Heartbleed Bug. Anthony Postiglione. Department of Electrical & Computer Engineering Missouri University of Science and Technology
|
|
- Donald Gilbert
- 5 years ago
- Views:
Transcription
1 Heartbleed Bug Anthony Postiglione Department of Electrical & Computer Engineering Missouri University of Science and Technology rev. 14.0
2 Introduction What is Heartbleed? Discovery Presentation Overview Outline Why wasn t it detected earlier? Difficulty in testing Testing methodology Preventative measures Software implementations Legal liability Presentation Overview 2
3 What is Heartbleed? Vulnerability in OpenSSL Formally identified as CVE Originated in RFC 6520 Transport Layer Security and Datagram Transport Layer Security Heartbeat Extension. What is Heartbleed? 3
4 What is Heartbleed? Heartbeat Heartbeat introduced in OpenSSL Concept of low-cost, keep-alive mechanism for TLS layer What is the issue? Eventually fixed in 1.0.1g About two years later, April What is Heartbleed? 4
5 Issue with Heartbeat 4 April [Ref:
6 The Fix [Ref: CDF+2014] 6
7 Discovery Google Security Team and Codenomicon ~17% of worlds servers were vulnerable Method of testing OpenSSL when bug was released was unknown Discovery 7
8 Discovery Why wasn t Heartbleed discovered sooner? Misconception about open source Higher funder for open source projects Testing Limitations Static Analysis Code not designed for simplicity Inherent difficulties in the complexity of OpenSSL Source Code Weakness Analyzer Fuzzing Discovery 8
9 Open SSL Complexity and Static Use of Pointers Analysis Multiple levels of indirection Complexity of the execution path Buffers are cached and reused Makes it difficult for tool to identify invalid uses Joe Miner Valid bytes of TLS messages are a subset of allocated buffer Requires tool to track boundaries of buffer Contents of buffer don t appear to come directly from the attacker Open SSL Complexity and Static Analysis 9
10 Fuzzing Compiled and tested Monitored for known bad states Application crash Poor penetration for complex protocols Fuzzing 10
11 Fuzzing [Ref: CDF+2014] Fuzzing 11
12 Preventative Measures, Software Debug Heap (address protection) Can work with input fuzzing Negative testing Focused manual spotchecking Validating untrusted input fields Context-configured source code weakness analyzer Full multi-implementation branch coverage Preventative Measures, Software 12
13 Preventative Measures, Software Using a safer language OpenSSL uses C Large expense Thorough human review Takes significant effort and expertise Preventative Measures, Software 13
14 Preventative Measures, Formal Mathematically rigorous techniques and tools for the specification, design, and verification of software and hardware systems [W2014] Simplify the code and its API Allocate and deallocate memory normally Use a standard free/libre/open source software (FLOSS) license Create a FLOSS SSL/TLS test suite combining several of the mentioned approaches Preventative Measures, Formal 14
15 Preventative Measures, Legal Three Laws [GK2014] Absolutely Secure Systems do not exist To halve your vulnerability, you must have to double your expenditure Cryptography is typically bypassed, not penetrated. Complexity today may make it impossible to provide security assurance Potential for security through obscurity Rethinking software liability Preventative Measures, Legal 15
16 Preventative Measures, Legal How are other disruptive mass-market technologies treated? Rapid adoption Regulation Software regulation is coming in due time In hopes to increase safety, quality, and clarify security roles/responsabilities Increasing role of software in everyday life Preventative Measures, Legal 16
17 Software Liability Proposal Consult criminal code to see if damage caused was due to intent or willfulness If you deliver software with complete and buildable source code and a license that allows disabling any functionality or code the licensee decides, liability will only be a refund In any other case, liable for whatever damage the software causes when it s used normally [GK2014] Software Liability 17
18 Conclusion Heartbleed OpenSSL complexity concerns More complete and rigorous testing Changes to software liability Conclusion 18
19 References and Further Reading [CDF+2014] Marco Carvalho, Jared DeMott, Richard Ford, and David A. Wheeler, Heartbleed 101, IEEE Security and Privacy, Volume 12, Issue 4, pp , July/August [W2014] David A. Wheeler, Preventing Heartbleed, IEEE Computer, Volume 47, Issue 8, pp , August [GK2014] Daniel E. Geer Jr., and Poul-Henning Kamp, Inviting More Heartbleed, IEEE Security and Privacy, Volume 12, Issue 4, pp , July/August References and Further Reading 19
20 End of Foils End 20
Described by some as the
Editors: Richard Ford, rford@se.fit.edu Deborah A. Frincke, debfrincke@gmail.com BASIC TRAINING Heartbleed 101 Marco Carvalho Florida Institute of Technology Jared DeMott Bromium Richard Ford Florida Institute
More informationMQ Jumping... Or, move to the front of the queue, pass go and collect 200
MQ Jumping.... Or, move to the front of the queue, pass go and collect 200 Martyn Ruks DEFCON 15 2007-08-03 One Year Ago Last year I talked about IBM Networking attacks and said I was going to continue
More informationTaking White Hats to the Laundry: How to Strengthen Testing in Common Criteria
Taking White Hats to the Laundry: How to Strengthen Testing in Common Criteria Apostol Vassilev, Principal Consultant September 23,2009. Product Testing in Common Criteria Product Testing in Common Criteria
More informationLimitations of the stack
The heap hic 1 Limitations of the stack int *table_of(int num, int len) { int table[len+1]; for (int i=0; i
More informationCIS 5373 Systems Security
CIS 5373 Systems Security Topic 1: Introduction to Systems Security Endadul Hoque 1 Why should you care? Security impacts our day-to-day life Become a security-aware user Make safe decisions Become a security-aware
More information01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED
01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments
More informationICSE MET 17 Keynote. Metamorphic Testing: Beyond Testing Numerical Computations
ICSE MET 17 Keynote Metamorphic Testing: Beyond Testing Numerical Computations Dr. Zhi Quan (George) Zhou Associate Professor University of Wollongong Australia zhiquan@uow.edu.au 1 Why this topic? Observation:
More informationProduct Security. for Consumer Devices. Anton von Troyer Codenomicon. all rights reserved.
Product Security Anton von Troyer for Consumer Devices About Codenomicon Founded in Autumn 2001 Commercialized the academic approach built since 1996 Technology leader in security test automation Model-based,
More informationImplementing Cryptography: Good Theory vs. Bad Practice
Implementing Cryptography: Good Theory vs. Bad Practice Viet Pham Information Security Group, Department of Mathematics Royal Holloway, University of London Outline News report What is cryptography? Why
More informationGreats Bugs in History
Semidoctus, 23 November 2016 Semidoctus, 23 November 2016 1 / 1/ Plan 1 Introduction: what s a bug? 2 The Y2K Bug 3 The case of Ariane 5 4 Heartbleed 5 The Intel Division Bug 6 500-mile emails 7 Conclusion
More informationIt was a dark and stormy night. Seriously. There was a rain storm in Wisconsin, and the line noise dialing into the Unix machines was bad enough to
1 2 It was a dark and stormy night. Seriously. There was a rain storm in Wisconsin, and the line noise dialing into the Unix machines was bad enough to keep putting garbage characters into the command
More informationVulnerability Assessments and Penetration Testing
CYBERSECURITY Vulnerability Assessments and Penetration Testing A guide to understanding vulnerability assessments and penetration tests. OVERVIEW When organizations begin developing a strategy to analyze
More informationSSL/TLS Vulnerability Detection Using Black Box Approach
Journal of Physics: Conference Series PAPER OPEN ACCESS SSL/TLS Vulnerability Detection Using Black Box Approach To cite this article: D Gunawan et al 2018 J. Phys.: Conf. Ser. 978 012121 View the article
More informationPEACHTECH PEACH API SECURITY AUTOMATING API SECURITY TESTING. Peach.tech
PEACH API SECURITY AUTOMATING API SECURITY TESTING Peach.tech Table of Contents Introduction... 3 Industry Trends... 3 API growth... 3 Agile and Continuous Development Frameworks... 4 Gaps in Tooling...
More informationHigh-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity
Distribution A: SSC17-V-01 High-Assurance Cyber Space Systems (HACSS) for Small Satellite Mission Integrity Daria C. Lane, Enrique S. Leon, Francisco C. Tacliad, Dexter H. Solio, Ian L. Rodney, Dmitriy
More informationIs Your Web Application Really Secure? Ken Graf, Watchfire
Is Your Web Application Really Secure? Ken Graf, Watchfire What we will discuss today Pressures on the application lifecycle Why application security defects matter How to create hacker resistant business
More informationTSP Secure. Date: December 14, 2016 William Nichols Carnegie Mellon University
TSP Secure Date: December 14, 2016 William Nichols President's Information Technology Advisory Committee (PITAC), 2005 Commonly used software engineering practices permit dangerous errors, such as improper
More informationMy other computer is YOURS!
Octet-based encoding example Here is a DER encoding of the following definition: Person ::= SEQUENCE { first UTF8String, last UTF8String } myself ::= Person { first "Nathanael", last "COTTIN" } Octet-based
More informationApplications. Cloud. See voting example (DC Internet voting pilot) Select * from userinfo WHERE id = %%% (variable)
Software Security Requirements General Methodologies Hardware Firmware Software Protocols Procedure s Applications OS Cloud Attack Trees is one of the inside requirement 1. Attacks 2. Evaluation 3. Mitigation
More informationMobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing
Mobile Malfeasance Exploring Dangerous Mobile Code Jason Haddix, Director of Penetration Testing Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to
More informationSecure Programming I. Steven M. Bellovin September 28,
Secure Programming I Steven M. Bellovin September 28, 2014 1 If our software is buggy, what does that say about its security? Robert H. Morris Steven M. Bellovin September 28, 2014 2 The Heart of the Problem
More informationLow level security. Andrew Ruef
Low level security Andrew Ruef What s going on Stuff is getting hacked all the time We re writing tons of software Often with little regard to reliability let alone security The regulatory environment
More informationInternet-Wide Port Scanners Some history behind the development of high performance port scanners. Things to consider, and necessary preparations
Internet-Wide Port Scanners Some history behind the development of high performance port scanners. Things to consider, and necessary preparations before using these tools. Internet Vulnerability masscan,
More informationRelease Notes for Epilog for Windows Release Notes for Epilog for Windows v1.7
Release Notes for Epilog for Windows v1.7 InterSect Alliance International Pty Ltd Page 1 of 16 About this document This document provides release notes for Snare Enterprise Epilog for Windows release.
More informationHeartbleed Attack Lab
SEED Labs Heartbleed Attack 1 Heartbleed Attack Lab Copyright c 2016 Wenliang Du, Syracuse University. The development of this document was partially funded by the National Science Foundation under Award
More informationAutomated Whitebox Fuzz Testing. by - Patrice Godefroid, - Michael Y. Levin and - David Molnar
Automated Whitebox Fuzz Testing by - Patrice Godefroid, - Michael Y. Levin and - David Molnar OUTLINE Introduction Methods Experiments Results Conclusion Introduction Fuzz testing is an effective Software
More informationExposing The Misuse of The Foundation of Online Security
Exposing The Misuse of The Foundation of Online Security HLA ID: 90FZSBZFZSB 56BVCXVBVCK 23YSLUSYSLI 01GATCAGATC Cyber space is very similar to organic realm Keys & certificates are like HLA tags But,
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationRelease Notes for Snare Enterprise Agent for MSSQL Release Notes for Snare Enterprise Agent for MSSQL v1.2/1.3
Release Notes for Snare Enterprise Agent for v1.2/1.3 InterSect Alliance International Pty Ltd Page 1 of 19 About this document This document provides release notes for the Snare Enterprise Agent for version
More informationVerification & Validation of Open Source
Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open
More informationOverview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.
Overview of SSL/TLS Luke Anderson luke@lukeanderson.com.au 12 th May 2017 University Of Sydney Overview 1. Introduction 1.1 Raw HTTP 1.2 Introducing SSL/TLS 2. Certificates 3. Attacks Introduction Raw
More informationAutomatic program generation for detecting vulnerabilities and errors in compilers and interpreters
Automatic program generation for detecting vulnerabilities and errors in compilers and interpreters 0368-3500 Nurit Dor Shir Landau-Feibish Noam Rinetzky Preliminaries Students will group in teams of 2-3
More informationVulnerability disclosure
Vulnerability disclosure Don t forget overall goal: improve software safety Consider incentives for researchers, software vendors, customers Supply chain can be complex Software component developers Open
More informationSandboxing Untrusted Code: Software-Based Fault Isolation (SFI)
Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI) Brad Karp UCL Computer Science CS GZ03 / M030 9 th December 2011 Motivation: Vulnerabilities in C Seen dangers of vulnerabilities: injection
More informationCISO Success Strategies: On Becoming a Security Business Leader
SESSION ID: CXO W03 CISO Success Strategies: On Becoming a Security Business Leader Frank Kim CISO SANS Institute @fykim Outline Build Your Business Case Rocket Your Relationships Master Your Message 2
More informationSECURITY CODE. Responsible Care. American Chemistry Council. 7 April 2011
American Chemistry Council Responsible Care SECURITY CODE 7 April 2011 Debra Phillips Managing Director, Responsible Care American Chemistry Council Why develop a Separate Security Code? Need for a clearly
More informationINFORMATION SUPPLEMENT. Use of SSL/Early TLS for POS POI Terminal Connections. Date: June 2018 Author: PCI Security Standards Council
Use of SSL/Early TLS for POS POI Terminal Connections Date: Author: PCI Security Standards Council Table of Contents Introduction...1 Executive Summary...1 What is the risk?...1 What is meant by Early
More informationInline Reference Monitoring Techniques
Inline Reference Monitoring Techniques In the last lecture, we started talking about Inline Reference Monitors. The idea is that the policy enforcement code runs with the same address space as the code
More informationSystematic Fuzzing and Testing of TLS Libraries Juraj Somorovsky
Systematic Fuzzing and Testing of TLS Libraries Juraj Somorovsky 1 1 Transport Layer Security The most important crypto protocol HTTP, SMTP, IMAP 2 2 Secure Sockets Layer (SSL), SSLv2 SSLv3 Trasnsport
More informationLessons from the Human Immune System Gavin Hill, Director Threat Intelligence
Lessons from the Human Immune System Gavin Hill, Director Threat Intelligence HLA ID: 90FZSBZFZSB 56BVCXVBVCK 23YSLUSYSLI 01GATCAGATC Cyber space is very similar to organic realm Keys & certificates are
More informationDevelopment*Process*for*Secure* So2ware
Development*Process*for*Secure* So2ware Development Processes (Lecture outline) Emphasis on building secure software as opposed to building security software Major methodologies Microsoft's Security Development
More informationbreathehr security, reliability and GDPR
breathehr security, reliability and GDPR Contact us: Tel 01403 288700 breathehr.com @breathehr General Data Protection Regulations (September update) You may be aware that in May 2018 the new General Data
More informationInternational Journal of Computer Engineering and Applications, Volume XII, Special Issue, April- ICITDA 18,
International Journal of Computer Engineering and Applications, Volume XII, Special Issue, April- ICITDA 18, www.ijcea.com ISSN 2321-3469 SOFTWARE TESTING Rajat Galav, Shivank Lavania Student, Department
More informationCyber Security Advisory
1KHW028570 2015-11-20 English 2.00 1/5 SSL 3.0 Protocol Vulnerability and POODLE Attack in FOX660 series ABB-VU-PSAC- 1KHW028570 Notice The information in this document is subject to change without notice,
More informationSecurity and Authentication
Security and Authentication CS 370 SE Practicum, Cengiz Günay (Some slides courtesy of Eugene Agichtein and the Internets) CS 370, Günay (Emory) Security and Authentication Spring 2014 1 / 15 Agenda Upcoming
More informationProtection. Thierry Sans
Protection Thierry Sans Protecting Programs How to lower the risk of a program security flaw resulting from a bug? 1. Build better programs 2. Build better operating systems Build Better Programs Why are
More informationTowards automated detection of buffer overrun vulnerabilities: a first step. NDSS 2000 Feb 3, 2000
Towards automated detection of buffer overrun vulnerabilities: a first step David Wagner Eric A. Brewer Jeffrey S. Foster Alexander Aiken NDSS 2000 Feb 3, 2000 1 Introduction The state of computer security
More informationChapter 11, Testing. Using UML, Patterns, and Java. Object-Oriented Software Engineering
Chapter 11, Testing Using UML, Patterns, and Java Object-Oriented Software Engineering Outline Terminology Types of errors Dealing with errors Quality assurance vs Testing Component Testing! Unit testing!
More informationECE 587 Hardware/Software Co-Design Lecture 11 Verification I
ECE 587 Hardware/Software Co-Design Spring 2018 1/23 ECE 587 Hardware/Software Co-Design Lecture 11 Verification I Professor Jia Wang Department of Electrical and Computer Engineering Illinois Institute
More informationCAMSCANNER TURN YOUR PHONE AND TABLET INTO SCANNER FOR
PDF NESSUS VULNERABILITY SCANNER - BASICS - SECURITYLEARN CAMSCANNER TURN YOUR PHONE AND TABLET INTO SCANNER FOR 1 / 6 2 / 6 3 / 6 website vulnerability scanner pdf Basics vulnerability scanning with NESSUS...
More informationHardening Attack Vectors to cars by Fuzzing
Hardening Attack Vectors to cars by Fuzzing AESIN 2015 Ashley Benn, Regional Sales manager 29 th October, 2015 2015 Synopsys, Inc. 1 Today, there are more than 100m lines of code in cars 2015 Synopsys,
More informationEthical Hacking CERTIFIED ETHICAL HACKER. Xpert Infotech is the registered trademark of Xperia Technologies Pvt. Ltd.
Ethical Hacking CERTIFIED ETHICAL HACKER 1 What is Ethical Hacking? Ethical Hacking and Ethical Hacker are terms used to describe hacking performed by a company or individual to help identify potential
More informationThe Android security jungle: pitfalls, threats and survival tips. Scott
The Android security jungle: pitfalls, threats and survival tips Scott Alexander-Bown @scottyab The Jungle Ecosystem Google s protection Threats Risks Survival Network Data protection (encryption) App/device
More informationInternational Journal of Computer Engineering and Applications, Volume XII, Special Issue, September 18, ISSN SOFTWARE TESTING
International Journal of Computer Engineering and Applications, Volume XII, Special Issue, September 18, www.ijcea.com ISSN 2321-3469 SOFTWARE TESTING Rajat Galav 1, Shivank Lavania 2, Brijesh Kumar Singh
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationSynology Security Whitepaper
Synology Security Whitepaper 1 Table of Contents Introduction 3 Security Policy 4 DiskStation Manager Life Cycle Severity Ratings Standards Security Program 10 Product Security Incident Response Team Bounty
More informationBuffer Overflows. Buffers. Administrative. COMP 435 Fall 2017 Prof. Cynthia Sturton. Buffers
dministrative Buffer Overflows COMP 435 Fall 2017 Prof. Cynthia Sturton Exam Mon., Nov. 6 Covers material since last exam, including today s lecture Review in OH Fri., Nov. 3, 10-12 FB 354 Poster group
More informationLecture 4: Threats CS /5/2018
Lecture 4: Threats CS 5430 2/5/2018 The Big Picture Attacks are perpetrated by threats that inflict harm by exploiting vulnerabilities which are controlled by countermeasures. Once Upon a Time Bugs "bug":
More informationC1: Define Security Requirements
OWASP Top 10 Proactive Controls IEEE Top 10 Software Security Design Flaws OWASP Top 10 Vulnerabilities Mitigated OWASP Mobile Top 10 Vulnerabilities Mitigated C1: Define Security Requirements A security
More informationThe Value of Automated Penetration Testing White Paper
The Value of Automated Penetration Testing White Paper Overview As an information security expert and the security manager of the company, I am well aware of the difficulties of enterprises and organizations
More informationSoftware Security: Misc and Principles
CSE 484 / CSE M 584: Computer Security and Privacy Software Security: Misc and Principles Spring 2015 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin,
More informationEngineering Your Software For Attack
Engineering Your Software For Attack Robert A. Martin Senior Principal Engineer Cyber Security Center Center for National Security The MITRE Corporation 2013 The MITRE Corporation. All rights reserved.
More informationMBFuzzer - MITM Fuzzing for Mobile Applications
MBFuzzer - MITM Fuzzing for Mobile Applications Fatih Özavcı Mentor of MBFuzer @ yakindanegitim.org fatih.ozavci at gamasec.net gamasec.net/fozavci Scope Yakindan Egitim Project Security Vulnerabilities
More informationDoH and DoT experience. Ólafur Guðmundsson Marek Vavrusa
DoH and DoT experience Ólafur Guðmundsson Marek Vavrusa Announced April 1 st 2018 Our mission: to help build a better Internet. We use 1.1.1.1 and 1.0.0.1 (easy to remember) for our resolver. DNS resolver,
More informationCA SiteMinder. Advanced Password Services Release Notes SP1
CA SiteMinder Advanced Password Services Release Notes 12.52 SP1 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationRequirements, Partitioning, paging, and segmentation
Requirements, Partitioning, paging, and segmentation Main Memory: The Big Picture kernel memory proc struct kernel stack/u area Stack kernel stack/u area Stack kernel stack/u area Stack Data Text (shared)
More informationBuilding Trust in Digital Identities
Building Trust in Digital Identities Secure Digital identities for a Digital Single Market in Europe Frederic Jacobs What is trust? the willingness of a party to be vulnerable to the actions of another
More informationEnhancing Memory Error Detection for Large-Scale Applications and Fuzz testing
Enhancing Memory Error Detection for Large-Scale Applications and Fuzz testing Wookhyun Han, Byunggil Joe, Byoungyoung Lee *, Chengyu Song, Insik Shin KAIST, * Purdue, UCR 1 Memory error Heartbleed Shellshock
More informationFinding Error Handling Bugs in OpenSSL using Coccinelle
1 Finding Error Handling Bugs in OpenSSL using Coccinelle (Practical Experience Report) Julia Lawall (University of Copenhagen/INRIA-Regal) Ben Laurie (Google), René Rydhof Hansen (Aalborg University),
More informationIT Security Evaluation : Common Criteria
AfriNIC-9 MEETING Mauritius 22-28 November 2008 IT Security Evaluation : Common Criteria Ministry of Communication Technologies National Digital Certification Agency Mounir Ferjani November 2008 afrinic
More informationIngate SIParator /Firewall SIP Security for the Enterprise
Ingate SIParator /Firewall SIP Security for the Enterprise Ingate Systems Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?... 3 3
More informationIntel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE ) Side Channel Exploits.
Intel Software Guard Extensions (SGX) SW Development Guidance for Potential Bounds Check Bypass (CVE-2017-5753) Side Channel Exploits White Paper Revision 1.0 February 2018 Intel technologies features
More informationMarkLogic Server. Common Criteria Evaluated Configuration Guide. MarkLogic 9 May, Copyright 2019 MarkLogic Corporation. All rights reserved.
Common Criteria Evaluated Configuration Guide 1 MarkLogic 9 May, 2017 Last Revised:9.0-3, September, 2017 Copyright 2019 MarkLogic Corporation. All rights reserved. Table of Contents Table of Contents
More information1.1 For Fun and Profit. 1.2 Common Techniques. My Preferred Techniques
1 Bug Hunting Bug hunting is the process of finding bugs in software or hardware. In this book, however, the term bug hunting will be used specifically to describe the process of finding security-critical
More informationMemory Safety (cont d) Software Security
Memory Safety (cont d) Software Security CS 161: Computer Security Prof. Raluca Ada Popa January 17, 2016 Some slides credit to David Wagner and Nick Weaver Announcements Discussion sections and office
More informationSecurity Advisory Relating to OpenSSL Vulnerability Heartbleed on Various Polycom Products
SECURITY BULLETIN CVE-2014-0160 Version 1.5 Security Advisory Relating to OpenSSL Vulnerability Heartbleed on Various Polycom Products DATE PUBLISHED: This information applies to all Polycom products using
More informationWhat every IT professional needs to know about penetration tests
What every IT professional needs to know about penetration tests 24 th April, 2014 Geraint Williams IT Governance Ltd www.itgovernance.co.uk Overview So what do IT Professionals need to know about penetration
More informationBlack Hat Webcast Series. C/C++ AppSec in 2014
Black Hat Webcast Series C/C++ AppSec in 2014 Who Am I Chris Rohlf Leaf SR (Security Research) - Founder / Consultant BlackHat Speaker { 2009, 2011, 2012 } BlackHat Review Board Member http://leafsr.com
More informationHonours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui
Honours/Master/PhD Thesis Projects Supervised by Dr. Yulei Sui Projects 1 Information flow analysis for mobile applications 2 2 Machine-learning-guide typestate analysis for UAF vulnerabilities 3 3 Preventing
More informationTiger Scheme QST/CTM Standard
Tiger Scheme QST/CTM Standard Title Tiger Scheme Qualified Security Tester Team Member Standard Version 1.2 Status Public Release Date 21 st June 2011 Author Professor Andrew Blyth (Tiger Technical Panel)
More informationU.S. E-Authentication Interoperability Lab Engineer
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI
More informationSecurity Testing. John Slankas
Security Testing John Slankas jbslanka@ncsu.edu Course Slides adapted from OWASP Testing Guide v4 CSC 515 Software Security What is Security Testing? Validate security controls operate as expected What
More informationMcAfee Product Security Practices
McAfee Product Security Practices 12 October 2017 McAfee Public Page 1 of 8 12 October 2017 Expires 12 Apr 2018 Importance of Security At McAfee (formerly Intel Security) we take product security very
More informationPractical Approaches to Formal Verification. Mike Bartley, TVS
Practical Approaches to Formal Verification Mike Bartley, TVS 1 Acknowledgements This paper is based on work performed by TVS with ARM Specific thanks should go to Laurent Arditi Bryan Dickman Daryl Stuart
More informationBlind Security Testing An Evolutionary Approach
Blind Security Testing An Evolutionary Approach Scott T. Stender isec Partners, Inc. June 29, 2007 scott@isecpartners.com Introduction Software testing, or more broadly, software quality assurance, is
More informationSoftware Testing Interview Question and Answer
Software Testing Interview Question and Answer What is Software Testing? A process of analyzing a software item to detect the differences between existing and required conditions (i.e., defects) and to
More informationModeling and Discovering Vulnerabilities with Code Property Graphs
Modeling and Discovering Vulnerabilities with Code Property Graphs Fabian Yamaguchi, Nico Golde (Qualcomm), Daniel Arp, and Konrad Rieck Security & Privacy 2014 GEORG-AUGUST-UNIVERSITÄT GÖTTINGEN Implementation
More informationAutomotive Software Security Testing
Detecting and Addressing Cybersecurity Issues V1.1 2018-03-05 Code ahead! 2 Automated vulnerability detection and triage + = 3 How did we get here? Vector was engaged with a large, US Tier 1 and we were
More informationCYSE 411/AIT 681 Secure Software Engineering. Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun
CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun Reading This lecture [McGraw]: Ch. 7-9 2 Seven Touchpoints 1. Code review 2. Architectural
More informationFormal Methods at Scale in Microsoft
Formal Methods at Scale in Microsoft Thomas Ball http://research.microsoft.com/rise Microsoft Research 4 October 2017 Code Integ. Tests Unit Test Testing-based Development Commit, Build Review Web app
More informationPlaintext-Recovery Attacks Against Datagram TLS
Information Security Group Royal Holloway, University of London 6th Feb 2012 Contents 1 Results 2 3 4 Padding Oracle Realisation Against OpenSSL 5 Attacking the GnuTLS Implementation of DTLS 6 Results
More informationProgram verification. Generalities about software Verification Model Checking. September 20, 2016
Program verification Generalities about software Verification Model Checking Laure Gonnord David Monniaux September 20, 2016 1 / 43 The teaching staff Laure Gonnord, associate professor, LIP laboratory,
More informationRuckus Wireless Security Advisory ID FAQ
Multiple Vulnerabilities in DNSMASQ (CVE-2017-14491, CVE-2017-14492, CVE-2017-14493, CVE-2017-14494, CVE-2017-14495, CVE-2017-14496, CVE-2017-13704, CVE-2015-3294) Initial Internal Release Date: 11/27/2017
More information4. Risk-Based Security Testing. Reading. CYSE 411/AIT 681 Secure Software Engineering. Seven Touchpoints. Application of Touchpoints
Reading This lecture [McGraw]: Ch. 7-9 CYSE 411/AIT 681 Secure Software Engineering Topic #6. Seven Software Security Touchpoints (III) Instructor: Dr. Kun Sun 2 Seven Touchpoints Application of Touchpoints
More informationCourses. X E - Verify that system acquisitions policies and procedures include assessment of risk management policies X X
4016 Points * = Can include a summary justification for that section. FUNCTION 1 - INFORMATION SYSTEM LIFE CYCLE ACTIVITIES Life Cycle Duties No Subsection 2. System Disposition/Reutilization *E - Discuss
More informationCertification Report
Certification Report Nutanix Virtual Computing Platform v3.5.1 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationSecurity and Compliance at Mavenlink
Security and Compliance at Mavenlink Table of Contents Introduction....3 Application Security....4....4....5 Infrastructure Security....8....8....8....9 Data Security.... 10....10....10 Infrastructure
More informationInformation Security CS 526
Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication Topic 14: Secure Communication 1 Readings for This Lecture On Wikipedia Needham-Schroeder protocol (only the symmetric
More informationUNIX File System. UNIX File System. The UNIX file system has a hierarchical tree structure with the top in root.
UNIX File System UNIX File System The UNIX file system has a hierarchical tree structure with the top in root. Files are located with the aid of directories. Directories can contain both file and directory
More informationCSC 405 Introduction to Computer Security Fuzzing
CSC 405 Introduction to Computer Security Fuzzing Alexandros Kapravelos akaprav@ncsu.edu Let s find some bugs (again) We have a potentially vulnerable program The program has some inputs which can be controlled
More information