 2008 products
08.07.2012
15
Vulnerability Lifecycle
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
08.07.2012
16
Vulnerability Lifecycle
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
08.07.2012
17
Service-Oriented Architecture
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
SOA is employed in: e-banking e-business e-medicine (bioinformatics) e-science e-commerce Geographic Information Systems Enterprise Resource Planning Systems SaaS (EaaS), Grid, Cloud Computing
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
18
SaaS Examples
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
08.07.2012
19
3.
20
OSVDB www.osvdb.org
SECUNIA www.secunia.com
They support exporting own databases in NVD CERT the form of XML files
www.nvd.nist.gov
www.cert.org
OVAL
CVE
www.cve.mitre.org
www.oval.mitre.org
The Internet
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
21
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
CVE-ID PHASE STATUS NVD CVE-ID SCORE CWE PRODUCT LIST OSVDB CVE-ID DISCOVER DATE
OUR Database
CVE-ID PHASE CVE-ID STATUS CVE-ID PUB DATE MOD DATE DISCOVER DATE DISCLOSUR DATE EXPLOIT DATE FIX DATE SCORE CWE
PRODUCT LIST
REFERENCE SUMMARY
DISCLOS DATE
EXPLOIT DATE FIX DATE
08.07.2012
24
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
CVE-ID PHASE STATUS NVD CVE-ID SCORE CWE PRODUCT LIST OSVDB CVE-ID DISCOVER DATE
OUR Database
CVE-ID PHASE STATUS DISCOVER DATE DISCLOSUR DATE EXPLOIT DATE FIX DATE SCORE CWE PRODUCT LIST PUB DATE MOD DATE REFERENCE SUMMARY
DISCLOS DATE
EXPLOIT DATE FIX DATE
Format Converter
08.07.2012
25
26
Deployment Diagram
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
08.07.2012
28
Reconfiguration Example
Content
Definitions Linux VDB Analysis Cloud Platform Protect your PC Conclusions Windows Oracle Apache httpd Glassfish MySQL Operating System Web Server Application Server Database Management System
29
Compatibility Graph
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
30
Configuration Samples
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
1. 2.
3.
4. 5.
6.
Configurations were proposed by Aleksey Furmanov
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
31
Assumptions
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
Jones, J. Days-of-risk in 2006: Linux, Mac OS X, Solaris and Windows. Electronic data Access: http://blogs.csoonline.com/days_of_risk_in_2006 (2006)
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
32
Reconfiguration Simulation
70
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
Number of vulnerabilities
60 50 40 30 20 10 0 1
Novel Linux-11 RedHat Linux-5 Aple MacOS Server-10.5.8 Sun/Oracle Solaris-10 MS Windows Server-2008
31
61
91
121
151
181
211
241
271
Now our system is managed by OS MS Windows 11Server 10.5.8 Apple Linux Server 2008 NovelWindows Server 2008 RedHat Linux 55 RedHat Linux Novel Linux MS MacOS 11
08.07.2012
33
08.07.2012
34
08.07.2012
35
Our Team
Research Group:
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
Vyacheslav Kharchenko Anatoliy Gorbenko Aleksey Furmanov Anatoliy Shostak Sofia Pokrova
System Analyst
Aleksiy Furmanov
Development Group
Alexander Beloborodov Alexander Lysenko Sofia Pokrova
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
36
Turn on the file extensions displaying in your operating system Turn off the CD- DVD-autorun Make a folder autorun.inf on all your flash drives Install an antivirus and regularly update its bases Be careful with email attachments Carefully read window dialogs
08.07.2012
37
Use Secunia Software Personal Inspector to check your system on vulnerability presence Install and configure firewalls Configure access policy on your PC and network equipment you use Never share your user name, password or security questions with anyone No one else must guess your password
08.07.2012
38
08.07.2012
39
Conclusions
We studied:
Content
Definitions VDB Analysis Cloud Platform Protect your PC Conclusions
What vulnerability and fault mean Vulnerability data sources Patch data sources
We discussed:
General suggestions to protect our home systems from intrusions
O.Biloborodov "Intrusion-avoidance of Web systems: challenges and solutions" 08.07.2012
40
Alexander Beloborodov Intrusion-avoidance of Web systems: challenges and solutions E-mail: alexandr.bright@mail.ru