Des petits bugs aux virus Quelques travaux et études au Laboratoire de Haute Sécurité du Loria. Jean-Yves Marion
|
|
|
- Calvin Poole
- 5 years ago
- Views:
Transcription
1 Des petits bugs aux virus Quelques travaux et études au Laboratoire de Haute Sécurité du Loria!!!
2 Advertising networks Web applications Compromised XSS SQL Injection Data User User browser http protocole Server Java/PHP Many boundaries and possible attacks Untrusted applications
3 The ingredients of an attack.
4 Vulnerabilities Exploit 0-day Buffer/Stack overflow A bug may be exploited in order! to take control of a system A bug-free system is a good security! Need of a trusted formalization! See CompCert project! See formalization in COQ of PHP SQL/Code injection
5 Social engineering You can t patch stupidity
6 Figure 2. Timeline of WALEDAC activities Figure 6. WALEDAC rips text off from Obama s website, Figure 2. Christmas ecard website Botnet Waledac
7 Watering hole attack Installation of! Remote Administration Tool
8 The defenses.
9 Samples and Signatures High Security lab Today downloaded binaries malicious attacks Network traces 8 Go of PCAP data 110 Go of netflow!!! Malware repository 6 millions of malware Telescope and Honeypots! Architecture multi-providers Loria
10 Anti-Malware 1. Difficult for a human analyst to understand a malware code Detection by syntactic signature 1. Ollydbg Pro : Efficient and easy to implement Cons 2.IDA : Signatures Pro are quasi-manually constructed Cons : Vulnerable to malware protections Integrity checks Introduction Trace abstraction Behavior patterns Abstracting by reduction Trace automata Trace automata Pro : Too many updates in a modern system Regular abstraction Behavior analysis Malicious behavior detection Experiments Conclusion Pro : Could detect new attacks Cons : Difficult to implement J-Y Marion, le 20 Septembre 2012 what is a bad behavior? Trace language of a program: generally undecidable. Approximation by a regular language: using trace collection or static analysis. = A trace automaton is a finite state approximation of some trace language. IcmpSendEcho GetDriveType FindFirstFile FindNextFile GetLogicalDriveStrings GetDriveType FindFirstFile FindNextFile FindFirstFile FindNextFile 64 Require to monitor the system 12 / 22
11 Undecidable! Bad M False Positive M Good M Malware False negative
12 The problem
13 Anti Anti-Malware 1.Obfuscation 2.Cryptography Malware analysis is very hard 3.Self-modification 4.Anti-analysis tricks Goal : Rational approach to help Felix the cat!
![Obfuscation mis-alignment telock 01006e7a fe 04 0b inc byte [ ebx+ecx ] 01006e7d eb ff jmp +1 01006e7e ff c9 dec ecx 01006e80 7 f e6 jg 01006e68 01006e82 8b c1 mov eax, ecx IDA fails because of jmp](/docs-images/92/109600214/images/14-0.jpg "+1 01006E7A inc byte ptr [ ebx+ecx ] 01006E7D jmp short near ptr loc_1006e7d+1 01006E7D ; 01006E7F BB [0x0 -> 0x2] (0x3) db 0x00C9h inc byte ; [ebx+ecx] BB [0x4 -> 0x5] (0x2) 0x4 dec ecx 01006E80 db")
14 Obfuscation mis-alignment telock 01006e7a fe 04 0b inc byte [ ebx+ecx ] 01006e7d eb ff jmp e7e ff c9 dec ecx 01006e80 7 f e6 jg 01006e e82 8b c1 mov eax, ecx IDA fails because of jmp E7A inc byte ptr [ ebx+ecx ] 01006E7D jmp short near ptr loc_1006e7d E7D ; 01006E7F BB [0x0 -> 0x2] (0x3) db 0x00C9h inc byte ; [ebx+ecx] BB [0x4 -> 0x5] (0x2) 0x4 dec ecx 01006E80 db 7Fh ; 01006E81 db 0E6h ; 01006E82 db 8Bh ; 01006E83 db 0C1h ; BB [0x3 -> 0x4] (0x2) BB [0x6 -> 0x7] (0x2) With Radare (TODO: recursive?), 0x3 the jmp telock 0x4 example is disassembl 0x6 jg 0x ee BB [0x8 -> 0x9] (0x2) 0x8 mov eax, ecx
15 A common protection scheme for malware Decrypt Decrypt Decrypt Wave 1 Wave 2... payload A run is a sequence of waves Self-modifying program schema
16 The best definition! of a malware? And a fascinating! challenge
PRESENTED BY: SANTOSH SANGUMANI & SHARAN NARANG
PRESENTED BY: SANTOSH SANGUMANI & SHARAN NARANG Table of contents Introduction Binary Disassembly Return Address Defense Prototype Implementation Experimental Results Conclusion Buffer Over2low Attacks
16.317: Microprocessor Systems Design I Fall 2013
16.317: Microprocessor Systems Design I Fall 2013 Exam 1 Solution 1. (20 points, 5 points per part) Multiple choice For each of the multiple choice questions below, clearly indicate your response by circling
NET 311 INFORMATION SECURITY
NET 311 INFORMATION SECURITY Networks and Communication Department Lec12: Software Security / Vulnerabilities lecture contents: o Vulnerabilities in programs Buffer Overflow Cross-site Scripting (XSS)
Autodesk AutoCAD DWG-AC1021 Heap Corruption
security research Autodesk AutoCAD DWG-AC1021 Heap Corruption Mar 2013 AutoCAD is a software for computer-aided design (CAD) and technical drawing in 2D/3D, being one of the worlds leading CAD design tools.
CS 499 Lab 3: Disassembly of slammer.bin I. PURPOSE
CS 499 Lab 3: Disassembly of slammer.bin I. PURPOSE The purpose of this exercise is to learn Intel assembly language by disassembling a small piece of code and extensively commenting the resulting instructions.
CoDisasm: Medium Scale Concatic Disassembly of Self-Modifying Binaries with Overlapping Instructions.
CoDisasm: Medium Scale Concatic Disassembly of Self-Modifying Binaries with Overlapping Instructions Guillaume Bonfante, Jose Fernandez, Jean-Yves Marion, Benjamin Rouxel, Fabrice Sabatier, Aurélien Thierry
Rev101. spritzers - CTF team. spritz.math.unipd.it/spritzers.html
Rev101 spritzers - CTF team spritz.math.unipd.it/spritzers.html Disclaimer All information presented here has the only purpose of teaching how reverse engineering works. Use your mad skillz only in CTFs
MODE (mod) FIELD CODES. mod MEMORY MODE: 8-BIT DISPLACEMENT MEMORY MODE: 16- OR 32- BIT DISPLACEMENT REGISTER MODE
EXERCISE 9. Determine the mod bits from Figure 7-24 and write them in Table 7-7. MODE (mod) FIELD CODES mod 00 01 10 DESCRIPTION MEMORY MODE: NO DISPLACEMENT FOLLOWS MEMORY MODE: 8-BIT DISPLACEMENT MEMORY
T Jarkko Turkulainen, F-Secure Corporation
T-110.6220 2010 Emulators and disassemblers Jarkko Turkulainen, F-Secure Corporation Agenda Disassemblers What is disassembly? What makes up an instruction? How disassemblers work Use of disassembly In
Lecture Notes for 04/04/06: UNTRUSTED CODE Fatima Zarinni.
Lecture Notes for 04/04/06 UNTRUSTED CODE Fatima Zarinni. Last class we started to talk about the different System Solutions for Stack Overflow. We are going to continue the subject. Stages of Stack Overflow
Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define
EECE.3170: Microprocessor Systems Design I Spring 2016
EECE.3170: Microprocessor Systems Design I Spring 2016 Exam 1 Solution 1. (20 points, 5 points per part) Multiple choice For each of the multiple choice questions below, clearly indicate your response
CSC 591 Systems Attacks and Defenses Reverse Engineering Part 1
CSC 591 Systems Attacks and Defenses Reverse Engineering Part 1 Alexandros Kapravelos akaprav@ncsu.edu Reverse engineering Introduction process of analyzing a system understand its structure and functionality
1.1 For Fun and Profit. 1.2 Common Techniques. My Preferred Techniques
1 Bug Hunting Bug hunting is the process of finding bugs in software or hardware. In this book, however, the term bug hunting will be used specifically to describe the process of finding security-critical
Kishin Fatnani. Founder & Director K-Secure. Workshop : Application Security: Latest Trends by Cert-In, 30 th Jan, 2009
Securing Web Applications: Defense Mechanisms Kishin Fatnani Founder & Director K-Secure Workshop : Application Security: Latest Trends by Cert-In, 30 th Jan, 2009 1 Agenda Current scenario in Web Application
SA31675 / CVE
Generated by Secunia 10 September, 2008 5 pages Table of Contents Introduction 2 Technical Details 2 Exploitation 4 Characteristics 4 Tested Versions 4 Fixed Versions 5 References 5 Generated by Secunia
Base64 The Security Killer
Base64 The Security Killer Kevin Fiscus NWN Corporation Session ID: DAS-203 Session Classification: Intermediate A Short (Made Up) Security Story Helix Pharmaceuticals is concerned about security Industrial
Defending against Polymorphic Attacks: Recent Results and Open Questions
Defending against Polymorphic Attacks: Recent Results and Open Questions mikepo@ics.forth.gr Institute of Computer Science Foundation for Research and Technology Hellas Crete, Greece TERENA Networking
4. Jump to *RA 4. StackGuard 5. Execute code 5. Instruction Set Randomization 6. Make system call 6. System call Randomization
04/04/06 Lecture Notes Untrusted Beili Wang Stages of Static Overflow Solution 1. Find bug in 1. Static Analysis 2. Send overflowing input 2. CCured 3. Overwrite return address 3. Address Space Randomization
WebShell UDURRANI.COM
WebShell UDURRANI.COM Webshell is simply a backdoor used by attackers to enable remote administration and control. It s normally an obfuscated script i.e. php, cgi, aspx. Attacker could access webshell
CVE EXPLOIT USING 108 BYTES AND DOWNLOADING A FILE WITH YOUR UNLIMITED CODE BY VALTHEK
CVE-2017-11882 EXPLOIT USING 108 BYTES AND DOWNLOADING A FILE WITH YOUR UNLIMITED CODE BY VALTHEK First words of thank to Embedy Company to discover the initial exploit and POC of 44 bytes máximum, Ridter
UTM Firewall Registration & Activation Manual DFL-260/ 860. Ver 1.00 Network Security Solution
UTM Firewall Registration & Activation Manual DFL-260/ 860 Ver 1.00 curitycu Network Security Solution http://security.dlink.com.tw 1.Introduction...02 2.Apply for a D-Link Membership...03 3.D-Link NetDefend
Building Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
SSL Automated Signatures
SSL Automated Signatures WilliamWilsonandJugalKalita DepartmentofComputerScience UniversityofColorado ColoradoSprings,CO80920USA wjwilson057@gmail.com and kalita@eas.uccs.edu Abstract In the last few years
Agenda. Motivation Generic unpacking Typical problems Results
Who we are Product: ewido security suite Protection against Trojans, Adware, Spyware,... First release: Christmas 2003 Emulation research since 2002 Used for generic unpacking Agenda Motivation Generic
ANZTB SIGIST May 2011 Perth OWASP How minor vulnerabilities can do very bad things. OWASP Wednesday 25 th May The OWASP Foundation
ANZTB SIGIST May 2011 Perth OWASP How minor vulnerabilities can do very bad things Christian Frichot / David Taylor (Some of) Perth OWASP s Chapter Leads OWASP Wednesday 25 th May 2011 Copyright The OWASP
Virus Analysis. Introduction to Malware. Common Forms of Malware
Virus Analysis Techniques, Tools, and Research Issues Part I: Introduction Michael Venable Arun Lakhotia, USA Introduction to Malware Common Forms of Malware Detection Techniques Anti-Detection Techniques
Detecting Metamorphic Computer Viruses using Supercompilation
Detecting Metamorphic Computer Viruses using Supercompilation Alexei Lisitsa and Matt Webster In this paper we present a novel approach to detection of metamorphic computer viruses by proving program equivalence
Protection Against Malware. Alan German Ottawa PC Users Group
Protection Against Malware Alan German Ottawa PC Users Group Minimum Requirements (1) Up-to-date anti-virus and anti-spyware software (2) Software firewall (3) Fully-patched operating system (Windows Update)
How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis
White paper How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis AhnLab, Inc. Table of Contents Introduction... 1 Multidimensional Analysis... 1 Cloud-based Analysis...
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline
CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment
ISOLATION DEFENSES GRAD SEC OCT
ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted environment Setting Possibly with multiple tenants OS: users / processes Browser: webpages / browser extensions Cloud:
Is Browsing Safe? Web Browser Security. Subverting the Browser. Browser Security Model. XSS / Script Injection. 1. XSS / Script Injection
Is Browsing Safe? Web Browser Security Charlie Reis Guest Lecture - CSE 490K - 5/24/2007 Send Spam Search Results Change Address? Install Malware Web Mail Movie Rentals 2 Browser Security Model Pages are
Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.
Web 2.0 Security Recommendations Ken Kaminski Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems 1 Agenda Reputation Services Web application security Secure Coding and Web Application
WEB SECURITY WORKSHOP TEXSAW Presented by Solomon Boyd and Jiayang Wang
WEB SECURITY WORKSHOP TEXSAW 2014 Presented by Solomon Boyd and Jiayang Wang Introduction and Background Targets Web Applications Web Pages Databases Goals Steal data Gain access to system Bypass authentication
Maximum Security with Minimum Impact : Going Beyond Next Gen
SESSION ID: SP03-W10 Maximum Security with Minimum Impact : Going Beyond Next Gen Wendy Moore Director, User Protection Trend Micro @WMBOTT Hyper-competitive Cloud Rapid adoption Social Global Mobile IoT
CTF Workshop. Crim Synopsys, Inc. 1
CTF Workshop Crim2018 31.10.2018 2018 Synopsys, Inc. 1 CTF (Capture the Flag) Capture the Flag (CTF) is a computer security competition. CTF are usually designed test and teach computer security skills.
Inject malicious code Call any library functions Modify the original code
Inject malicious code Call any library functions Modify the original code 2 Sadeghi, Davi TU Darmstadt 2012 Secure, Trusted, and Trustworthy Computing Chapter 6: Runtime Attacks 2 3 Sadeghi, Davi TU Darmstadt
SA33901 / CVE
Released by Secunia 23 February, 2009 6 pages Table of Contents Terms and Conditions 2 Introduction 3 Technical Details 3 Exploitation 5 Characteristics 5 Tested Versions 6 Fixed Versions 6 References
The Importance of Interpretability in Cyber Security Analytics
The Importance of Interpretability in Cyber Security Analytics Juston Moore Advanced Research in Cyber Systems Group October 4, 2017 Operated by Los Alamos National Security, LLC for the U.S. Department
Norman presentation. From Storm to Waledac. By Hans Christoffer Gaardløs Hansen virus analyst, Norman ASA
Norman presentation From Storm to Waledac By Hans Christoffer Gaardløs Hansen virus analyst, Norman ASA Storm first peer-to-peer botnet Old method IRC-server Specific chat-channels and run commandoes via
Title: Reverse Engineering: Anti-Cracking Techniques. Date: April 12th Website:
Title: Reverse Engineering: Anti-Cracking Techniques Date: April 12th 2008 Website: http://www.astalavista.com Author: Nicolaou George Mail: ishtus@astalavista.com Author: Charalambous Glafkos Mail: glafkos@astalavista.com
P2_L12 Web Security Page 1
P2_L12 Web Security Page 1 Reference: Computer Security by Stallings and Brown, Chapter (not specified) The web is an extension of our computing environment, because most of our daily tasks involve interaction
CSC 405 Computer Security Reverse Engineering Part 1
CSC 405 Computer Security Reverse Engineering Part 1 Alexandros Kapravelos akaprav@ncsu.edu Introduction Reverse engineering process of analyzing a system understand its structure and functionality used
sottotitolo System Security Introduction Milano, XX mese 20XX A.A. 2016/17 Federico Reghenzani
Titolo presentazione Piattaforme Software per la Rete sottotitolo System Security Introduction Milano, XX mese 20XX A.A. 2016/17 Outline 1) Introduction to System Security 2) Basic Exploits 3) Network
Introduction to Reverse Engineering. Alan Padilla, Ricardo Alanis, Stephen Ballenger, Luke Castro, Jake Rawlins
Introduction to Reverse Engineering Alan Padilla, Ricardo Alanis, Stephen Ballenger, Luke Castro, Jake Rawlins Reverse Engineering (of Software) What is it? What is it for? Binary exploitation (the cool
Q1: Multiple choice / 20 Q2: Memory addressing / 40 Q3: Assembly language / 40 TOTAL SCORE / 100
16.317: Microprocessor-Based Systems I Fall 2012 Exam 1 October 3, 2012 Name: ID #: For this exam, you may use a calculator and one 8.5 x 11 double-sided page of notes. All other electronic devices (e.g.,
Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?
Jeroen van Beek 1 Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions? 2 Inadequate OS and application security: Data abuse Stolen information Bandwidth
Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 5 Host, Application, and Data Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 5 Host, Application, and Data Security Objectives List the steps for securing a host computer Define application security Explain
Application vulnerabilities and defences
Application vulnerabilities and defences In this lecture We examine the following : SQL injection XSS CSRF SQL injection SQL injection is a basic attack used to either gain unauthorized access to a database
/ 30 Q3: Arithmetic instructions / 30 Q4: Logical instructions / 20 TOTAL SCORE / 100 Q5: EXTRA CREDIT / 10
EECE.3170: Microprocessor Systems Design I Spring 2016 Exam 1 February 19, 2016 Name: Section (circle 1): 201 (MWF 9-9:50) 202 (MWF 10-10:50) For this exam, you may use a calculator and one 8.5 x 11 double-sided
CS 161 Computer Security
Raluca Ada Popa Spring 2018 CS 161 Computer Security Discussion 9 Week of March 19, 2018 Question 1 Warmup: SOP (15 min) The Same Origin Policy (SOP) helps browsers maintain a sandboxed model by preventing
Analysis and Visualization of Common Packers
Analysis and Visualization of Common Packers PowerOfCommunity, Seoul Ero Carrera - ero.carrera@gmail.com Reverse Engineer at zynamics GmbH Chief Research Officer at VirusTotal Introduction An historical
CIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1
Version 1 1. (20 Points) Given the class A network address 121.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 8,100 subnets? b. (5 Points) What is
A leading antivirus software company outsmarts viruses and malware and makes the Internet safer.
A leading antivirus software company outsmarts viruses and malware and makes the Internet safer. Technosoft s Threat Researchers improve detection, reduce customer escalations and are at the forefront
Ramblr. Making Reassembly Great Again
Ramblr Making Reassembly Great Again Ruoyu Fish Wang, Yan Shoshitaishvili, Antonio Bianchi, Aravind Machiry, John Grosen, Paul Grosen, Christopher Kruegel, Giovanni Vigna Motivation Available Solutions
Catching up with today's malicious actors. Current security posture and future possible actions. OWASP EEE Bucharest Event 2015 Adrian Ifrim
Catching up with today's malicious actors Current security posture and future possible actions OWASP EEE Bucharest Event 2015 Adrian Ifrim Disclaimer The content of this presentation does not reflect the
Detecting Drive-by-Download Attacks based on HTTP Context-Types Ryo Kiire, Shigeki Goto Waseda University
Detecting Drive-by-Download Attacks based on HTTP Context-Types Ryo Kiire, Shigeki Goto Waseda University 1 Outline Background Related Work Purpose Method Experiment Results Conclusion & Future Work 2
Virus.Dos.Honey.666 Report
Virus.Dos.Honey.666 Report Feng Zhu (fzhu001@fiu.edu), Jinpeng Wei (weijp@cs.fiu.edu) 1 Malware General Information Malware Name: Virus.Dos.Honey.666 named by Kaspersky File size: 1698 bytes File type:
ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review
ACS-3921-001/4921-001 Computer Security And Privacy Fall 2018 Mid-Term Review ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been adopted and/or modified
Binary Code Analysis: Concepts and Perspectives
Binary Code Analysis: Concepts and Perspectives Emmanuel Fleury LaBRI, Université de Bordeaux, France May 12, 2016 E. Fleury (LaBRI, France) Binary Code Analysis: Concepts
Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?
Jeroen van Beek 1 Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions? 2 Inadequate OS and application security: Data abuse Stolen information Bandwidth
The OWASP Foundation
Application Bug Chaining July 2009 Mark Piper User Catalyst IT Ltd. markp@catalyst.net.nz Copyright The Foundation Permission is granted to copy, distribute and/or modify this document under the terms
4. Specifications and Additional Information
4. Specifications and Additional Information AGX52004-1.0 8B/10B Code This section provides information about the data and control codes for Arria GX devices. Code Notation The 8B/10B data and control
Introduction Skype analysis Enforcing anti-skype policies. Skype uncovered. Security study of Skype. Desclaux Fabrice 1 EADS CCR/STI/C
Security study of Skype 1 1 EADS CCR/STI/C Should we be afraid of Skype? 1 Introduction Should we be afraid of Skype? 2 3 Skype detection Quick overview of Skype Should we be afraid of Skype? End-user
You will discuss topics related to ethical hacking, information risks, and security techniques which hackers will seek to circumvent.
IDPS Effectiveness and Primary Takeaways You will discuss topics related to ethical hacking, information risks, and security techniques which hackers will seek to circumvent. IDPS Effectiveness and Primary
Lec04: Writing Exploits. Taesoo Kim
1 Lec04: Writing Exploits Taesoo Kim Scoreboard 2 3 Administrivia Please join Piazza An optional recitation at 5-7pm on every Wed (in CoC 052) Due : Lab03 s deadline is on Sept 20th at midnight 4 Best
Malware Analysis and Antivirus Technologies: Using Debuggers to Analyze Malware
Malware Analysis and Antivirus Technologies: Using Debuggers to Analyze Malware Protecting the irreplaceable f-secure.com Agenda Debugger basics Introduction Scenarios and tools How debuggers work Debug
Application security : going quicker
Application security : going quicker The web application firewall example Agenda Agenda o Intro o Application security o The dev team approach o The infra team approach o Impact of the agility o The WAF
Managing SonicWall Gateway Anti Virus Service
Managing SonicWall Gateway Anti Virus Service SonicWall Gateway Anti-Virus (GAV) delivers real-time virus protection directly on the SonicWall security appliance by using SonicWall s IPS-Deep Packet Inspection
IS THERE A HOLE IN YOUR RISC-V SECURITY STACK? JOTHY ROSENBERG DOVER MICROSYSTEMS
IS THERE A HOLE IN YOUR RISC-V SECURITY STACK? JOTHY ROSENBERG DOVER MICROSYSTEMS I understand the difference in destruction is dramatic, but this has a whiff of August 1945. Someone just used a new weapon,
Exploiting Stack Buffer Overflows Learning how blackhats smash the stack for fun and profit so we can prevent it
Exploiting Stack Buffer Overflows Learning how blackhats smash the stack for fun and profit so we can prevent it 29.11.2012 Secure Software Engineering Andreas Follner 1 Andreas Follner Graduated earlier
Gladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
Application Security through a Hacker s Eyes James Walden Northern Kentucky University
Application Security through a Hacker s Eyes James Walden Northern Kentucky University waldenj@nku.edu Why Do Hackers Target Web Apps? Attack Surface A system s attack surface consists of all of the ways
Spectre and Meltdown. Clifford Wolf q/talk
Spectre and Meltdown Clifford Wolf q/talk 2018-01-30 Spectre and Meltdown Spectre (CVE-2017-5753 and CVE-2017-5715) Is an architectural security bug that effects most modern processors with speculative
egov & PKI By: Alaa Eldin Mahmoud Aly YOUR LOGO
egov & PKI By: Alaa Eldin Mahmoud Aly YOUR LOGO e-government Survey 2014 United Nations Page 2 EGDI: E-Government Development Index National ID & Digital Signature Estonian Prime Minister Andrus Ansip
1 Number Representation(10 points)
Name: Sp15 Midterm Q1 1 Number Representation(10 points) 1 NUMBER REPRESENTATION(10 POINTS) Let x=0xe and y=0x7 be integers stored on a machine with a word size of 4bits. Show your work with the following
A Survey of Obfuscations in Prevalent Packer Tools
A Survey of Obfuscations in Prevalent Packer Tools Kevin Roundy Paradyn Project Paradyn / Dyninst Week Madison, Wisconsin March 26, 2012 1 Types of program analysis Source code Friendly binary Uncooperative
Certified Ethical Hacker (CEH)
Certified Ethical Hacker (CEH) COURSE OVERVIEW: The most effective cybersecurity professionals are able to predict attacks before they happen. Training in Ethical Hacking provides professionals with the
QUARTERLY TRENDS AND ANALYSIS REPORT
September 1, 2007 Volume 2, Issue 3 QUARTERLY TRENDS AND ANALYSIS REPORT www.us-cert.gov Introduction This report summarizes and provides analysis of incident reports submitted to US-CERT during the U.S.
ANALYSIS OF MODERN ATTACKS ON ANTIVIRUSES
ANALYSIS OF MODERN ATTACKS ON ANTIVIRUSES 1 SILNOV DMITRY SERGEEVICH, 2 TARAKANOV OLEG VLADIMIROVICH Department of Information Systems and Technologies, National Research Nuclear University MEPhI (Moscow
IA-32 Architecture. CS 4440/7440 Malware Analysis and Defense
IA-32 Architecture CS 4440/7440 Malware Analysis and Defense Intel x86 Architecture } Security professionals constantly analyze assembly language code } Many exploits are written in assembly } Source code
Practical Malware Analysis
Practical Malware Analysis Ch 4: A Crash Course in x86 Disassembly Revised 1-16-7 Basic Techniques Basic static analysis Looks at malware from the outside Basic dynamic analysis Only shows you how the
ANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company
The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company November 12, 2014 Malware s Evolution Why the change? Hacking is profitable! Breaches and Malware are Projected to Cost $491
T Using debuggers to analyze malware. Antti Tikkanen, F-Secure Corporation
T-110.6220 Using debuggers to analyze malware Antti Tikkanen, F-Secure Corporation Agenda Debugger basics Introduction Scenarios and tools How do debuggers work? Debug API The debugging loop Underlying
F5 Application Security. Radovan Gibala Field Systems Engineer
1 F5 Application Security Radovan Gibala Field Systems Engineer r.gibala@f5.com +420 731 137 223 2007 2 Agenda Challenge Websecurity What are the problems? Building blocks of Web Applications Vulnerabilities
Web Security: Vulnerabilities & Attacks
Computer Security Course. Song Dawn Web Security: Vulnerabilities & Attacks Cross-site Scripting What is Cross-site Scripting (XSS)? Vulnerability in web application that enables attackers to inject client-side
EECE.3170: Microprocessor Systems Design I Summer 2017 Homework 4 Solution
1. (40 points) Write the following subroutine in x86 assembly: Recall that: int f(int v1, int v2, int v3) { int x = v1 + v2; urn (x + v3) * (x v3); Subroutine arguments are passed on the stack, and can
This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process.
EC Council Certified Ethical Hacker V9 This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process. Here, you will be exposed to an entirely different
BINARY-LEVEL SECURITY: SEMANTIC ANALYSIS TO THE RESCUE
BINARY-LEVEL SECURITY: SEMANTIC ANALYSIS TO THE RESCUE Sébastien Bardin (CEA LIST) Joint work with Richard Bonichon, Robin David, Adel Djoudi & many other people 1 ABOUT MY LAB @CEA 2 IN A NUTSHELL Binary-level
FEATURE. Domain verification system SWEET ORANGE. iframe cryptor service
FEATURE WHAT ARE BROWSER EXPLOIT KITS UP TO? A LOOK INTO SWEET ORANGE AND PROPACK Aditya K. Sood, Richard J. Enbody Michigan State University, USA Rohit Bansal Independent Security Researcher, USA At the
SentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
Outline STRANGER. Background
Outline Malicious Code Analysis II : An Automata-based String Analysis Tool for PHP 1 Mitchell Adair 2 November 28 th, 2011 Outline 1 2 Credit: [: An Automata-based String Analysis Tool for PHP] Background
Advanced Diploma on Information Security
Course Name: Course Duration: Prerequisites: Course Fee: Advanced Diploma on Information Security 300 Hours; 12 Months (10 Months Training + 2 Months Project Work) Candidate should be HSC Pass & Basic
Certified Secure Web Application Engineer
Certified Secure Web Application Engineer ACCREDITATIONS EXAM INFORMATION The Certified Secure Web Application Engineer exam is taken online through Mile2 s Assessment and Certification System ( MACS ),
ID: Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/2018 Version:
ID: 42417 Cookbook: urldownload.jbs Time: 23:23:00 Date: 11/01/201 Version: 20.0.0 Table of Contents Table of Contents Analysis Report Overview General Information Detection Confidence Classification Signature
Finding Vulnerabilities in Web Applications
Finding Vulnerabilities in Web Applications Christopher Kruegel, Technical University Vienna Evolving Networks, Evolving Threats The past few years have witnessed a significant increase in the number of
Overview Cross-Site Scripting (XSS) Christopher Lam Introduction Description Programming Languages used Types of Attacks Reasons for XSS Utilization Attack Scenarios Steps to an XSS Attack Compromises
Malicious Code Analysis II
Malicious Code Analysis II STRANGER: An Automata-based String Analysis Tool for PHP Mitchell Adair November 28 th, 2011 Outline 1 STRANGER 2 Outline 1 STRANGER 2 STRANGER Credit: [STRANGER: An Automata-based