csce522-lect11

csce522-lect11 - CSCE 522 CSCE Lecture 12 Program Security...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
CSCE 522 CSCE 522 Lecture 12 Lecture 12 Program Security Program Security Malicious Code Malicious Code
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CSCE 522 - Farkas 2 Reading Reading Reading for this lecture: Required: Pfleeger: Ch. 3 Recommended: USC Computing Services – Virus Information Center Reading for next lecture: Pfleeger: Ch. 4.5
Background image of page 2
CSCE 522 - Farkas 3 Program Flaws Program Flaws Taxonomy of flaws: how (genesis) when (time) where (location) the flaw was introduced into the system
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CSCE 522 - Farkas 4 Security Flaws by Genesis Security Flaws by Genesis Genesis Intentional Malicious: Trojan Horse, Trapdoor, Logic Bomb, Worms, Virus Non-malicious Inadvertent Validation error Domain error Serialization error Identification/authentication error Other error
Background image of page 4
CSCE 522 - Farkas 5 Flaws by time Flaws by time Time of introduction During development Requirement/specification/design Source code Object code During maintenance During operation
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CSCE 522 - Farkas 6 Flaws by Location Flaws by Location Location Software Operating system: system initialization, memory management, process management, device management, file management, identification/authentication, other Support: privileged utilities, unprivileged utilities Application Hardware
Background image of page 6
CSCE 522 - Farkas 7 Slammer Worm Slammer Worm The Slammer worm (Sapphire worm) was the fastest worm in history Start: Saturday, Jan. 25, 2003 Doubled in size every 8.5 seconds at its peak Infected more than 90 percent of the vulnerable hosts within 10 minutes using a vulnerability in Microsoft's SQL Server Total infected: more than 75,000 hosts Flooded networks all over the world, caused disruptions to financial institutions, ATMs, and even an election in Canada http://www.pbs.org/wgbh/pages/frontline/shows/cyberwar/etc/maps.html
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 12/13/2011 for the course CSCE 522 taught by Professor Farkas during the Fall '11 term at South Carolina.

Page1 / 29

csce522-lect11 - CSCE 522 CSCE Lecture 12 Program Security...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online