Abstract image of a woman sitting on books and studying on a laptop

Fine-grained policy enforcement for untrusted software

Download as PPTX, PDF
Phú Phùng, profile picture
Phú Phùng

The document discusses fine-grained policy enforcement for untrusted software, emphasizing the security risks associated with applications that utilize remote JavaScript and third-party services. It proposes lightweight enforcement techniques, including inlined reference monitors and self-protecting JavaScript, to mitigate vulnerabilities by embedding security policies directly into code. The approach is aimed at enhancing security on smartphones, vehicles, and web applications without requiring significant modifications to existing systems.

Science
1 of 19
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
FINE-GRAINED POLICY ENFORCEMENT FOR UNTRUSTED SOFTWARE Phu H. Phung University of Gothenburg, Sweden, and University of Illinois at Chicago, USA IEEE Senior member
Untrusted software • Freeware downloaded over Internet • Computer • Smartphone • Vehicle • Third-party JavaScript in the Web 2 92% of all websites use JavaScript [w3techs.com] “88.45% of the Alexa top 10,000 web sites included at least one remote JavaScript library” CCS’12 Untrusted software might not run at system level but run on a container, e.g. web browser, virtual machine
Conventional security mechanisms • Firewall • Cryptography • Access control • System calls/ privileged mode Treat programs as black box, cannot address vuneralbilities inside a program
Attack examples on smartphones 4
5 A real attack example in vehicle system http://www.wired.com/threatlevel/2010/03/hacker-bricks-cars/
Samy attack on Myspace • MySpace tries to filter out JavaScript code in user data • BUT: The malicious code was injected in a “strange” way that escapes the filter <div id=mycode style="BACKGROUND: url('java script:eval(document.all.mycode.expr)')" expr="var B=String.fromCharCode(34);………"> </div> 6
Another attack • Million Browser Botnet (July 2013) • Leverage Advertising Networks using JavaScript to launch Application-Level DDoS • Paid on 2 ad networks for displaying treacherous advertisements on pages visited by hundreds of thousands of people 7 Jeremiah Grossman & Matt Johansen WhiteHat SECURITY (Malicious code run automatically without user knowledge)
Usability vs. Security •Modern software tends to be open and extensible • Needs for fine-grained security enforcement, • i.e. not only allow or disallow an action, but enforce application-specific security policies • Needs for runtime monitoring • Control bad behaviors
Motivations for fined-grained policy enforcement at runtime • Third-party service needs to use sensitive resources, e.g. GPS location, SMS sending to function 9 • Potential security risks: e.g. leaking GPS info, send too many SMS messages causing high cost Need for fined-grained security policy enforcement at runtime Policy: allow SMS sending but restricted to a specific recipient address, limit on the number of messages sent per day, depending on the vehicle's location
Language-based security • Looking inside a program to enforce security • Before execution • analyze the code to ensure it is safe • rewrite the code to avoid potential harm • During execution • monitor security-relevant events and stop the event violating security • audit the code and take policing action if it did harm Inlined Reference Monitors
Inlined Reference Monitors •A language-based approach, combining of • Rewriting • Monitoring • Auditing
Overview of our contributions The Lightweight Enforcement Approach Vehicle Application Domain Web application security at browsers
The lightweight enforcement approach to the vehicle domain Third-party vehicle application (in Java source or bytecode) Security policies (in AspectJ) Rewriting tool (AspectJ weaver) Embedded security policies will prevent bad behaviours at runtime . . . . The modified (secured) application with embedded policies
The deployment model In-vehicle system Control center Third party Request a third-party app Request the app the app Install and run the app Modify the app to embed security policies Install and run the app
Overview of our contributions The Lightweight Enforcement Approach Vehicle Application Domain Web application security at browsers
The lightweight self-protecting JavaScript approach • “inline” the policy into the JavaScript code so that the code becomes self-protecting • The policy enforcement is implemented in a lightweight manner • does not require browser modification • non invasive: the original code (and any dynamically generated code) is not syntactically modified • its implementation is a small and simple adaptation of an aspect-oriented programming library
Deployment illustration <html> <head> <script src=“selfprotectingJS.js"></script> <title>Self-protecting JavaScript </title> <meta content=…> <style>…</style> <script>…</script> <!-- more heading setting --> 70 60 50 </head> <body> <script type="text/javascript"> (function() {..})(); </script> <!-- the content of page --> </body> 40 30 20 10 </html> Policy code and enforcement code defined in a text file The enforcement code can be deployed anywhere: server side, proxy or browser plug-in, i.e. no need for a modified browser The orgininal code is not syntactically modified 6.33 66.03 0 Self-Protecting BrowserShield Slowdown (times) Runtime overhead 17
Our contributions in web security Lightweight Self- Protecting JavaScript A Two-tier Sandbox Architecture for Untrusted JavaScript Safe Wrappers and Sane Policies for Self-Protecting JavaScript JSand: complete client-side sandboxing of third-party JavaScript without browser modifications SAFESCRIPT: JavaScript Transformation for Policy Enforcement
Summary • Fine-grained security policy enforcement remains a topic of research for all open systems • Smartphone • Vehicle • The Web • The proposed lightweight IRM approach has benefits in providing a complete and robust tool for: • Java bytecode for open telematics systems • JavaScript running on a web browser.

More Related Content

PPS
Security testing
Tabăra de Testare
 
PDF
Web Application Security 101 - 03 Web Security Toolkit
Websecurify
 
ODP
Web Application Firewall
Chandrapal Badshah
 
PPTX
A new web application vulnerability assessment framework
Mark Jayson Fuentes
 
PPT
Benefits of web application firewalls
EnclaveSecurity
 
PPTX
OTG - Practical Hands on VAPT
shiriskumar
 
PPTX
Security Testing for Web Application
Precise Testing Solution
 
PPTX
Penetration Testing
RomSoft SRL
 
Security testing
Tabăra de Testare
 
Web Application Security 101 - 03 Web Security Toolkit
Websecurify
 
Web Application Firewall
Chandrapal Badshah
 
A new web application vulnerability assessment framework
Mark Jayson Fuentes
 
Benefits of web application firewalls
EnclaveSecurity
 
OTG - Practical Hands on VAPT
shiriskumar
 
Security Testing for Web Application
Precise Testing Solution
 
Penetration Testing
RomSoft SRL
 

What's hot (20)

PPT
Networking and penetration testing
Mohit Belwal
 
PPTX
Security Testing
Qualitest
 
PPT
Nguyễn Tấn Vi - office of the CISO
Security Bootcamp
 
PDF
Web Application Penetration Testing
Priyanka Aash
 
PPTX
Security testing fundamentals
Cygnet Infotech
 
PPT
Security testing
baskar p
 
PPTX
Anatomy of an Attack - Sophos Day Belux 2014
Sophos Benelux
 
PPTX
ATP
Lan & Wan Solutions
 
PPTX
Security testing
Rihab Chebbah
 
PDF
Introduction to Security Testing
vodQA
 
PPTX
Ethical Hacking & Penetration Testing
ecmee
 
PPT
Ethical Hacking and Penetration Testing
Rishabh Upadhyay
 
PPTX
WEB APPLICATION SECURITY
yashwanthlavu
 
PPTX
Confoo 2012 - Web security keynote
Antonio Fontes
 
PDF
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
 
PPTX
Advanced Threat Protection
Lan & Wan Solutions
 
PPTX
Web Application Vulnerabilities
Preetish Panda
 
PPTX
Web application vulnerability assessment
Ravikumar Paghdal
 
PDF
Stories from the Security Operations Center
Alert Logic
 
PPT
Ch08 Microsoft Operating System Vulnerabilities
phanleson
 
Networking and penetration testing
Mohit Belwal
 
Security Testing
Qualitest
 
Nguyễn Tấn Vi - office of the CISO
Security Bootcamp
 
Web Application Penetration Testing
Priyanka Aash
 
Security testing fundamentals
Cygnet Infotech
 
Security testing
baskar p
 
Anatomy of an Attack - Sophos Day Belux 2014
Sophos Benelux
 
ATP
Lan & Wan Solutions
 
Security testing
Rihab Chebbah
 
Introduction to Security Testing
vodQA
 
Ethical Hacking & Penetration Testing
ecmee
 
Ethical Hacking and Penetration Testing
Rishabh Upadhyay
 
WEB APPLICATION SECURITY
yashwanthlavu
 
Confoo 2012 - Web security keynote
Antonio Fontes
 
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
 
Advanced Threat Protection
Lan & Wan Solutions
 
Web Application Vulnerabilities
Preetish Panda
 
Web application vulnerability assessment
Ravikumar Paghdal
 
Stories from the Security Operations Center
Alert Logic
 
Ch08 Microsoft Operating System Vulnerabilities
phanleson
 
Ad

Viewers also liked (7)

PPTX
A Two-Tier Sandbox Architecture for Untrusted JavaScript
Phú Phùng
 
PPTX
Governing Bot-as-a-Service in Sustainability Platforms - Issues and Approaches
Phú Phùng
 
PPTX
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...
Phú Phùng
 
PPTX
Lightweight Self-Protecting JavaScript
Phú Phùng
 
PPTX
Web security: Securing Untrusted Web Content in Browsers
Phú Phùng
 
PPTX
Web security: Securing untrusted web content at browsers
Phú Phùng
 
PPT
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
Phú Phùng
 
A Two-Tier Sandbox Architecture for Untrusted JavaScript
Phú Phùng
 
Governing Bot-as-a-Service in Sustainability Platforms - Issues and Approaches
Phú Phùng
 
Self-Protecting JavaScript: A Lightweight Approach to Enforcing Security Poli...
Phú Phùng
 
Lightweight Self-Protecting JavaScript
Phú Phùng
 
Web security: Securing Untrusted Web Content in Browsers
Phú Phùng
 
Web security: Securing untrusted web content at browsers
Phú Phùng
 
Security Policy Enforcement for the OSGi Framework using Aspect-Oriented Pr...
Phú Phùng
 
Ad

Similar to Fine-grained policy enforcement for untrusted software (20)

PDF
Application Security Testing for Software Engineers: An approach to build sof...
Michael Hidalgo
 
PPT
CyberCrime in the Cloud and How to defend Yourself
Alert Logic
 
PPTX
Web Application Hacking tools .pptx
Guna Dhondwad
 
PPT
How PCI And PA DSS will change enterprise applications
Ben Rothke
 
PDF
Web Application Penetration Testing Course in 2025.pdf
daksh908982
 
PDF
Datasheet app vulnerability_assess
Birodh Rijal
 
PDF
Solvay secure application layer v2015 seba
Sebastien Deleersnyder
 
PPTX
Secure Code review - Veracode SaaS Platform - Saudi Green Method
Salil Kumar Subramony
 
PPT
Web Application Security
Srivigneshwar R Prasad
 
PDF
Best Practices for Developing Secure Web Applications
ScalaCode
 
PDF
19BCP072_Presentation_Final.pdf
KunjJoshi14
 
PPT
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
IBM Security
 
PDF
Essential Security Practices for Modern Web Developers.pdf
Zinavo Pvt Ltd
 
PDF
Jonathan Singer - Wheezing The Juice.pdf
Jonathan Singer
 
PDF
F5 Web Application Security
MarketingArrowECS_CZ
 
PDF
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Symantec
 
PDF
Developing Web Applications Securely - How to Fix Common Code Vulnerabilities...
Veracode
 
PDF
Cyber Security and Data Privacy - presentation
noorebrahim2002
 
PPT
Security Design Principles.ppt
DrBasemMohamedElomda
 
PDF
C01461422
IOSR Journals
 
Application Security Testing for Software Engineers: An approach to build sof...
Michael Hidalgo
 
CyberCrime in the Cloud and How to defend Yourself
Alert Logic
 
Web Application Hacking tools .pptx
Guna Dhondwad
 
How PCI And PA DSS will change enterprise applications
Ben Rothke
 
Web Application Penetration Testing Course in 2025.pdf
daksh908982
 
Datasheet app vulnerability_assess
Birodh Rijal
 
Solvay secure application layer v2015 seba
Sebastien Deleersnyder
 
Secure Code review - Veracode SaaS Platform - Saudi Green Method
Salil Kumar Subramony
 
Web Application Security
Srivigneshwar R Prasad
 
Best Practices for Developing Secure Web Applications
ScalaCode
 
19BCP072_Presentation_Final.pdf
KunjJoshi14
 
Avoiding Application Attacks: A Guide to Preventing the OWASP Top 10 from Hap...
IBM Security
 
Essential Security Practices for Modern Web Developers.pdf
Zinavo Pvt Ltd
 
Jonathan Singer - Wheezing The Juice.pdf
Jonathan Singer
 
F5 Web Application Security
MarketingArrowECS_CZ
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Symantec
 
Developing Web Applications Securely - How to Fix Common Code Vulnerabilities...
Veracode
 
Cyber Security and Data Privacy - presentation
noorebrahim2002
 
Security Design Principles.ppt
DrBasemMohamedElomda
 
C01461422
IOSR Journals
 

Recently uploaded (20)

PPT
LEC Synthetic Biology and its application.ppt
Hassan Yousaf
 
PPT
Computional quantum chemistry study .ppt
SrilakshmivenkataNar
 
PPT
Presentation of a Romanian Institutee 2.
TeodoraRusu3
 
PPTX
gene cloning powerpoint for general biology 2
G17RodriguezJanelleA
 
PPTX
INTRODUCTION TO PAEDIATRICS AND PAEDIATRIC HISTORY TAKING-1.pptx
godfreymandela88
 
PDF
Communicating Health Policies to Diverse Populations (www.kiu.ac.ug)
publication11
 
PDF
Warm, water-depleted rocky exoplanets with surfaceionic liquids: A proposed c...
Sérgio Sacani
 
PDF
CHAPTER 2 The Chemical Basis of Life Lecture Outline.pdf
DaniseNobrera
 
PPTX
POULTRY PRODUCTION AND MANAGEMENTNNN.pptx
RomnickTanilon
 
PPTX
SCIENCE 4 Q2W5 PPT.pptx Lesson About Plnts and animals and their habitat
irishjeancui
 
PPT
Biochemestry- PPT ON Protein,Nitrogenous constituents of Urine, Blood, their ...
SuchitraRati1
 
PDF
Unit 5 Preparations, Reactions, Properties and Isomersim of Organic Compounds...
fliwertyfw154
 
PPTX
Probability.pptx pearl lecture first year
ayeshanadeem0508
 
PPTX
Microbes in human welfare class 12 .pptx
chinmayikalokhe
 
PPT
THE CELL THEORY AND ITS FUNDAMENTALS AND USE
nctpcctv
 
PDF
Cosmic Outliers: Low-spin Halos Explain the Abundance, Compactness, and Redsh...
Sérgio Sacani
 
PDF
Worlds Next Door: A Candidate Giant Planet Imaged in the Habitable Zone of ↵ ...
Sérgio Sacani
 
PDF
Science Form five needed shit SCIENEce so
ArielLucifer1
 
PDF
GROUP 2 ORIGINAL PPT. pdf Hhfiwhwifhww0ojuwoadwsfjofjwsofjw
jjsaplad10
 
PPTX
ap-psych-ch-1-introduction-to-psychology-presentation.pptx
sz664
 
LEC Synthetic Biology and its application.ppt
Hassan Yousaf
 
Computional quantum chemistry study .ppt
SrilakshmivenkataNar
 
Presentation of a Romanian Institutee 2.
TeodoraRusu3
 
gene cloning powerpoint for general biology 2
G17RodriguezJanelleA
 
INTRODUCTION TO PAEDIATRICS AND PAEDIATRIC HISTORY TAKING-1.pptx
godfreymandela88
 
Communicating Health Policies to Diverse Populations (www.kiu.ac.ug)
publication11
 
Warm, water-depleted rocky exoplanets with surfaceionic liquids: A proposed c...
Sérgio Sacani
 
CHAPTER 2 The Chemical Basis of Life Lecture Outline.pdf
DaniseNobrera
 
POULTRY PRODUCTION AND MANAGEMENTNNN.pptx
RomnickTanilon
 
SCIENCE 4 Q2W5 PPT.pptx Lesson About Plnts and animals and their habitat
irishjeancui
 
Biochemestry- PPT ON Protein,Nitrogenous constituents of Urine, Blood, their ...
SuchitraRati1
 
Unit 5 Preparations, Reactions, Properties and Isomersim of Organic Compounds...
fliwertyfw154
 
Probability.pptx pearl lecture first year
ayeshanadeem0508
 
Microbes in human welfare class 12 .pptx
chinmayikalokhe
 
THE CELL THEORY AND ITS FUNDAMENTALS AND USE
nctpcctv
 
Cosmic Outliers: Low-spin Halos Explain the Abundance, Compactness, and Redsh...
Sérgio Sacani
 
Worlds Next Door: A Candidate Giant Planet Imaged in the Habitable Zone of ↵ ...
Sérgio Sacani
 
Science Form five needed shit SCIENEce so
ArielLucifer1
 
GROUP 2 ORIGINAL PPT. pdf Hhfiwhwifhww0ojuwoadwsfjofjwsofjw
jjsaplad10
 
ap-psych-ch-1-introduction-to-psychology-presentation.pptx
sz664
 

Fine-grained policy enforcement for untrusted software

  • 1. FINE-GRAINED POLICY ENFORCEMENT FOR UNTRUSTED SOFTWARE Phu H. Phung University of Gothenburg, Sweden, and University of Illinois at Chicago, USA IEEE Senior member
  • 2. Untrusted software • Freeware downloaded over Internet • Computer • Smartphone • Vehicle • Third-party JavaScript in the Web 2 92% of all websites use JavaScript [w3techs.com] “88.45% of the Alexa top 10,000 web sites included at least one remote JavaScript library” CCS’12 Untrusted software might not run at system level but run on a container, e.g. web browser, virtual machine
  • 3. Conventional security mechanisms • Firewall • Cryptography • Access control • System calls/ privileged mode Treat programs as black box, cannot address vuneralbilities inside a program
  • 4. Attack examples on smartphones 4
  • 5. 5 A real attack example in vehicle system http://www.wired.com/threatlevel/2010/03/hacker-bricks-cars/
  • 6. Samy attack on Myspace • MySpace tries to filter out JavaScript code in user data • BUT: The malicious code was injected in a “strange” way that escapes the filter <div id=mycode style="BACKGROUND: url('java script:eval(document.all.mycode.expr)')" expr="var B=String.fromCharCode(34);………"> </div> 6
  • 7. Another attack • Million Browser Botnet (July 2013) • Leverage Advertising Networks using JavaScript to launch Application-Level DDoS • Paid on 2 ad networks for displaying treacherous advertisements on pages visited by hundreds of thousands of people 7 Jeremiah Grossman & Matt Johansen WhiteHat SECURITY (Malicious code run automatically without user knowledge)
  • 8. Usability vs. Security •Modern software tends to be open and extensible • Needs for fine-grained security enforcement, • i.e. not only allow or disallow an action, but enforce application-specific security policies • Needs for runtime monitoring • Control bad behaviors
  • 9. Motivations for fined-grained policy enforcement at runtime • Third-party service needs to use sensitive resources, e.g. GPS location, SMS sending to function 9 • Potential security risks: e.g. leaking GPS info, send too many SMS messages causing high cost Need for fined-grained security policy enforcement at runtime Policy: allow SMS sending but restricted to a specific recipient address, limit on the number of messages sent per day, depending on the vehicle's location
  • 10. Language-based security • Looking inside a program to enforce security • Before execution • analyze the code to ensure it is safe • rewrite the code to avoid potential harm • During execution • monitor security-relevant events and stop the event violating security • audit the code and take policing action if it did harm Inlined Reference Monitors
  • 11. Inlined Reference Monitors •A language-based approach, combining of • Rewriting • Monitoring • Auditing
  • 12. Overview of our contributions The Lightweight Enforcement Approach Vehicle Application Domain Web application security at browsers
  • 13. The lightweight enforcement approach to the vehicle domain Third-party vehicle application (in Java source or bytecode) Security policies (in AspectJ) Rewriting tool (AspectJ weaver) Embedded security policies will prevent bad behaviours at runtime . . . . The modified (secured) application with embedded policies
  • 14. The deployment model In-vehicle system Control center Third party Request a third-party app Request the app the app Install and run the app Modify the app to embed security policies Install and run the app
  • 15. Overview of our contributions The Lightweight Enforcement Approach Vehicle Application Domain Web application security at browsers
  • 16. The lightweight self-protecting JavaScript approach • “inline” the policy into the JavaScript code so that the code becomes self-protecting • The policy enforcement is implemented in a lightweight manner • does not require browser modification • non invasive: the original code (and any dynamically generated code) is not syntactically modified • its implementation is a small and simple adaptation of an aspect-oriented programming library
  • 17. Deployment illustration <html> <head> <script src=“selfprotectingJS.js"></script> <title>Self-protecting JavaScript </title> <meta content=…> <style>…</style> <script>…</script> <!-- more heading setting --> 70 60 50 </head> <body> <script type="text/javascript"> (function() {..})(); </script> <!-- the content of page --> </body> 40 30 20 10 </html> Policy code and enforcement code defined in a text file The enforcement code can be deployed anywhere: server side, proxy or browser plug-in, i.e. no need for a modified browser The orgininal code is not syntactically modified 6.33 66.03 0 Self-Protecting BrowserShield Slowdown (times) Runtime overhead 17
  • 18. Our contributions in web security Lightweight Self- Protecting JavaScript A Two-tier Sandbox Architecture for Untrusted JavaScript Safe Wrappers and Sane Policies for Self-Protecting JavaScript JSand: complete client-side sandboxing of third-party JavaScript without browser modifications SAFESCRIPT: JavaScript Transformation for Policy Enforcement
  • 19. Summary • Fine-grained security policy enforcement remains a topic of research for all open systems • Smartphone • Vehicle • The Web • The proposed lightweight IRM approach has benefits in providing a complete and robust tool for: • Java bytecode for open telematics systems • JavaScript running on a web browser.