(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
Application security
1.
2. We will cover:
• Some basic definitions
• Application Security meaning
• CIA
• Vulnerabilities
• Demo attack
• Countermeasures
• Best practice to build a secure app.
• Facebook on Spot
3. Basic definitions
Asset: Resources of value need to be protected
Threat: undesired event that may compromise an asset or object , or
produce undesired outcome
Vulnerability: is the weakness in your system , or in security control,
that makes an exploit harm
Attack: is an action that utilizes one or more vulnerabilities to realize a
threat.
Security Control: process or policy put togther to minimize security
threats to an acceptable level.
4. is the use of software, hardware, and procedural methods to protect
applications from external threats.
Attacks Shift Towards Application Layer
% of Dollars
75%
“attacks”
Application Security
5. Confidentiality
Malware can be written to do directed searches and send
confidential data to specific parties
Integrity
viruses attached and keep themselves resident in the system
which allow attacker to completely control a system, this may
erase data files, or interfere with application data over time in
such a way that data integrity is compromised and data may
become completely useless.
Availability
malware can compromise programs and data to the point where
they are no longer available, sometimes this can be a direct
denial of service (DoS) attack, and sometimes it is a side effect
of the activity of the malware.
Application Security aims to secure:
6. Application Vulnerability
A software “vulnerability” leads to process critical data in
an insecure way. By exploiting these “holes” in
applications, cybercriminals can gain entry into an
organization’s systems and steal confidential data.
Common software vulnerabilities:
• SQL injection
• Cross-Site Scripting (XSS).
And almost every application has vulnerabilities. about
70% of all applications had at least one vulnerability
classified as one of the top 10 web vulnerability types.
Commercial software, financial services software,
software written by government agencies … all are
vulnerable.
8. Phase 1 (Information)
SQL Injection
1. Hacker searches information about victim’s target system
Operating System
Web Server
Database
2. Compares information with vulnerability database
3. Hacker found vulnerability
Search for (specific) user
Find additional information about user
4. Needs information for next phase of attack
Application Vulnerability - Demo Attack
9. Phase 2 (Infrastructure)
Cross Site Scripting (XSS)
1. Hacker found personal information about user
e-mail
Phone number
…
2. Sends e-mail with unsuspicious topic
3. Includes XSS in e-Mail that sends user session to the hackers server
4. User receives e-Mail
5. e-mail is unsuspicious to user
Topic
Originator
6. Included XSS sends all cookies to hacker’s web site
Application Vulnerability - Demo Attack
10. Phase 3 - Exploit
Session hijacking
1. Hacker received all cookies from user
2. Cookies are used to identify users
3. Hacker uses cookie to resume user session
4. Hacker is logged in as user “victim” with user’s access rights
o XSS-Proxy is a tool for leveraging Cross-Site-Scripting (XSS) flaws to hijack victim
browsers and allows a bi-directional interactive control channel between attacker, victim
browser and an XSS vulnerable site
Now hacker has logged in to your banking site with your access right.
That was just the beginning
Application Vulnerability - Demo Attack
11. • Attacker can implement a sniffer to capture all network traffic
• Use a backdoor or trojan to gain repeated access.
• May install rootkits in the kernel to get superuser access at the operating system level.
• They can then use their access to steal data, consume CPU cycles and exchange
confidential information or even resort to extortion.
• They can maintain control of their system for a long time by "hardening the system"
against other attackers
Application Vulnerability - Demo Attack
Phase 5 – Delete Fingerprints
Phase 4 – Keep Access
• Trojans such as ps or netcat are useful to destroy the evidence in the registry files
or replace the system binaries with them.
• Steganography, is the process of hiding data, for example, in images and sound
files.
• Tunneling, takes advantage of the transmission protocol by carrying one protocol
over another. Even the extra space (unused bits) in the TCP and IP headers can be
used to hide information
12. Application Security Countermeasures
• Countermeasures are the actions taken to ensure application security
• Application Firewall is the most basic software countermeasure that
limits the execution of files or the handling of data by specific
installed programs.
• Router is the most common hardware countermeasure that can
prevent the IP address of an individual computer from being directly
visible on the Internet.
• Other countermeasures include conventional firewalls,
encryption/decryption programs, anti-virus programs, spyware
detection/removal programs and biometric authentication systems.
13. Best Practices to Build Secure Applications
1. Follow the OWASP Top Ten
it contains the most critical web application security vulnerabilities, these security vulnerabilities target the
confidentiality, integrity, and availability of an application, its developers, and its users. They cover such attack
vectors as injection attacks, authentication and session management, security misconfiguration, and sensitive
data exposure.
2. Get an Application Security Audit
people with specific, professional application security experience, who know what to look for, including the
obvious and the subtle, as well as the hidden things. They’ll also be abreast of current security issues and be
knowledgeable about issues which aren’t common knowledge yet.
3. Implement Proper Logging
When something goes wrong at some stage and there is a bug that no one saw (or considered severe enough
to warrant particular attention) one that will eventually be exploited. to be able to respond as quickly as
possible ; you need to have proper logging implemented before the situation gets out of hand. Doing so
provides you with information about what occurred, what lead to the situation in the first place, and what else
was going on at the time.
4. Use Real-time Security Monitoring and Protection or Web Application Firewalls
To protect your application from a range of perspectives, both internal and external using Firewalls in addition
to Runtime Application Self-Protection (RASP) and services
14. 5. Encrypt Everything
It’s important to also make sure that data at rest is encrypted as well as in transit. HTTPS makes it next to impossible
for Man In The Middle (MITM) attacks to occur.
6. Harden Everything
you need to ensure that everything is sufficiently hardened from operating systems to software development
frameworks
7. Keep Your Servers Up to Date
make sure that your servers are set to update to the latest security releases as they become available.
8. Keep Your Software Up to Date
Applications frameworks and third party software libraries, just like operating systems, have vulnerabilities. If they’re
properly supported, then they will also be rapidly patched and improved. So it’s important to ensure that you’re using
the latest stable version.
9. Stay Abreast of the Latest Vulnerabilities
there are a range of ways in which we can get updated with the number of attack vectors in play today, vectors such
as Cross-site scripting, code injection, SQL injection, insecure direct object references, and cross-site request forgery
10. Never Stop Learning
that way, you’ll always have it as a key consideration, and be far less likely to fall victim to security or data breaches.
Best Practices to Build Secure Applications
15.
16. Data privacy is a part of information Security & Cyber Security , and any
kind of hole in IDOR (Missing Access Control Level) or Data Leakage which
exist in GraphQL Wrapper Implementation & Facebook APIs is able to
destroy an empire like Facebook
IS this related to Information Security!!
In USA elections , a quiz app is
developed by Kogan for USA
residents, and it was aiming to
collect users data and their friends,
and it did collected data for 50
millions users.
17. What Facebook Information Security Team will do?!
• Review our platform. We will investigate all apps that had access to large amounts of
information before we changed our platform in 2014 to reduce data access, and we will
conduct a full audit of any app with suspicious activity. If we find developers that misused
personally identifiable information, we will ban them from our platform.
• Tell people about data misuse. We will tell people affected by apps that have misused their
data. This includes building a way for people to know if their data might have been accessed
via “thisisyourdigitallife.” Moving forward, if we remove an app for misusing data, we will tell
everyone who used it.
• Turn off access for unused apps. If someone hasn’t used an app within the last three months,
we will turn off the app’s access to their information.
• Restrict Facebook Login data. We are changing Login, so that in the next version, we will
reduce the data that an app can request without app review to include only name, profile
photo and email address. Requesting any other data will require our approval.
• Encourage people to manage the apps they use. We already show people what apps their
accounts are connected to and control what data they’ve permitted those apps to use. Going
forward, we’re going to make these choices more prominent and easier to manage.
• Reward people who find vulnerabilities. In the coming weeks we will expand Facebook’s bug
bounty program so that people can also report to us if they find misuses of data by app
developers.