Security Knitting Kit
SECurity KNITting KIT
Integrating Security Overview:
Thank you for your interest in the SecKnitKit project!
To computer science faculty who have had no prior experience in teaching security, we offer security modules (with lecture slides/notes, quizzes, active learning exercises) to integrate into computer science courses such as Software Engineering, Database Management Systems, Operating Systems, and Networks.
If you are interested in adopting ANY of these materials for your CS course(s), please SUBMIT your interest with contact information HERE. We will send you credentials to access the modules shortly after.
You can find a list of the exercise modules for each subject area with brief overview below. In addition to these exercise modules complete with virtual image, each subject area contains at least two sets of lecture modules (slides with notes), and assessment Q&A.
Hope we can help you in adopting security into your CS curriculum.
For authorized participants only:
- Software Engineering
- Database Management Systems
- Operating Systems
ACTIVE LEARNING EXERCISE MODULE OVERVIEW
- Buffer Overflow: Buffer overflows are some of the oldest but still widely used exploitation techniques to gain control of a program for malicious purposes. Writing a specially crafted piece of data into a buffer that is too small to hold it can cause unpredictable results, but with a bit of ingenuity an attacker can use it to their advantage.
- Improper Initialization: The improper initialization of a variable is not setting an initial state for a declared variable or setting a value that does not follow the Default Deny principle, and then evaluating a logic statement based on that variable. To a novice programmer it may seem unimportant to set the initial value of a variable or how it could lead to the manipulation of the state machine of a program.
- Improper Operand: In today’s programming world, we rely on the generation of sufficiently random number used in cryptographical ciphers. When setting random session IDs for users, the programmer must take caution such that the length of the random ID is sufficiently large and that it is indeed as random as possible.
Database Management Systems
- Access Permissions: When working with a database it is important that we set the correct access permissions for all users. As a database administrator you must follow the principle of Least Privilege when assigning roles and giving others privileges. This is done with the GRANT and REVOKE commands in MySQL.
- Integrity Controls: While administering a database it may become necessary to allow others to edit their data (such as, phone number, address, credit card, etc.). It is important to consider what data a user should be able to edit and what can only be changed by an administrator. Additionally, it is equally important to ensure that valid data is stored in the database (critical values are not left blank, certain fields are numeric and between a certain range).
- SQL-Injection: SQL injections are the most popular exploit type for a database connected web application. The presence of an SQL injection vulnerability is not the fault of the database software but the web application itself that does not properly sanitize user input, which then becomes an exploit. Using special techniques, an attacker can not only read restricted data, but could also take control of the entire database or even the underlying application
- Views: When serving data from a database to users, it is important that only the data that the particular user has access to, is displayed. For example, a student should not see the phone number of another student but the student may need to update their own phone number. This restriction can be imposed through the use of views.
- ARP Poisoning MITM: It is often very easy for an attacker to intercept the traffic between the router and your machine – if the proper defenses are not in place. This can lead to more advanced attacks where an attacker tricks a user into logging into a malicious page using plaintext authentication and then capturing the login information.
- IP Spoofing MITM: Using simple tools, an attacker could capture sensitive data if it is not sent over an encrypted channel. Additionally an attacker could hijack the session of an insecure protocol and inject malicious commands. Telnet is an example of an insecure protocol that is vulnerable to the above attacks.
- WEP Cracking: Wired Equivalent Privacy (WEP) was developed in 1999 and used for a number of years before the introduction of WPA in 2003. Many attacks exist against WEP and it is unfortunate that some users still use WEP (perhaps for legacy reasons or not knowing how to configure their router). In particular, it is possible to crack the encryption key for a WEP network by capturing a large number of packets and analyzing them using inexpensive hardware.
- Network Traffic Analysis: Drive by downloads are a major issue on the web today. Particularly because they do not require any interaction from the user’s part and are automatically loaded into the background (usually through a malicious ad on a legitimate page). Analyzing this type attack is usually not easy, especially when the malicious payload is obfuscated. Analyzing a pcap file for executable data types and verifying against a large number of antivirus scanners can help to find the origin of the payload and help in understanding how this attack is performed.
- Access Control: Sometimes, as a system administrator, it is not enough to use the chmod utility in Unix to effectively manage access to objects. Unix supports the creation of complex access control rules based on groups to follow the principle of Least Privilege.
- Authentication: It is important for a system administrator to understand how Linux stores authentication credentials and other metadata. It is also important to know how to identify insecure authentication methods and be able to change them to more secure options.
- Race Conditions: Race conditions are important to consider when writing an application that will be used to modify sensitive data. It is possible for a malicious program to modify a piece of data before the legitimate program has finished executing. Race conditions often lead to unpredictable results and in some cases compromise of sensitive data.
- Covert Channels: Seemingly innocent protocols can potentially carry data that can be used to communicate secret information. These hidden channels can be used by malware authors to send commands to compromised machines. The ICMP protocol contains data field that is ignored by most operating systems and thus can be used for covert communication.
- Heartbleed: The heartbleed vulnerability was first introduced with the release of the OpenSSL 1.0.1 within the Heartbeat application module. This module provides the ability for a client to keep a connection with the server alive by sending it a ‘heartbeat’ message every so often. The server replies back to the client with the same message. Additionally, part of this functionality requires the client to specify the size of the incoming message. The vulnerability was that OpenSSL did not check whether the size of the message specified in the reply corresponds to the actual size of the message. If the size exceeded beyond specification, the server would end up grabbing additional memory adjacent to it, resulting in what is known as a buffer over-read.