DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer...
-
Upload
adam-golden -
Category
Documents
-
view
214 -
download
0
Transcript of DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer...
![Page 1: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/1.jpg)
DEEDS Meeting Oct., 26th 2006
Dependable, Embedded Systems and Software GroupDepartment of Computer ScienceDarmstadt University of Technology
Summary of my enquiries made so far…
Daniel Germanus <[email protected]>
![Page 2: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/2.jpg)
DEEDS Meeting Oct., 26th 2006
2
Intro
•Bachelor Thesis was on Threat Modeling
•Part of Microsofts Security Development Lifecycle
•Cons can be:
– Informal method
– Static approach
•Wanted:
– New, or improved attackability measures
– Based on exact models
– Dynamic system view
– (semi) automated
!
![Page 3: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/3.jpg)
DEEDS Meeting Oct., 26th 2006
3
How to achieve?
•Enquiries on Security, Metrics, Measures and related Technologies
•Looking for Metrics, Methods and Tools
• Metrics: Attack Surface, Risk measurement
• Methods: Attack Graphs
• Tools: OPUS
• In the future: model own metrics or methods
![Page 4: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/4.jpg)
DEEDS Meeting Oct., 26th 2006
4
Attack surface (CMU)
•Definition: Sum of accessible APIs and used resources
•Non-orthogonal, three dimensional mapping:
• Targets & Enablers (i.e. resources, processes and data)
• Channels & Protocols (2 types of channels: message passing and
shared memory, every channel associated with a protocol)
• Access rights: associated with all resources
•Developed state machine model for System, Threat and User behavior
![Page 5: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/5.jpg)
DEEDS Meeting Oct., 26th 2006
5
Attack surface (CMU)
•Calculating actual attackability …
–Relative, not absolute measure
–Different approaches possible:
• Use of domain specific attack classes (cf. Threat Modeling)
• Definition of own system/channel/data attack classes
![Page 6: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/6.jpg)
DEEDS Meeting Oct., 26th 2006
6
Attack surface (CMU)
•Example for some domain specific attack classes:
![Page 7: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/7.jpg)
DEEDS Meeting Oct., 26th 2006
7
Attack surface (CMU)
•Example for actual metric application
•Using
–two different versions of an IMAP server (IMAPD1 and IMAPD2)
–own system/channel/data attack classes
![Page 8: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/8.jpg)
DEEDS Meeting Oct., 26th 2006
8
IMAPD1 .. Attack surface value is triple <3.5 , 2 , 1.66>
![Page 9: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/9.jpg)
DEEDS Meeting Oct., 26th 2006
9
IMAPD2 .. Attack surface value is triple <5 , 2 , 1.33>
![Page 10: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/10.jpg)
DEEDS Meeting Oct., 26th 2006
10
Threat Index
•Metric with cost/benefit approach
![Page 11: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/11.jpg)
DEEDS Meeting Oct., 26th 2006
11
Threat Index Visualization
![Page 12: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/12.jpg)
DEEDS Meeting Oct., 26th 2006
12
Network Attack Graphs
•Per host basis algorithms
•Supports system analysts, automated graph generation
•Input parameters are:
–a set of host nodes, H
–a set of trust relationships, T
–a set of access edges, E
–a set of network exploits, X
–a set of vulnerabilities at each host, V
–a new attacker host, h
•At this stage, only known attacks are considered
![Page 13: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/13.jpg)
DEEDS Meeting Oct., 26th 2006
13
Network Attack Graphs
![Page 14: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/14.jpg)
DEEDS Meeting Oct., 26th 2006
14
Tools
•OPUS – Online Patches and Updates for Security
–Intention: minimize downtime
–Granularity: functions (with identical signature)
• No globals,
• no nonrecurring functions (like main),
• no functions which are currently on some stack frame
–Currently only supported for C programs
–Validated with several Bugtraq incident reports for buffer overflows,
double frees, etc.
![Page 15: DEEDS Meeting Oct., 26th 2006 Dependable, Embedded Systems and Software Group Department of Computer Science Darmstadt University of Technology Summary.](https://reader034.fdocuments.us/reader034/viewer/2022042821/56649dbc5503460f94aae14a/html5/thumbnails/15.jpg)
DEEDS Meeting Oct., 26th 2006
15
That‘s it
Thanks.
Please, visit the DEEDS Wiki on Security related content.