Scribd
Upload
18 views37 pages

Security (1,2,3)

The document outlines key principles of software security, focusing on authentication, authorization, confidentiality, integrity, and accountability. It discusses various security threats, such as denial-of-service attacks and file upload risks, along with mitigation strategies like rate limiting, connection timeouts, and traffic analysis. The conclusion emphasizes the importance of proactive measures and continuous evolution of security practices to protect sensitive data and maintain user trust.

Uploaded by

yefeco6136
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
18 views37 pages

Security (1,2,3)

The document outlines key principles of software security, focusing on authentication, authorization, confidentiality, integrity, and accountability. It discusses various security threats, such as denial-of-service attacks and file upload risks, along with mitigation strategies like rate limiting, connection timeouts, and traffic analysis. The conclusion emphasizes the importance of proactive measures and continuous evolution of security practices to protect sensitive data and maintain user trust.

Uploaded by

yefeco6136
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 37

Fundamentals

of Software
Security Group
Assignment

Group 2
Introduction
• Security design principles create reliable, attack-resilient
software.
• Focus on safeguarding sensitive data and preventing
unauthorized access.
• Examples: Misconfigurations, weak access controls, and
poor input validation.
Authentication
• Verifies identity: "Who are you?"
• Common methods: Passwords, biometrics, and multi-
factor authentication.
• Example: Online banking requiring OTPs for secure login.
Authorization
• Determines "What are you allowed to do?"
• Uses roles, policies, and access control lists (ACLs).
• Example: Teachers viewing grades only for their students
in a school portal.
Dependency of Authentication and
Authorization
• Authorization requires prior authentication.
• Without authentication, authorization allows unrestricted
access.
• Analogy: Hotel ID check before issuing a room key.
Confidentiality
• Protects sensitive data from unauthorized access.
• Mechanisms: Encryption, secure channels, and access
controls.
• Example: Encrypted messaging apps ensure private
communication.
Integrity
• Ensures unaltered, trustworthy data.
• Tools: Hashing, checksums, and digital signatures.
• Example: Digital signatures verify contracts remain
unchanged
Confidentiality and Integrity
Interdependence
• Confidentiality without integrity risks tampered data.
• Integrity without confidentiality exposes accurate data to
attackers.
• Both are essential for secure communication.
Accountability
• Links actions to individuals or systems, ensuring
traceability.
• Key mechanisms: Logging and audit trails.
• Example: ATM logs link transactions to specific
cardholders.
Non-Repudiation
• Prevents users from denying actions they performed.
• Mechanisms: Digital receipts, timestamps, cryptographic
proofs.
• Example: E-commerce receipts confirm purchase details.
Denial-of-Service (DoS) Attacks
• DoS disrupts legitimate access by overwhelming
resources.
• Examples: Connection flooding and idle connection
exploits.
• Mitigation: Rate limiting, load balancing, and traffic
monitoring.
File Upload Risks
• Threats: Malicious uploads, DoS via large files, path
traversal attacks.
• Mitigation: File type validation, antivirus scanning, and
size restrictions.
• Example: Restrict uploads to verified file types like
images or PDFs.
Privilege Escalation
• Attackers exploit weak permissions to gain unauthorized
access.
• Example: Gaining admin rights via misconfigured
accounts.
• Mitigation: Enforce the least privilege principle and
sanitize inputs.
Path Traversal
• Exploits directory paths to access unauthorized files.
• Example: Manipulating upload paths to read sensitive
server files.
• Mitigation: Limit file access, enforce directory
restrictions.
Mitigation Strategies Overview
• Validate user inputs to prevent malformed or malicious
data.
• Apply least privilege principles to reduce damage from
attacks.
• Conduct regular audits to detect and resolve
vulnerabilities.
Conclusion
• Combine authentication, integrity, and accountability for
robust security.
• Proactive strategies protect systems and build user trust.
• Security must evolve with changing threats.
What is an Idle Connection
Attack?
• Idle Connection Attack: The client connects to the
server but does nothing—it doesn't send any data or
disconnect.
• Impact on Server: The server's resources are
consumed by these open, idle connections.
• Result: Legitimate users cannot access the server
because all resources are used up.
How Does the Attack Work?

1. Resource Exhaustion:
 Every open connection uses memory and server resources (e.g., file descriptors).
 If too many clients stay idle, the server runs out of resources, making it unavailable for real users.

2.Connection Flooding:
 An attacker can create multiple idle connections, flooding the server and making it slow or unresponsive.

3.TCP Connection Limits:


 Servers can only handle a certain number of connections at once.
 By keeping connections open, an attacker can hit this limit, blocking new, legitimate connections.

4.Idle Timeout Manipulation:


 Some servers have timeouts for idle connections.
 If the attacker keeps connections open, the server might not disconnect idle sessions, causing resource
leaks.
Why is the Idle Connection Attack Stealthy?

• Low Bandwidth: The attack doesn't send a lot of data, so it’s


hard to spot.
• Polite Servers: Web servers often stay connected in the hope
that the client will eventually send data.
• Minimal Traffic: Since no data is transmitted, the attack doesn’t
create any spikes in traffic that would raise immediate alarms.
What Are the Consequences of an Idle
Connection Attack?

 Slow Responses: The server’s resources are overwhelmed,


causing delays in response times.
1.Service Downtime: As all available connections are tied
up, legitimate users may not be able to access the service.
2.Server Crash: If the attack continues for too long, the
server might become unresponsive or crash
How Can We Prevent DoS Attacks?

• Here are a few key strategies to protect the server:


1.Rate Limiting:
Definition: Limit the number of requests a user can make in a set time period.
Benefit: Prevents one client from opening multiple connections.

2.Connection Timeouts:
Definition: Close connections that are idle for too long.
Benefit: Frees up server resources for real users.
Cont..

3.Load Balancing:
Definition: Spread incoming traffic across multiple servers.
Benefit: Ensures no single server gets overloaded.
4.IP Blacklisting/Whitelisting:
Definition: Block suspicious IP addresses or only allow trusted
ones.
Benefit: Prevents known attackers from reaching the server.
5.Web Application Firewalls (WAF):
Definition: Use a firewall to filter traffic before it reaches the
server.
Benefit: Helps identify and block malicious requests.
Advanced Defense Tactics

Traffic Analysis & Anomaly Detection:


•Definition: Continuously monitor traffic to detect unusual patterns.
•Benefit: Quickly detects and responds to abnormal traffic.
Scaling Resources:
•Definition: Automatically increase server resources when traffic spikes.
•Benefit: Keeps the server responsive during high traffic.
CAPTCHA:
•Definition: Add a CAPTCHA challenge to confirm requests come from
humans, not bots.
•Benefit: Prevents automated attacks from making fake connection
Cont…

Session Management:
• Definition: Limit the number of simultaneous sessions per user.
• Benefit: Prevents resource exhaustion by a single user.

Redundancy & Failover Systems:


• Definition: Have backup servers ready to take over if one server fails
or gets overloaded.
• Benefit: Keeps the service available even during attacks.
How Content Delivery Networks
(CDNs) Help
• What is a CDN?: A network of servers that caches
content and serves it from various locations.
• How It Helps:
Reduces the load on the origin server.
Absorbs some of the malicious traffic in case of an attack.
Summary of Mitigation
Strategies
• Rate Limiting
• Connection Timeouts
• Load Balancing
• Traffic Analysis
• Scaling Resources
• CAPTCHA
• Session Management
• Redundancy Systems
• CDNs
Security Threats in File Upload
Functionality
• Understanding Risks and Mitigation Strategies
Introduction
Why File Uploads Introduce Risks?

Uploading files adds functionality but also opens security


vulnerabilities.
• Common risks include malicious files, unauthorized
access, and denial of service (DoS) attacks.
Malicious File Upload
 Risk:
 Malware, shell scripts, or executable files can compromise the server.
 Remote Code Execution (RCE) is a major threat.
 Mitigation:
 Validate file type and signature.
 Use antivirus scanning tools (e.g., ClamAV).
 Whitelist allowed file types.
Path Traversal
 Risk:
 Attackers exploit file paths to access sensitive server files.
Could lead to data breaches or system compromise.
 Mitigation:
 Sanitize input to remove traversal characters (../).
 Restrict file paths to designated directories.
Use absolute paths to verify the file location.
Overwriting Existing Files
 Risk:
 Attackers upload files with identical names to overwrite critical files.
Results in data loss or corruption.
 Mitigation:
 Generate unique file names (e.g., UUID or timestamps).
 Check for file existence before overwriting.
Implement file integrity checks
Denial of Service (DoS)
 Risk:
 Uploading large files or frequent uploads can exhaust server resources.
Leads to service downtime or degraded performance.
 Mitigation:
 Impose strict file size limits.
 Implement request rate limiting.
Use timeouts for uploads.
Remote Code Execution (RCE)
 Risk:
 Uploaded scripts (e.g., .php, .jsp) might execute on the server.
 Gives attackers control of the server.
 Mitigation:
 Block executable file types and verify signatures.
 Store files outside the web root to prevent execution.
 Use strict file permissions to prevent execution.
Cross-Site Scripting (XSS)
 Risk:
Uploaded files with malicious scripts can hijack user sessions.
Could steal cookies or impersonate users.
 Mitigation:
 Sanitize HTML and JavaScript content (e.g., using DOMPurify).
 Implement Content Security Policy (CSP).
Escape user-uploaded content when displaying.
Insecure File Storage
 Risk:
Exposed uploaded files may lead to unauthorized access.
Sensitive data could be leaked.
 Mitigation:
 Use strict file permissions.
 Encrypt sensitive files at rest and in transit.
Store files outside the public document root
Insufficient Logging
 Risk:
 Undetected malicious uploads may go unnoticed.
Prolonged exploitation increases risk of damage.
 Mitigation:
 Log all file upload attempts (e.g., size, type, user, timestamp).
Use real-time monitoring tools to detect anomalies.
Conclusion
File uploads expose servers to various threats.

Effective mitigation includes:

Validating file types and content.

Implementing strict access controls.

Monitoring and logging activity.


• A proactive approach ensures safer file upload functionality.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy