Hao Chen Benjamin Davis. University of California, Davis. HELIX Project Review Meeting, August 6,2010
Size: px
Start display at page:

Download "Hao Chen Benjamin Davis. University of California, Davis. HELIX Project Review Meeting, August 6,2010"

Transcription

1 Hao Chen Benjamin Davis University of California, Davis HELIX Project Review Meeting, August 6,2010

2 Goal: protect systems at high level Web services are highly attractive targets Over 60% of attacks target Web applications Over 80% of vulnerabilities are in Web apps Noncespaces: Randomize XML tags of untrusted content Defeat XSS attacks (From SANS 2009 Top Cyber Security Risks) 2

3 <h1>latest Comment</h1> <p> {User Content} </p> 3

4 <h1>latest Comment</h1> <p> This is <b>great!</b> </p> 4

5 <h1>latest Comment</h1> <p> <script> steal(document.cookie); </script> </p> 5

6 6

7 Information Flow Tracking System!! Input Application 7

8 Information Flow Tracking System Application!! 8

9 Information Flow Tracking System!! Application!! 9

10 Information Flow Tracking System Application Output!!!! 10

11 Information Flow Tracking System Application X!! Output!! 11

12 Language-based taint mode Perl Ruby Adding support to language structures Java [Chin, Wagner 09] PHP [Venema] 12

13 Information Flow Tracking System Database Interface Input Web Application Database Output 13

14 Information Flow Tracking System Database Interface!! Input Web Application Database Output 14

15 Information Flow Tracking System Database Interface Input Web Application Database Output!! 15

16 Information Flow Tracking System Database!! Interface Input Web Application Database Output 16

17 Information Flow Tracking System Database Interface!! Input Web Application Database Output 17

18 Information Flow Tracking System Database Interface? Input Web Application Database Output 18

19 Information Flow Tracking System Database Interface Input Web Application? Database Output 19

20 Information Flow Tracking System Database Interface? Input Web Application Database Output 20

21 What if you have multiple applications? How to treat data from the database? All tainted -> false positives All untainted -> false negatives Require manual annotation? Application-specific decisions? 21

22 Taint tracking through the entire system [Asbestos, 05] [HiStar, 06] Implemented in Hardware OS VMM/emulator 22

23 Database Interface!! Input Web Application Database Output 23

24 Database Interface Input Web Application Database Output 24

25 Database Interface!! Input Web Application Database Output 25

26 Database Interface Input Web Application Database Output 26

27 Low level/fine granularity Hardware mechanism [Suh, Lee, Devadas 04] Minos [Crandall, Chong, 04] Lacks high-level database semantics Aggregate functions Comparisons, SELECT DISTINCT 27

28 End-to-end taint tracking Across Web applications and databases Leverage existing single-application information flow tracking engines Compatible with existing Web services Require no changes to Web applications Taint propagation through database functions 28

29 DB Interface SQL Database Engine Web Application 29

30 DBTaint DB Interface SQL Database Engine Web Application Single-application information flow 30

31 Store taint data in database composite types Tuple of form: (<value>, <taint_value>) Store/retrieve taint values via SQL No additional mechanisms needed in the database No change to underlying database data structures Id Status Id Status 19 closed 27 open 32 pending Without DBTaint (19, 0) ( closed, 1) (27, 0) ( open, 1) (32, 0) ( pending, 1) With DBTaint 31

32 Create functions that operate on composite types Comparison operators (=,!=, <, ) Arithmetic operations (+, -, ) Text operations (upper, lower, ) Aggregate functions (MAX, MIN, SUM, ) Functions implemented in SQL CREATE FUNCTION CREATE OPERATOR CREATE AGGREGATE 32

33 Arithmetic operations (4, 0) + (5, 1) = (9,?) 33

34 Arithmetic operations (4, 0) + (5, 1) = (9,?) untainted tainted 34

35 Arithmetic operations (4, 0) + (5, 1) = (9, 1) untainted tainted tainted 35

36 MAX {(2, 0), (3, 1), (5, 0)} = (5,?) 36

37 MAX {(2, 0), (3, 1), (5, 0)} = (5,?) untainted tainted untainted 37

38 Untainted: trusted source Web application defaults Values generated entirely by the Web application Tainted: from untrusted source, or unknown User input Explicit information flow Database returns untainted value only if database has received that value untainted 38

39 MAX {(2, 0), (3, 1), (5, 0)} = (5,?) untainted tainted untainted 39

40 MAX {(2, 0), (3, 1), (5, 0)} = (5, 0) untainted tainted untainted untainted 40

41 Equality? (3, 0) = (3, 1) untainted tainted 41

42 Equality 3 == 3 42

43 Equality (3, 0) == (3, 1) untainted tainted Adopt notion of backwards-compatibility [Chin, Wagner 09] 43

44 MAX {(5, 1), (5, 0)} = (5,?) tainted untainted 44

45 MAX {5, 5} = 5 45

46 MAX {5, 5} = 5 OR 46

47 MAX {(5, 1), (5, 0)} = (5,?) OR 47

48 MAX {(5, 1), (5, 0)} = (5, 0) tainted untainted untainted When possible, prefer to return untainted values 48

49 DB Interface Database Table Id Status 19 closed 27 open 32 pending WebApp 49

50 DB Interface x = DB.get(id=27) Database Table Id Status 19 closed 27 open 32 pending WebApp 50

51 DB Interface x = DB.get(id=27) Database Table Id Status 19 closed 27 open 32 pending WebApp 51

52 DB Interface x = DB.get(id=27) Database Table Id Status 19 closed 27 open 32 pending WebApp 52

53 DB Interface Database Table x = open Id Status 19 closed 27 open 32 pending WebApp 53

54 DBTaint DB Interface Database Table Id Status (19, 0) ( closed, 1) (27, 0) ( open, 1) (32, 0) ( pending, 1) WebApp 54

55 DBTaint DB Interface x = DB.get(id=27) Database Table Id Status (19, 0) ( closed, 1) (27, 0) ( open, 1) (32, 0) ( pending, 1) WebApp 55

56 DBTaint DB Interface Rewritten query Database Table Id Status (19, 0) ( closed, 1) (27, 0) ( open, 1) (32, 0) ( pending, 1) WebApp 56

57 DBTaint DB Interface Result tuples Database Table Id Status (19, 0) ( closed, 1) (27, 0) ( open, 1) (32, 0) ( pending, 1) WebApp 57

58 DBTaint DB Interface Database Table Collapse tuples and taint appropriately Id Status (19, 0) ( closed, 1) (27, 0) ( open, 1) (32, 0) ( pending, 1) WebApp 58

59 DBTaint DB Interface Database Table x = open // x is tainted Id Status (19, 0) ( closed, 1) (27, 0) ( open, 1) (32, 0) ( pending, 1) WebApp 59

60 Account for composite types in SQL queries Collapse and taint result tuples as needed These changes are: Transparent to web application High-level, portable DBTaint DB Interface DB unchanged 60

61 Parameterized queries Prepare: INSERT (id, status) VALUES (?,?) Execute (27, open ) 61

62 Parameterized queries Prepare: INSERT (id, status) VALUES (?,?) // with DBTaint: INSERT (id, status) VALUES (ROW(?,?), ROW(?,?)) 62

63 Parameterized queries Prepare: INSERT (id, status) VALUES (?,?) // with DBTaint: INSERT (id, status) VALUES (ROW(?,?), ROW(?,?)) Execute (27, open ) // 27 is untainted, open is tainted // with DBTaint: (27, 0, open, 1) 63

64 Prepare phase: Queries are passed with placeholders for data Execute phase: Data values are passed separately, independently Taint tracking engine requirement: Only need to track taint values per variable We handle non-parameterized queries too See paper for details 64

65 Leverage existing single-application information flow tracking systems No changes to Web application DBTaint DB Interface Web Application Single-application information flow 65

66 Languages Perl Java Database Interfaces Perl DataBase Interface (DBI) Java Database Connectivity (JDBC) Database PostgreSQL 66

67 RT: Request Tracker (ticket tracking system) 60,000+ lines of Perl Perl DBI (DataBase Interface) API Perl taint mode JForum (discussion board system) 30,000+ lines of Java Java Database Connectivity (JDBC) API Character-level taint engine [Chin, Wagner 09] 67

68 68

69 End-to-end information flow through Web services Compatible with existing Web services Requires no changes to Web applications Taint propagation through database functions For detail, see our paper at USENIX WebApps. June Boston, MA. 69

Similar documents

Preventing Injection Vulnerabilities through Context-Sensitive String Evaluation (CSSE)

Preventing Injection Vulnerabilities through Context-Sensitive String Evaluation (CSSE) IBM Zurich Research Laboratory Preventing Injection Vulnerabilities through Context-Sensitive String Evaluation (CSSE) Tadeusz Pietraszek Chris Vanden Berghe RAID

More information

An UML-XML-RDB Model Mapping Solution for Facilitating Information Standardization and Sharing in Construction Industry

An UML-XML-RDB Model Mapping Solution for Facilitating Information Standardization and Sharing in Construction Industry An UML-XML-RDB Model Mapping Solution for Facilitating Information Standardization and Sharing in Construction Industry I-Chen Wu 1 and Shang-Hsien Hsieh 2 Department of Civil Engineering, National Taiwan

More information

Webapps Vulnerability Report

Webapps Vulnerability Report Webapps Vulnerability Report Tuesday, January 12, 2010 Introduction This report provides detailed information of every vulnerability that was found and successfully exploited by CORE IMPACT during this

More information

Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks

Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks Matthew Van Gundy and Hao Chen University of California, Davis 16th Annual Network & Distributed

More information

Taint Propagation in Database Systems

Taint Propagation in Database Systems Taint Propagation in Database Systems Anandarup Sarkar, Kartik Pandit, Sven Koehler Introduction Abstract: The goal of our project is to develop a rule set to describe the propagation of taintness through

More information

Practical Techniques for Regeneration and Immunization of COTS Applications

Practical Techniques for Regeneration and Immunization of COTS Applications Practical Techniques for Regeneration and Immunization of COTS Applications Lixin Li Mark R.Cornwell E.Hultman James E. Just R. Sekar Stony Brook University Global InfoTek, Inc (Research supported by DARPA,

More information

Securing Software Applications Using Dynamic Dataflow Analysis. OWASP June 16, The OWASP Foundation

Securing Software Applications Using Dynamic Dataflow Analysis. OWASP June 16, The OWASP Foundation Securing Software Applications Using Dynamic Dataflow Analysis Steve Cook OWASP June 16, 2010 0 Southwest Research Institute scook@swri.org (210) 522-6322 Copyright The OWASP Foundation Permission is granted

More information

CMPSC 497: Static Analysis

CMPSC 497: Static Analysis CMPSC 497: Static Analysis Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department Pennsylvania State University Page 1 Our Goal In this course,

More information

Application vulnerabilities and defences

Application vulnerabilities and defences Application vulnerabilities and defences In this lecture We examine the following : SQL injection XSS CSRF SQL injection SQL injection is a basic attack used to either gain unauthorized access to a database

More information

Transform your data estate with cloud, data and AI

Transform your data estate with cloud, data and AI Transform your data estate with cloud, data and AI The world is changing Data will grow to 44 ZB in 2020 Today, 80% of organizations adopt cloud-first strategies AI investment increased by 300% in 2017

More information

Finding Vulnerabilities in Web Applications

Finding Vulnerabilities in Web Applications Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of

More information

CSCE 548 Building Secure Software SQL Injection Attack

CSCE 548 Building Secure Software SQL Injection Attack CSCE 548 Building Secure Software SQL Injection Attack Professor Lisa Luo Spring 2018 Previous class DirtyCOW is a special type of race condition problem It is related to memory mapping We learned how

More information

Nemesis: Preventing Web Authentication & Access Control Vulnerabilities. Michael Dalton, Christos Kozyrakis Stanford University

Nemesis: Preventing Web Authentication & Access Control Vulnerabilities. Michael Dalton, Christos Kozyrakis Stanford University Nemesis: Preventing Web Authentication & Access Control Vulnerabilities Michael Dalton, Christos Kozyrakis Stanford University Nickolai Zeldovich Massachusetts Institute of Technology Web Application Overview

More information

A hybrid analysis framework for detecting web application vulnerabilities

A hybrid analysis framework for detecting web application vulnerabilities Università degli Studi di Milano Facoltà di Scienze Matematiche, Fisiche e Naturali Dipartimento di Informatica e Comunicazione A hybrid analysis framework for detecting web application vulnerabilities

More information

SHIFTLEFT OCULAR THE CODE PROPERTY GRAPH

SHIFTLEFT OCULAR THE CODE PROPERTY GRAPH SHIFTLEFT OCULAR INTRODUCTION ShiftLeft Ocular offers code auditors the full range of capabilities of ShiftLeft s best-in-class static code analysis 1, ShiftLeft Inspect. Ocular enables code auditors to

More information

OVERVIEW OF RELATIONAL DATABASES: KEYS

OVERVIEW OF RELATIONAL DATABASES: KEYS OVERVIEW OF RELATIONAL DATABASES: KEYS Keys (typically called ID s in the Sierra Database) come in two varieties, and they define the relationship between tables. Primary Key Foreign Key OVERVIEW OF DATABASE

More information

CS 161 Computer Security

CS 161 Computer Security Raluca Ada Popa Spring 2018 CS 161 Computer Security Discussion 9 Week of March 19, 2018 Question 1 Warmup: SOP (15 min) The Same Origin Policy (SOP) helps browsers maintain a sandboxed model by preventing

More information

C1: Define Security Requirements

C1: Define Security Requirements OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security

More information

Utilizing Databases in Grid Engine 6.0

Utilizing Databases in Grid Engine 6.0 Utilizing Databases in Grid Engine 6.0 Joachim Gabler Software Engineer Sun Microsystems http://sun.com/grid Current status flat file spooling binary format for jobs ASCII format for other objects accounting

More information

MySQL Introduction. By Prof. B.A.Khivsara

MySQL Introduction. By Prof. B.A.Khivsara MySQL Introduction By Prof. B.A.Khivsara Note: The material to prepare this presentation has been taken from internet and are generated only for students reference and not for commercial use. Introduction

More information

OWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati

OWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati OWASP TOP 10 2017 Release Andy Willingham June 12, 2018 OWASP Cincinnati Agenda A quick history lesson The Top 10(s) Web Mobile Privacy Protective Controls Why have a Top 10? Software runs the world (infrastructure,

More information

KE IMu API Technical Overview

KE IMu API Technical Overview IMu Documentation KE IMu API Technical Overview Document Version 1.1 IMu Version 1.0.03 Page 1 Contents SECTION 1 Introduction 1 SECTION 2 IMu architecture 3 IMu Server 3 IMu Handlers 3 Schematic 4 SECTION

More information

6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014

6.858 Quiz 2 Review. Android Security. Haogang Chen Nov 24, 2014 6.858 Quiz 2 Review Android Security Haogang Chen Nov 24, 2014 1 Security layers Layer Role Reference Monitor Mandatory Access Control (MAC) for RPC: enforce access control policy for shared resources

More information

Practical DIFC Enforcement on Android

Practical DIFC Enforcement on Android Practical DIFC Enforcement on Android Adwait Nadkarni 1, Benjamin Andow 1, William Enck 1, Somesh Jha 2 1 North Carolina State University 2 University of Wisconsin-Madison The new Modern Operating Systems

More information

Coding for Penetration

Coding for Penetration Coding for Penetration Testers Building Better Tools Jason Andress Ryan Linn ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is

More information

Database Systems: Design, Implementation, and Management Tenth Edition. Chapter 14 Database Connectivity and Web Technologies

Database Systems: Design, Implementation, and Management Tenth Edition. Chapter 14 Database Connectivity and Web Technologies Database Systems: Design, Implementation, and Management Tenth Edition Chapter 14 Database Connectivity and Web Technologies Database Connectivity Mechanisms by which application programs connect and communicate

More information

OWASP 5/07/09. The OWASP Foundation OWASP Static Analysis (SA) Track Session 1: Intro to Static Analysis

OWASP 5/07/09. The OWASP Foundation OWASP Static Analysis (SA) Track Session 1: Intro to Static Analysis Static Analysis (SA) Track Session 1: Intro to Static Analysis Eric Dalci Cigital edalci at cigital dot com 5/07/09 Copyright The Foundation Permission is granted to copy, distribute and/or modify this

More information

Applying AI in Application Security

Applying AI in Application Security FEATURE Applying AI in Application Security Do you have something to say about this article? Visit the Journal pages of the ISACA website (www.isaca. org/journal), find the article and click on the Comments

More information

Efficient patch-based auditing for web application vulnerabilities

Efficient patch-based auditing for web application vulnerabilities Efficient patch-based auditing for web application vulnerabilities Taesoo Kim, Ramesh Chandra, and Nickolai Zeldovich MIT CSAIL Abstract POIROT is a system that, given a patch for a newly discovered security

More information

Raksha: A Flexible Information Flow Architecture for Software Security

Raksha: A Flexible Information Flow Architecture for Software Security Raksha: A Flexible Information Flow Architecture for Software Security Michael Dalton, Hari Kannan, Christos Kozyrakis Computer Systems Laboratory Stanford University {mwdalton, hkannan, kozyraki}@stanford.edu

More information

HIBERNATE MOCK TEST HIBERNATE MOCK TEST I

HIBERNATE MOCK TEST HIBERNATE MOCK TEST I http://www.tutorialspoint.com HIBERNATE MOCK TEST Copyright tutorialspoint.com This section presents you various set of Mock Tests related to Hibernate Framework. You can download these sample mock tests

More information

Nemesis: Preventing Authentication & [and] Access Control Vulnerabilities in Web Applications

Nemesis: Preventing Authentication & [and] Access Control Vulnerabilities in Web Applications Nemesis: Preventing Authentication & [and] Access Control Vulnerabilities in Web Applications The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story

More information

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

Application Security through a Hacker s Eyes James Walden Northern Kentucky University Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways

More information

CRAXweb: Web Testing and Attacks through QEMU in S2E. Shih-Kun Huang National Chiao Tung University Hsinchu, Taiwan

CRAXweb: Web Testing and Attacks through QEMU in S2E. Shih-Kun Huang National Chiao Tung University Hsinchu, Taiwan CRAXweb: Web Testing and Attacks through QEMU in S2E Shih-Kun Huang National Chiao Tung University Hsinchu, Taiwan skhuang@cs.nctu.edu.tw Motivation Symbolic Execution is effective to crash applications

More information

Real-World Buffer Overflow Protection in User & Kernel Space

Real-World Buffer Overflow Protection in User & Kernel Space Real-World Buffer Overflow Protection in User & Kernel Space Michael Dalton, Hari Kannan, Christos Kozyrakis Computer Systems Laboratory Stanford University http://raksha.stanford.edu 1 Motivation Buffer

More information

EECS 647: Introduction to Database Systems

EECS 647: Introduction to Database Systems EECS 647: Introduction to Database Systems Instructor: Luke Huan Spring 2009 Stating Points A database A database management system A miniworld A data model Conceptual model Relational model 2/24/2009

More information

Let's Play... Try to name the databases described on the following slides...

Let's Play... Try to name the databases described on the following slides... Database Software Let's Play... Try to name the databases described on the following slides... "World's most popular" Free relational database system (RDBMS) that... the "M" in "LAMP" and "XAMP" stacks

More information

Security Engineering by Ross Andersson Chapter 18. API Security. Presented by: Uri Ariel Nepomniashchy 31/05/2016

Security Engineering by Ross Andersson Chapter 18. API Security. Presented by: Uri Ariel Nepomniashchy 31/05/2016 Security Engineering by Ross Andersson Chapter 18 API Security Presented by: Uri Ariel Nepomniashchy 31/5/216 Content What is API API developing risks Attacks on APIs Summary What is API? Interface for

More information

Introduction to Relational Databases. Introduction to Relational Databases cont: Introduction to Relational Databases cont: Relational Data structure

Introduction to Relational Databases. Introduction to Relational Databases cont: Introduction to Relational Databases cont: Relational Data structure Databases databases Terminology of relational model Properties of database relations. Relational Keys. Meaning of entity integrity and referential integrity. Purpose and advantages of views. The relational

More information

CSE 127 Computer Security

CSE 127 Computer Security CSE 127 Computer Security Fall 2015 Web Security I: SQL injection Stefan Savage The Web creates new problems Web sites are programs Partially implemented in browser» Javascript, Java, Flash Partially implemented

More information

Ranking Vulnerability for Web Application based on Severity Ratings Analysis

Ranking Vulnerability for Web Application based on Severity Ratings Analysis Ranking Vulnerability for Web Application based on Severity Ratings Analysis Nitish Kumar #1, Kumar Rajnish #2 Anil Kumar #3 1,2,3 Department of Computer Science & Engineering, Birla Institute of Technology,

More information

Web Security: Vulnerabilities & Attacks

Web Security: Vulnerabilities & Attacks Computer Security Course. Song Dawn Web Security: Vulnerabilities & Attacks Cross-site Scripting What is Cross-site Scripting (XSS)? Vulnerability in web application that enables attackers to inject client-side

More information

SQL and Incomp?ete Data

SQL and Incomp?ete Data SQL and Incomp?ete Data A not so happy marriage Dr Paolo Guagliardo Applied Databases, Guest Lecture 31 March 2016 SQL is efficient, correct and reliable 1 / 25 SQL is efficient, correct and reliable...

More information

Generating String Attack Inputs Using Constrained Symbolic Execution. presented by Kinga Dobolyi

Generating String Attack Inputs Using Constrained Symbolic Execution. presented by Kinga Dobolyi Generating String Attack Inputs Using Constrained Symbolic Execution presented by Kinga Dobolyi What is a String Attack? Web applications are 3 tiered Vulnerabilities in the application layer Buffer overruns,

More information

Security Analyses For The Lazy Superhero

Security Analyses For The Lazy Superhero #1 Security Analyses For The Lazy Superhero #2 One-Slide Summary We can statically detect buffer overruns in programs by modeling the space allocated for a buffer and the space used for a buffer. We cannot

More information

Client/Server-Architecture

Client/Server-Architecture Client/Server-Architecture Content Client/Server Beginnings 2-Tier, 3-Tier, and N-Tier Architectures Communication between Tiers The Power of Distributed Objects Managing Distributed Systems The State

More information

Actian Hybrid Data Conference 2018 London

Actian Hybrid Data Conference 2018 London Disclaimer This document is for informational purposes only and is subject to change at any time without notice. The information in this document is proprietary to Actian and no part of this document may

More information

CSC Web Programming. Introduction to SQL

CSC Web Programming. Introduction to SQL CSC 242 - Web Programming Introduction to SQL SQL Statements Data Definition Language CREATE ALTER DROP Data Manipulation Language INSERT UPDATE DELETE Data Query Language SELECT SQL statements end with

More information

SQL Injection. EECS Introduction to Database Management Systems

SQL Injection. EECS Introduction to Database Management Systems SQL Injection EECS3421 - Introduction to Database Management Systems Credit "Foundations of Security: What Every Programmer Needs To Know" (Chapter 8) by Neil Daswani, Christoph Kern, and Anita Kesavan

More information

Axway API Portal Release Notes DRAFT

Axway API Portal Release Notes DRAFT Axway API Portal 7.5.4 Release Notes DRAFT Document version: 13 October 2017 New features and enhancements on page 1 Fixed issues on page 3 Known issues on page 3 Documentation on page 4 Support services

More information

OWASP Top David Caissy OWASP Los Angeles Chapter July 2017

OWASP Top David Caissy OWASP Los Angeles Chapter July 2017 OWASP Top 10-2017 David Caissy OWASP Los Angeles Chapter July 2017 About Me David Caissy Web App Penetration Tester Former Java Application Architect IT Security Trainer: Developers Penetration Testers

More information

Web 2.0 Attacks Explained

Web 2.0 Attacks Explained Web 2.0 Attacks Explained Kiran Maraju, CISSP, CEH, ITIL, ISO27001, SCJP Email: Kiran_maraju@yahoo.com Abstract This paper details various security concerns and risks associated with web 2.0 technologies

More information

COMP102: Introduction to Databases, 23

COMP102: Introduction to Databases, 23 COMP102: Introduction to Databases, 23 Dr Muhammad Sulaiman Khan Department of Computer Science University of Liverpool U.K. 04 April, 2011 Programming with SQL Specific topics for today: Client/Server

More information

Data 101 Which DB, When. Joe Yong Azure SQL Data Warehouse, Program Management Microsoft Corp.

Data 101 Which DB, When. Joe Yong Azure SQL Data Warehouse, Program Management Microsoft Corp. Data 101 Which DB, When Joe Yong (joeyong@microsoft.com) Azure SQL Data Warehouse, Program Management Microsoft Corp. The world is changing AI increased by 300% in 2017 Data will grow to 44 ZB in 2020

More information

This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in

This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in 1 This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in terms of prevalence (how much the vulnerability is widespread),

More information

An Introduction to Runtime Application Self-Protection (RASP)

An Introduction to Runtime Application Self-Protection (RASP) Product Analysis June 2016 An Introduction to Runtime Application Self-Protection (RASP) The Transformational Application Security Technology that Improves Protection and Operations Highly accurate. Easy

More information

My Query Builder Function

My Query Builder Function My Query Builder Function The My Query Builder function is used to build custom SQL queries for reporting information out of the TEAMS system. Query results can be exported to a comma-separated value file,

More information

CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS

CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 180 CHAPTER 8 CONCLUSION AND FUTURE ENHANCEMENTS 8.1 SUMMARY This research has focused on developing a Web Applications Secure System from Code Injection Vulnerabilities through Web Services (WAPS-CIVS),

More information

1. Data Model, Categories, Schemas and Instances. Outline

1. Data Model, Categories, Schemas and Instances. Outline Chapter 2: Database System Concepts and Architecture Outline Ramez Elmasri, Shamkant B. Navathe(2016) Fundamentals of Database Systems (7th Edition),pearson, isbn 10: 0-13-397077-9;isbn-13:978-0-13-397077-7.

More information

Manual Trigger Sql Server 2008 Examples Insert Update

Manual Trigger Sql Server 2008 Examples Insert Update Manual Trigger Sql Server 2008 Examples Insert Update blog.sqlauthority.com/2011/03/31/sql-server-denali-a-simple-example-of you need to manually delete this trigger or else you can't get into master too

More information

LECT 8 WEB SECURITY BROWSER SECURITY. Repetition Lect 7. WEB Security

LECT 8 WEB SECURITY BROWSER SECURITY. Repetition Lect 7. WEB Security Repetition Lect 7 LECT 8 WEB SECURITY Access control Runtime protection Trusted computing Java as basic model for signed code Trusted Computing Group TPM ARM TrustZone Mobile Network security GSM security

More information

Spring & Hibernate. Knowledge of database. And basic Knowledge of web application development. Module 1: Spring Basics

Spring & Hibernate. Knowledge of database. And basic Knowledge of web application development. Module 1: Spring Basics Spring & Hibernate Overview: The spring framework is an application framework that provides a lightweight container that supports the creation of simple-to-complex components in a non-invasive fashion.

More information

Static Vulnerability Analysis

Static Vulnerability Analysis Static Vulnerability Analysis Static Vulnerability Detection helps in finding vulnerabilities in code that can be extracted by malicious input. There are different static analysis tools for different kinds

More information

An Empirical Study of PHP Security Mechanism Usage. Experience Report: Johannes Dahse and Thorsten Holz Ruhr-University Bochum, Germany

An Empirical Study of PHP Security Mechanism Usage. Experience Report: Johannes Dahse and Thorsten Holz Ruhr-University Bochum, Germany Johannes Dahse and Thorsten Holz Ruhr-University Bochum, Germany ISSTA 2015, July 13-17, Baltimore, Maryland, USA 2 1.1 Web Application State 82% of all websites run PHP as server-side language Weakly-typed

More information

Web 2.0 and AJAX Security. OWASP Montgomery. August 21 st, 2007

Web 2.0 and AJAX Security. OWASP Montgomery. August 21 st, 2007 Web 2.0 and AJAX Security OWASP Montgomery August 21 st, 2007 Overview Introduction Definition of Web 2.0 Basics of AJAX Attack Vectors for AJAX Applications AJAX and Application Security Conclusions 1

More information

@InfluxDB. David Norton 1 / 69

@InfluxDB. David Norton 1 / 69 @InfluxDB David Norton (@dgnorton) david@influxdb.com 1 / 69 Instrumenting a Data Center 2 / 69 3 / 69 4 / 69 The problem: Efficiently monitor hundreds or thousands of servers 5 / 69 The solution: Automate

More information

From sif to SOFA. Andrew Simpson (and David Power, Douglas Russell and Mark Slaymaker) June 18th, Oxford University Computing Laboratory

From sif to SOFA. Andrew Simpson (and David Power, Douglas Russell and Mark Slaymaker) June 18th, Oxford University Computing Laboratory From to (and David Power, Douglas Russell and Mark Slaymaker) Oxford University Computing Laboratory June 18th, 2010 From to 1 Motivation 2 3 4 5 6 From to Motivation Increasingly, there is a drive in

More information

Intrusion Recovery for Database-backed Web Applications

Intrusion Recovery for Database-backed Web Applications Intrusion Recovery for Database-backed Web Applications Ramesh Chandra, Taesoo Kim, Meelap Shah, Neha Narula, Nickolai Zeldovich MIT CSAIL Web applications routinely compromised Web applications routinely

More information

Fortify Software Security Content 2017 Update 4 December 15, 2017

Fortify Software Security Content 2017 Update 4 December 15, 2017 Software Security Research Release Announcement Micro Focus Security Fortify Software Security Content 2017 Update 4 December 15, 2017 About Micro Focus Security Fortify SSR The Software Security Research

More information

Module: Future of Secure Programming

Module: Future of Secure Programming Module: Future of Secure Programming Professor Trent Jaeger Penn State University Systems and Internet Infrastructure Security Laboratory (SIIS) 1 Programmer s Little Survey Problem What does program for

More information

DecisionCAMP 2016: Solving the last mile in model based development

DecisionCAMP 2016: Solving the last mile in model based development DecisionCAMP 2016: Solving the last mile in model based development Larry Goldberg July 2016 www.sapiensdecision.com The Problem We are seeing very significant improvement in development Cost/Time/Quality.

More information

Probabilistic Attack Planning in Network + WebApps Scenarios

Probabilistic Attack Planning in Network + WebApps Scenarios Probabilistic Attack Planning in Network + WebApps Scenarios Carlos Sarraute Core Security Technologies and Ph.D. program in Informatics Engineering, ITBA H2HC Nov 28/29, 2009 Brief presentation My company:

More information

DB Fundamentals Exam.

DB Fundamentals Exam. IBM 000-610 DB2 10.1 Fundamentals Exam TYPE: DEMO http://www.examskey.com/000-610.html Examskey IBM 000-610 exam demo product is here for you to test the quality of the product. This IBM 000-610 demo also

More information

Web Applications. Software Engineering 2017 Alessio Gambi - Saarland University

Web Applications. Software Engineering 2017 Alessio Gambi - Saarland University Web Applications Software Engineering 2017 Alessio Gambi - Saarland University Based on the work of Cesare Pautasso, Christoph Dorn, Andrea Arcuri, and others ReCap Software Architecture A software system

More information

AN EVALUATION OF THE GOOGLE CHROME EXTENSION SECURITY ARCHITECTURE

AN EVALUATION OF THE GOOGLE CHROME EXTENSION SECURITY ARCHITECTURE AN EVALUATION OF THE GOOGLE CHROME EXTENSION SECURITY ARCHITECTURE Nicholas Carlini, Adrienne Porter Felt, David Wagner University of California, Berkeley CHROME EXTENSIONS CHROME EXTENSIONS servers servers

More information

Computer Security CS 426 Lecture 41

Computer Security CS 426 Lecture 41 Computer Security CS 426 Lecture 41 StuxNet, Cross Site Scripting & Cross Site Request Forgery CS426 Fall 2010/Lecture 36 1 StuxNet: Overview Windows-based Worm First reported in June 2010, the general

More information

Home-grown CASE tools with XML and XSLT

Home-grown CASE tools with XML and XSLT Home-grown CASE tools with XML and XSLT Rick van Rein Richard Brinkman University of Twente, the Netherlands {vanrein,brinkman}@cs.utwente.nl March 13, 2000 Abstract This paper demonstrates an approach

More information

Web System and Technologies (Objective + Subjective)

Web System and Technologies (Objective + Subjective) 1. What four components are needed to create a fully dynamic web page. A web server (such as Apache), a server-side scripting language (PHP), a database (MySQL), and a client-side scripting language (JavaScript)

More information

Bonus Content. Glossary

Bonus Content. Glossary Bonus Content Glossary ActiveX control: A reusable software component that can be added to an application, reducing development time in the process. ActiveX is a Microsoft technology; ActiveX components

More information

Oracle Compare Two Database Tables Sql Query List All

Oracle Compare Two Database Tables Sql Query List All Oracle Compare Two Database Tables Sql Query List All We won't show you that ad again. I need to implement comparing 2 tables by set of keys (columns of compared tables). This pl/sql stored procedure works

More information

CMP-3440 Database Systems

CMP-3440 Database Systems CMP-3440 Database Systems Relational DB Languages Relational Algebra, Calculus, SQL Lecture 05 zain 1 Introduction Relational algebra & relational calculus are formal languages associated with the relational

More information

Web Application Security. Philippe Bogaerts

Web Application Security. Philippe Bogaerts Web Application Security Philippe Bogaerts OWASP TOP 10 3 Aim of the OWASP Top 10 educate developers, designers, architects and organizations about the consequences of the most common web application security

More information

Application Links. Chapter 7.1 V3.0. Napier University Dr Gordon Russell

Application Links. Chapter 7.1 V3.0. Napier University Dr Gordon Russell Application Links Chapter 7.1 V3.0 Copyright @ Napier University Dr Gordon Russell Introduction Up till now we have controlled our databases using an interactive tutorial window In reality we will be writing

More information

Kyle Brown Knowledge Systems Corporation by Kyle Brown and Knowledge Systems Corporation

Kyle Brown Knowledge Systems Corporation by Kyle Brown and Knowledge Systems Corporation Kyle Brown Knowledge Systems Corporation 1 What is the JDBC? What other persistence mechanisms are available? What facilities does it offer? How is it used? 2 JDBC is the Java DataBase Connectivity specification

More information

RED HAT'S CONTAINER STRATEGY. Lars Herrmann General Manager, RHEL, RHEV and Containers June 24, 2015

RED HAT'S CONTAINER STRATEGY. Lars Herrmann General Manager, RHEL, RHEV and Containers June 24, 2015 RED HAT'S CONTAINER STRATEGY Lars Herrmann General Manager, RHEL, RHEV and Containers June 24, 2015 1 DEVELOPMENT VS I.T. OPERATIONS DEVELOPER IT OPERATIONS 2 DEVELOPERS WANT TO GO FAST DEVELOPER 3 HOW

More information

XPath. by Klaus Lüthje Lauri Pitkänen

XPath. by Klaus Lüthje Lauri Pitkänen XPath by Klaus Lüthje Lauri Pitkänen Agenda Introduction History Syntax Additional example and demo Applications Xpath 2.0 Future Introduction Expression language for Addressing portions of an XML document

More information

NULLs Make Things Easier?

NULLs Make Things Easier? NULLs Make Things Easier? BRUCE MOMJIAN Nulls are a very useful but also very error-prone relational database feature. This talk is designed to help applications developers better manage their use of nulls.

More information

An Introduction to the Waratek Application Security Platform

An Introduction to the Waratek Application Security Platform Product Analysis January 2017 An Introduction to the Waratek Application Security Platform The Transformational Application Security Technology that Improves Protection and Operations Highly accurate.

More information

2017 Politecnico di Torino 1

2017 Politecnico di Torino 1 SQL for the applications Call Level Interface Requests are sent to the DBMS through functions of the host language solution based on predefined interfaces API, Application Programming Interface SQL instructions

More information

1. Data Definition Language.

1. Data Definition Language. CSC 468 DBMS Organization Spring 2016 Project, Stage 2, Part 2 FLOPPY SQL This document specifies the version of SQL that FLOPPY must support. We provide the full description of the FLOPPY SQL syntax.

More information

2017 Politecnico di Torino 1

2017 Politecnico di Torino 1 SQL for the applications Call Level Interface Requests are sent to the DBMS through functions of the host language solution based on predefined interfaces API, Application Programming Interface SQL instructions

More information

ShiftLeft. OWASP SAST Benchmark

ShiftLeft. OWASP SAST Benchmark ShiftLeft OWASP SAST Benchmark Table of Contents Overview... 2 Towards a new generation of static analysis products... 2 Results on the OWASP benchmark... 3 Ingredient #1: Our data flow tracker... 4 Ingredient

More information

Assertions, Views, and Programming. CS157A Chris Pollett Oct. 31, 2005.

Assertions, Views, and Programming. CS157A Chris Pollett Oct. 31, 2005. Assertions, Views, and Programming CS157A Chris Pollett Oct. 31, 2005. Outline Assertions Views Database Programming Assertions It is useful to be able to specify general constraints in SQL -- i.e., other

More information

Essay Question: Explain 4 different means by which constrains are represented in the Conceptual Data Model (CDM).

Essay Question: Explain 4 different means by which constrains are represented in the Conceptual Data Model (CDM). Question 1 Essay Question: Explain 4 different means by which constrains are represented in the Conceptual Data Model (CDM). By specifying participation conditions By specifying the degree of relationship

More information

Wentworth Institute of Technology COMP570 Database Applications Fall 2014 Derbinsky. SQL Programming. Lecture 8. SQL Programming

Wentworth Institute of Technology COMP570 Database Applications Fall 2014 Derbinsky. SQL Programming. Lecture 8. SQL Programming Lecture 8 1 Outline Context General Approaches Typical Programming Sequence Examples 2 Database Design and Implementation Process Normalization 3 SQL via API Embedded SQL SQLJ General Approaches DB Programming

More information

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams Actual4Test http://www.actual4test.com Actual4test - actual test exam dumps-pass for IT exams Exam : C2120-800 Title : IBM PureApplication System V1.1, System Administration Vendor : IBM Version : DEMO

More information

Defining Injection Attacks

Defining Injection Attacks Defining Injection Attacks RA: Donald Ray dray3@cse.usf.edu PI: Jay Ligatti ligatti@cse.usf.edu Motivation Output Program Application Inputs Motivation 123456 Application Output Program Inputs SELECT balance

More information

Security. CSC309 TA: Sukwon Oh

Security. CSC309 TA: Sukwon Oh Security CSC309 TA: Sukwon Oh Outline SQL Injection NoSQL Injection (MongoDB) Same Origin Policy XSSI XSS CSRF (XSRF) SQL Injection What is SQLI? Malicious user input is injected into SQL statements and

More information

FACULTY OF ENGINEERING B.E. 4/4 (CSE) II Semester (Old) Examination, June Subject : Information Retrieval Systems (Elective III) Estelar

FACULTY OF ENGINEERING B.E. 4/4 (CSE) II Semester (Old) Examination, June Subject : Information Retrieval Systems (Elective III) Estelar B.E. 4/4 (CSE) II Semester (Old) Examination, June 2014 Subject : Information Retrieval Systems Code No. 6306 / O 1 Define Information retrieval systems. 3 2 What is precision and recall? 3 3 List the

More information

Coding for Penetration Testers Building Better Tools

Coding for Penetration Testers Building Better Tools Coding for Penetration Testers Building Better Tools Second Edition Jason Andress Ryan Linn Clara Hartwell, Technical Editor ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback