Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Threat Model Example: Network User
- • supposes that any anonymous user can – connect remotely to the software via a network
- • attack possibilities
- – measure the size and timing of his own requests and responses
- – run parallel sessions
- * masquerading various users and
- * interleaving their messages in various ways
- – provide malformed inputs / messages
- – drop or send extra messages
- • attack examples
- – SQL injection, XSS, CSRF etc.
- – buffer overflow, ROP payloads etc.
- – message traffic is safe
- – ⇒no need for encrypted communication
- – e.g. the (old) telnet remote login
- – not (anymore) appropriate in many actual real-life situations
- Threat Model Example: Snooping User
- • supposes a network user
- – on the same network as other users of the application
- – e.g. someone connected to an unencrypted Wi-Fi network at a coffee shop
- – e.g. students in an university campus
- • additional attack possibilities
- – read / measure others’ messages
- – intercept, duplicate or modify others’ messages
- • attack examples
- – session hijacking (intercept session key), data theft etc.
- * violate privacy by reading unencrypted information exchanged between clients and service
- – side-channel attacks (infer information by measuring size / timing of others’ messages)
- – DoS
- – message traffic is visible (a more realistic assumption)
- – ⇒encrypted communication needed
- – which one appropriate: link(encryptedWi-Fi,likeWPA2),network(IPsec) or application (SSL) layer?
- – consider an attacker that can snoop traffic vs. one that can intercept and change the traffic
- – encryption not sufficient for the latter
- Threat Model Example: Co-located User
- • supposes a network user(i.e. the attacker)
- – on the same machine as other users of the application
- – e.g. a malware installed on a user’s computer
- • additional attack possibilities
- – read / write files and memory
- – snoop key presses and other events
- – read / write user’s display (e.g. to spoof)
- • attack examples
- – secret theft, like passwords, keys
- – spoofing attacks
- • note the difference between
- – snooping: unauthorized access to other’s data
- – spoofing: impersonate someone (site, person etc.) else for the purpose of stealing data
- – Spoofing – Tampering – Repudiation – Information Disclosure – Denial of Service – Elevation of Privileges
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement