Skip to main content

Threats & Countermeasures

  1. Process Isolation: It's like giving each process its own private room. This ensures a process only gets to access its own data, ensuring no nosy neighbors.
  2. Layering: Think of it as setting up multiple security checkpoints in a building. By establishing various realms of security within a process, it limits unnecessary chatter between them.
  3. Abstraction: Imagine handing over a remote to control your smart home without showing all the wiring behind the walls. Abstraction provides these 'black-box' interfaces, letting programmers interact without needing to dive deep into the complexities of algorithms or the device’s intricate details.
  4. Data Hiding: This is akin to having a VIP room where only certain guests can see and access information. It ensures data isn't visible to those outside its designated security level. And for added security, hardware segmentation acts like a bouncer, reinforcing process isolation with tangible controls.

Buffer Overflow

  • Definition: A flaw that happens when a program writes data to a buffer and overruns the buffer's boundary, writing data to adjacent memory.

  • Cause: Typically caused by the program's failure to verify the size of the input data before storing it in a specific memory location.
  • Consequences: Can lead to system crashes, data corruption, and even provide an entry point for attackers to execute arbitrary code.

Buffer overflows can be prevented with input validation. 

Back Doors

  • Definition: Intentional points of entry into a system or application that bypass regular security mechanisms.
  • Cause: Sometimes left intentionally by developers for debugging or maintenance but can be overlooked and remain post-deployment.
  • Consequences: They pose a significant security risk as attackers can exploit these to gain unauthorized access.

Countermeasures include good code review, network monitoring, firewalls, and anti-malware. 

Privileged Programs

  • Definition: Programs that have elevated permissions to perform sensitive operations.
  • Cause: Can be left on a system by oversight after its deployment or for maintenance.
  • Consequences: When left unchecked, they can be exploited by malicious users to perform unauthorized actions, often with significant impact due to their elevated permissions.

Time-of-check-to-time-of-use (TOCTTOU) Attacks

TOCTTOU attacks exploit the time gap between when a system checks the status of an object (TOC) and when it actually uses it (TOU). These attacks are often termed as "race conditions", where attackers race the legitimate process to replace the object before its use.

A common sequence in system operations: check if a resource is available (TOC) and then access it if permitted (TOU).

An example of a TOCTTOU attack: replacing a data file after its verification but before its data is read. By doing so, an attacker can potentially manipulate a program's actions. Deep knowledge of the targeted program and system is usually necessary for a successful attack.

State Attacks

  • These attacks target the timing, data flow control, and transition between different system states.
  • Attackers might exploit the window of opportunity that exists between the status check of a resource and the subsequent action on it.
    • These race conditions can even be expanded with algorithmic complexity, increasing the potential time to perform this attack. 
  • Communication disconnects can also provide small time frames which attackers can potentially exploit.
  • It's crucial to address these kinds of attacks in both security policies and security models.

Vulnerabilities arise from a mix of oversight, unintended consequences of design decisions, and the inherent complexity of software systems. Do regular security audits, code reviews, and continuous security training for developers.

Countermeasures:

  • File locking: A security measure or technique to prevent simultaneous access to a file or resource.
  • Exception handling: Manage and respond to exceptional conditions that can occur during program execution, like errors or unusual conditions. It doesn’t have a direct relationship with TOC/TOU vulnerabilities (fail securley)
  • Time gap: Ensure that the time gap between check and use is minimized or secured, or use atomic operations that combine the check and action into an indivisible operation.

Covert Channels

Covert channels refer to the techniques used to transmit information over pathways not typically intended for communication. The sneakiness of this method means the system's usual security measures might overlook it.

Covert channels are notoriously tricky to detect since they operate outside standard communication pathways.

Example: Steganography - embedding secret data within a seemingly innocent photograph.

Types of Covert Channels

There are two primary types:

  1. Covert Timing Channels: These revolve around the measurement of time, such as:

    • Time taken for transaction completion
    • Duration to access shared buses
    • Paging rate intervals

  2. Covert Storage Channels: This deals with unexpected or unintended storage events.

    • Example: If a user modifies the size of a file, another user might detect this change, and thus, information can be communicated through these modifications.

Storage channels can lead to information leaks without any overt communication.


Back to top