Unformatted text preview:

Data and Applications Security Developments and DirectionsOutline of the UnitBrute-force (or not) cracking of weak or default usernames/passwordsPrivilege EscalationExploiting unused and unnecessary database services and functionalityTargeting unpatched database vulnerabilitiesStolen backup (unencrypted) tapesSQL InjectionSlide 9Slide 10Slide 11Slide 12OutlineDigital Identity ManagementDigital Identity Management - IIIdentity Theft ManagementDigital ForensicsDigital Forensics - IISteganography and Digital WatermarkingSteganography and Digital Watermarking - IIRisk AnalysisEconomics AnalysisSecure Electronic Voting MachinesBiometricsBiometric TechnologiesData Mining for BiometricsSecure BiometricsSecure Biometrics - IIOther ApplicationsIntroduction to BiometricsSlide 31What is Biometrics?What is the Process?Why Biometrics?Why Biometrics? (Continued)Slide 36Why Biometrics? (Concluded)Biometrics ResourcesBiometrics Resources: What is academia doing?Biometrics Resources: What is Industry doing?Biometrics Resources: What is Government doing?Activities of NISTActivities of NIST (Continued)Activities of NIST (Concluded)What is Secure Biometrics?Security VulnerabilitiesSecurity and Privacy for BiometricsSecure Electronic Voting MachinesReferences and DisclaimerProperties of a Good Voting SystemElectronic Voting SystemWhat is the problem?A solution?Certified Voting Systems and issuesSlide 55Slide 56What happened next?Security ThreatsRubin’s conclusionsAnalysis of Feldman et alSlide 61Data and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasAttacks to DatabasesEmerging Security TechnologiesBiometricsSecure Voting MachinesNovember 19, 2010Outline of the Unit1. Brute-force (or not) cracking of weak or default usernames/passwords 2. Privilege escalation 3. Exploiting unused and unnecessary database services and functionality 4. Targeting unpatched database vulnerabilities 5. Stolen backup (unencrypted) tapes6. SQL injection http://www.darkreading.com/security/encryption/211201064/index.htmlBrute-force (or not) cracking of weak or default usernames/passwordsOlder versions of Oracle and others database systems used well known default passwordsNew versions have changed this practice and don’t allow database systems to keep default passwordsEven unique, non-default database passwords aren’t hacker-safe – with Bruce Force attacks and password cracking toolsSteer clear of default passwords, and institute tight password management and regular change-ups.Privilege EscalationThere have been several insider attacks that came as a result of a malicious user possessing more system privileges than he or she should have had. Outside attackers sometimes have higher-level privileges by compromising the operating system.Privilege escalation usually has more to do with misconfiguration: A user is mistakenly granted more access and privileges on the database or related applications than he actually needs to do his job. Sometimes an inside attacker (or an outsider who has taken over a victim’s machine) can go from one application to the database, even if he doesn't have database credentials. Solution: Give users only the access and rights they need on the database, nothing moreExploiting unused and unnecessary database services and functionalityOne of the first things an outside attacker will look for is whether his potential victim is running the Listener feature on its Oracle database. Listener seeks out and forwards network connections to the Oracle database, and thus can expose users and database links. Via Google, an attacker can search and find exposed Listener services on databases. Other features, such as hooks between operating systems and the database, can leave the database exposed to an attack. Such a hook can become a communications link to the database. Often, database administrators run too many services and services may be open up to vulnerabilitiesSolution: Install only the database features you need.Targeting unpatched database vulnerabilitiesOracle and other database vendors patch their vulnerabilities. However difficult for organizations to keep up with the patchesDatabase vendors are careful not to disclose many details about the vulnerabilities and their patches fix so that attackers are not notifiedSome hacker sites post exploit scripts for known database vulnerabilitiesSolution: Organizations must be vigilant about installing patches in a timely manner.Stolen backup (unencrypted) tapesIf the database data on the stolen are not encrypted and the tapes get into the wrong hands then there is a huge problemBut this type of attack is more likely to occur with an insider selling the media to an attacker. Solution: Encrypt the critical data. Use a safe for sensitive database tapesSQL Injection SQL injection attacks occur where the fields available for user input let SQL statements through to query the database directly. Outside of the client, Web applications typically are the weakest link. In some cases, if the attacker gets a screen on the application for username and password, all he has to do is provide a SQL statement or database command and that goes directly to the databaseIf the application does not examine the content of the logon. “The problem is that the authentication and authorization has been moved to the application server. Now instead of a user name, it is a SQL command put into a packet and sent by the application server to the database. The database reads the SQL command, and it could shut down a database altogetherSQL Injection Solution is to look at the content the user is providing. SQL injection attacks can occur both from the Web application to the database, and from within the database itself. There are some programming practices that help prevent SQL injection flaws in applications, such as using what are called “bind variables,” or parameters for queries. In languages such as Java, that means using question marks as placeholders in the SQL statement and binding the “received” values to those placeholdersAnother practice is to avoid displaying certain database error messages to avoid giving away potentially sensitive information to a would-be attackerSQL Injection Conasier ing a very simple web application that processes customer orders. Suppose Acme Widgets has a simple


View Full Document

UTD CS 6V81 - LECTURE NOTES

Documents in this Course
Botnets

Botnets

33 pages

Privacy

Privacy

27 pages

Privacy

Privacy

27 pages

Load more
Download LECTURE NOTES
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view LECTURE NOTES and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view LECTURE NOTES 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?