CSE509 Spring 2007 Midterm Exam. Electronic devices, including calculators, cell phones, mp3 players, and laptops are all prohibited.

Similar documents
Files. Eric McCreath

CMPS 105 Systems Programming. Prof. Darrell Long E2.371

Goals of this Lecture

Can Great Programmers Be Taught? Experiences with a Software Design Class. John Ousterhout Stanford University

I/O Management! Goals of this Lecture!

I/O Management! Goals of this Lecture!

Computer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018

CS 155 Final Exam. CS 155: Spring 2012 June 11, 2012

File I/0. Advanced Programming in the UNIX Environment

Processes often need to communicate. CSCB09: Software Tools and Systems Programming. Solution: Pipes. Recall: I/O mechanisms in C

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

CSE 509: Computer Security

Introduction to File Systems. CSE 120 Winter 2001

Secure Software Development: Theory and Practice

Advanced Systems Security: Ordinary Operating Systems

File Systems Overview. Jin-Soo Kim ( Computer Systems Laboratory Sungkyunkwan University

Process Creation in UNIX

Operating System Labs. Yuanbin Wu

typedef void (*type_fp)(void); int a(char *s) { type_fp hf = (type_fp)(&happy_function); char buf[16]; strncpy(buf, s, 18); (*hf)(); return 0; }

Systems Programming. COSC Software Tools. Systems Programming. High-Level vs. Low-Level. High-Level vs. Low-Level.

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security

1. (6 points) Control Hijacking Indicate whether the statement is always valid. Indicate true or false, and give a one sentence explanation.

FILE SYSTEMS. Jo, Heeseung

Advanced Systems Security: Ordinary Operating Systems

Lecture files in /home/hwang/cs375/lecture05 on csserver.

Operating systems. Lecture 7

CS140 Operating Systems Final December 12, 2007 OPEN BOOK, OPEN NOTES

CMPSC 497 Buffer Overflow Vulnerabilities

Operating Systems Security Access Control

Lecture 14 CSE11 Fall 2013 For loops, Do While, Break, Continue

Stanford University Computer Science Department CS 295 midterm. May 14, (45 points) (30 points) total

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I Solutions

CSE 333 SECTION 3. POSIX I/O Functions

CS240: Programming in C

SELinux. Don Porter CSE 506

Software Security: Buffer Overflow Attacks

I/O OPERATIONS. UNIX Programming 2014 Fall by Euiseong Seo

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security

CS 161 Computer Security

Input/Output. Input/Output and Files. Input/Output. I/O System Objectives

Access Control. Access Control: enacting a security policy. COMP 435 Fall 2017 Prof. Cynthia Sturton. Access Control: enacting a security policy

Module: Program Vulnerabilities. Professor Trent Jaeger. CSE543 - Introduction to Computer and Network Security

New York University CSCI-UA : Advanced Computer Systems: Spring 2016 Midterm Exam

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall 2011.

I/O OPERATIONS. UNIX Programming 2014 Fall by Euiseong Seo

The American University in Cairo Department of Computer Science & Engineering CSCI &09 Dr. KHALIL Exam-I Fall 2011

CSE543 - Computer and Network Security Module: Intrusion Detection

Fall 2017 :: CSE 306. File Systems Basics. Nima Honarmand

Homework 3 CS161 Computer Security, Fall 2008 Assigned 10/07/08 Due 10/13/08

The bigger picture. File systems. User space operations. What s a file. A file system is the user space implementation of persistent storage.

Bypassing Browser Memory Protections

CS 155 Final Exam. CS 155: Spring 2004 June 2004

CSE 333 SECTION 3. POSIX I/O Functions

The American University in Cairo Computer Science & Engineering Department CSCE Dr. KHALIL Exam II Spring 2010

(Early) Memory Corruption Attacks

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

CSE 565 Computer Security Fall 2018

CSE 333 Section 8 - Client-Side Networking

CS360 Midterm 2 Spring, 2016 James S. Plank March 10, 2016

CSE 410: Systems Programming

CSE 333 Midterm Exam 2/12/16. Name UW ID#

Static Vulnerability Analysis

MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation. Shankara Pailoor, Andrew Aday, Suman Jana Columbia University

ENGR 3950U / CSCI 3020U (Operating Systems) Simulated UNIX File System Project Instructor: Dr. Kamran Sartipi

Recitation 8: Tshlab + VM

RCU. ò Walk through two system calls in some detail. ò Open and read. ò Too much code to cover all FS system calls. ò 3 Cases for a dentry:

VFS, Continued. Don Porter CSE 506

Changelog. Corrections made in this version not in first posting: 1 April 2017: slide 13: a few more %c s would be needed to skip format string part

W4118: OS Overview. Junfeng Yang

CS 161 Computer Security

ECE264 Fall 2013 Exam 1, September 24, 2013

Security and Exploit Mitigation. CMSC Spring 2016 Lawrence Sebald

SYSTEM CALL IMPLEMENTATION. CS124 Operating Systems Fall , Lecture 14

What Is Operating System? Operating Systems, System Calls, and Buffered I/O. Academic Computers in 1983 and Operating System

ECEN 449 Microprocessor System Design. Review of C Programming

we are here I/O & Storage Layers Recall: C Low level I/O Recall: C Low Level Operations CS162 Operating Systems and Systems Programming Lecture 18

SoK: Eternal War in Memory Laszlo Szekeres, Mathias Payer, Tao Wei, and Dawn Song In: Oakland 14

CSE 565 Computer Security Fall 2018

Intrusion Detection and Malware Analysis

Lecture 4 September Required reading materials for this class

CS140 Operating Systems and Systems Programming

Test Conditions. Closed book, closed notes, no calculator, no laptop just brains 75 minutes. Steven M. Bellovin October 19,

TELE402. Internetworking. TELE402 Lecture 1 Protocol Layering 1

Process Management! Goals of this Lecture!

Real-World Buffer Overflow Protection in User & Kernel Space

CSCI 4061: Virtual Memory

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

CS 471 Operating Systems. Yue Cheng. George Mason University Fall 2017

CS503 Advanced Programming I CS305 Computer Algorithms I

we are here Page 1 Recall: How do we Hide I/O Latency? I/O & Storage Layers Recall: C Low level I/O

Midterm Exam #2 April 20, 2016 CS162 Operating Systems

ECEN 449 Microprocessor System Design. Review of C Programming. Texas A&M University

Midterm Exam #2 Solutions April 20, 2016 CS162 Operating Systems

File Systems. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

CSE Computer Security

Advanced Unix/Linux System Program. Instructor: William W.Y. Hsu

Computer Security Course. Midterm Review

CSE 131 Introduction to Computer Science Fall Final Exam

CSE 131 Introduction to Computer Science Fall Exam II

Transcription:

CSE509 Spring 2007 Midterm Exam Name: You may not use any reference materials during this exam. Electronic devices, including calculators, cell phones, mp3 players, and laptops are all prohibited. You may not use your own scratch paper. The exam has plenty and you can ask for more if needed. You may not leave the classroom once the exam has been distributed. Communicating with other students in any way is prohibited. Academic Honesty: I understand that if I cheat on this exam in any way, I will receive the maximum possible penalty, including an F in this course. Name (print): Signature:

MAC vs. DAC (10 points) Access control systems fall into two categories: discretionary and mandatory. In a discretionary access control system, permissions on objects are entirely under the control of the system s users. In a mandatory access control system, the system places limits on the permissions users can giver certain objects. Does the UNIX file permission system implement a discretionary or mandatory access control system? How about Bell-Lapadula? Access Control Matrices? Would you use discretionary or mandatory access control for: A file storage server in a small business A hospital patient record system A military intelligence system

CCured (10 points) CCured was designed to prevent memory corruption via buffer overflows. Recall that it ensures that the program is type-safe at runtime, including that it cannot accidentally confuse an int and a pointer. Does CCured stop format-string attacks? Why or why not?

Mimicry Attacks (10 points) Consider the following intrusion detection system model: open mmap ioctl close write setuid 1 2 3 4 5 6 The program starts in state 1. You discover a buffer overflow that enables you to take control of the application when it is in state 6. After taking control of the application, your injected code can perform any sequence of system calls. Give a sequence of system calls, with arguments, that changes to user-id 0 and then writes to /etc/shadow without being detected by the intrusion detection system. Note that the IDS does not monitor arguments to system calls, so you can choose the arguments to the system calls as you see fit. The system calls take the following arguments: void * mmap(void *start, int length, int prot, int flags, int fd, int offset); int ioctl(int d, int request,...); int setuid(int uid); int close(int fd); int read(int fd, void *buf, int count); int write(int fd, const void *buf, int count); int open(const char *pathname, int flags);

Address-Space Randomization (10 points) As we saw in class, an attacker can often defeat address-space randomization by guessing the randomized layout of the program he is attacking. Since he only needs to try about 2 16 different layouts, this is a realistic attack. We can strengthen address-space randomization by running the program twice with different randomizations. Every time the two copies make a system call, we verify that they make the exact same system call with the exact same arguments. We then return the same answer to each copy and let them continue. A memory-corruption attack is unlikely to succeed against both copies simultaneously. (5 points) If an adversary could break into one copy of the program with success probability 2 16, what is the probability he will simultaneously break into the two copies of the program in our new system? (5 points) Give two advantages and two disadvantages of this scheme.

I/O Data Oblivious IDS (10 points) Consider a very powerful Intrusion Detection System that knows exactly the sequence of system calls the application will make, and knows all the arguments to those system calls, except the data the application writes to files and the network. So, for example, the IDS will know which files the application will open, but it doesn t know what the application will write to those files. Similarly, the IDS knows which network connections the application will make, but it doesn t know what data the application will transmit over those connections. List 5 security goals an attacker may still be able to violate while evading this powerful IDS. For example, an attacker could cause an e-commerce web server to send him the credit card numbers of other clients, because this would not require changing the system calls made by the web server, only the content of the data it sends to the attacker over the network.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback