January 26, 2023

Need to present a Discussion with a word count of above 150+ words and each discussion need a separate reference link for sure. 1) End point detection and Response (EDR) (150 w

Need to present a Discussion with a word count of above 150+ words and each discussion need a separate reference link for sure.

1) End point detection and Response (EDR) (150 words)

2)VMware carbon Black (Endpoint) ( Need this same topic in two different formats and 2 different URL links as well needed) (150+150 = 300 words)

3)SMishing (150 words)

4)Malvertising ( Need this same topic in two different format like we did previously and 2 different URL links as well needed) ( 150+150 = 300 words)

Need to present a research report on with a word count no more than 70-110 words(not more than the count provided) and should provide a separate

URL reference link too

1) End point detection and Response (EDR). 70-110 words

2) VMware carbon Black (Endpoint) ( Need this same topic in two different formats and 2 different URL links as well needed) (70+70 = 140 words)

3)SMishing 70-110 words

4)Malvertising ( Need this same topic in two different format like we did previously and 2 different URL links as well needed) (70+70 = 140 words+)

It is suggested you use a Research Theme to help you stay focused, and to provide continuity throughout your research. Here is a list of ideas, but this list is not all-inclusive:

Current technologies available to support management functions,
Best Practices,
Future improvements/technologies, or
Other standards related to your specific field.

Note: The content should be in a general words with no technical jargons.

This question is from a cyber security subject so that the matter should relate to cyber security for sure and should connect to readers.

NO PLAGIARISM STRICTLY

Each one should be different and no each topic information should be similar to the other topic strictly.

Deadline: 01/26/2023 12PM CST

Security in Computing, Fifth Edition

Chapter 3: Programs and Programming

Brief Review Chapter 2

Authentication is someone proving who they are

Authorization is about access control

Certification Error

Fingerprint 1

Fingerprint 2

Objectives for Chapter 3

Learn about memory organization, buffer overflows, and relevant countermeasures

Common programming bugs, such as off-by-one errors, race conditions, and incomplete mediation

Survey of past malware and malware capabilities

Virus detection

Tips for programmers on writing code for security

Program Security

This chapter deals with writing of programs and will be built upon in later chapters.

Is a program secure?

What characteristics?

Time to break security

Run for a time without failure

Zero tolerance

Factor of QUALITY

Quantity and types of faults as evidence of quality

Terminology

Bugs: A software bug is an error, flaw, failure or fault in a computer program or system that causes it to produce an incorrect or unexpected result, or to behave in unintended ways.

Error: When a human makes a mistake (non malicious) in performing some software activity, the error may lead to a fault, or an incorrect step, command, process, or data definition in a computer program.

Failure: Is a departure from the system's required behavior.

Types of Flaws

Validation error (incomplete or inconsistent): permission checks

Domain error: controlled access to data

Serialization and aliasing: program flow order

Inadequate identification and authentication: basis for authorization

Boundary condition violation: failure on first or last case

Other exploitable logic errors

Memory Allocation

Much of this chapter requires basic knowledge of how memory is organized, and this is a nice, simple diagram to refresh students on how it works. The key takeaways: code and data separated, with the heap growing up toward high addresses and the stack growing down from the high addresses.

Data vs. Instructions

The same hex value in the same spot in memory can either be a meaningful data value or a meaningful instruction depending on whether the computer treats it as code or data. This will be the basis of the attacks in the following slides.

Buffer Overflows

Occur when data is written beyond the space allocated for it, such as a 10th byte in a 9-byte array

In a typical exploitable buffer overflow, an attacker’s inputs are expected to go into regions of memory allocated for data, but those inputs are instead allowed to overwrite memory holding executable code

The trick for an attacker is finding buffer overflow opportunities that lead to overwritten memory being executed, and finding the right code to input

How Buffer Overflows Happen

char sample[10];

int i;

for (i=0; i<=9; i++)

sample[i] = ‘A’;

sample[10] = ‘B’;

This is a very simple buffer overflow. 10 bytes to store buffer, but Character B is placed in memory that wasn’t allocated by or for this procedure.

This is a very simple buffer overflow. Character B is placed in memory that wasn’t allocated by or for this procedure.

Memory Organization

Similar to the earlier picture on memory organization, only this one shows where the system data/code reside vs. where the program code and its local data reside. This context is important for understanding how an attack that takes place inside a given program can affect that program vs. how it can affect the rest of the system.

Where a Buffer Can Overflow

The memory that’s overwritten depends on where the buffer resides.

Examples of buffer overflow effects in the context of the earlier AAAAAAAAAAB example. The memory that’s overwritten depends on where the buffer resides.

The Stack

The Stack after Procedure Calls

When procedure A calls procedure B, procedure B gets added to the stack along with a pointer back to procedure A. In this way, when procedure B is finished running, it can get popped off the stack, and procedure A will just continue executing where it left off.

Compromised Stack

Instead of pointing at procedure B in this case, the program counter is pointing at code that’s been placed on the stack as a result of an overflow.

Overwriting Memory for Execution

Overwrite the program counter stored in the stack

Overwrite part of the code in low memory, substituting new instructions

Overwrite the program counter and data in the stack so that the program counter points to the stack

Harm from Buffer Overflows

Overwrite:

Another piece of your program’s data

An instruction in your program

Data or code belonging to another program

Data or code belonging to the operating system

Overwriting a program’s instructions gives attackers that program’s execution privileges

Overwriting operating system instructions gives attackers the operating system’s execution privileges

Overflow Countermeasures

Staying within bounds

Check lengths before writing

Confirm that array subscripts are within limits

Double-check boundary condition code for off-by-one errors

Limit input to the number of acceptable characters

Limit programs’ privileges to reduce potential harm

Many languages have overflow protections

Code analyzers can identify many overflow vulnerabilities

Canary values in stack to signal modification

Incomplete Mediation

Mediation: Verifying that the subject is authorized to perform the operation on an object

Preventing incomplete mediation:

Validate all input

Limit users’ access to sensitive data and functions

http://www.somesite.com/subpage/userinput.asp?parm1=(808)555-1212&parm2=2009Jan17

Time-of-Check to Time-of-Use

Mediation performed with a “bait and switch” in the middle

Example: A student is buying a school book that costs $100. The student removes five $20 bills from a wallet, carefully counts them in front of the seller, and lays them on the table. Then the seller turns around to write a receipt. While the seller's back is turned, the student takes back one $20 bill. When the seller turns around, the student hands over the stack of bills, takes the receipt, and leaves with the book. Between the time the security was checked (counting the bills) and the access (exchanging the sculpture for the bills), a condition changed: What was checked is no longer valid when the object (that is, the sculpture) is accessed.

Time-of-Check to Time-of-Use

Mediation performed with a “bait and switch” in the middle

To carry out this authorization sequence, the access control mediator would have to look up the file name (and the user identity and any other relevant parameters) in tables. The mediator could compare the names in the table to the file name in the data structure to determine whether access is appropriate. More likely, the mediator would copy the file name into its own local storage area and compare from there. Comparing from the copy leaves the data structure in the user's area, under the user's control. It is at this point that the incomplete mediation flaw can be exploited. While the mediator is checking access rights for the file my_file, the user could change the file name descriptor to your_file, the value shown in Figure 3-3. Having read the work ticket once, the mediator would not be expected to reread the ticket before approving it; the mediator would approve the access and send the now-modified descriptor to the file handler.

Race Conditions

Example 1 (no race condition): A booker books the last seat on the plane, and thereafter the system shows no seat available. See next slide to continue.

Race Conditions

Example 2 (race condition): Before the first booker can complete the booking for the last available seat, a second booker looks for available seats. This system has a race condition, where the overlap in timing of the requests causes errant behavior.

Other Programming Oversights

Undocumented access points (backdoors)

Off-by-one errors

Integer overflows

Unterminated null-terminated string

Parameter length, type, or number errors

Unsafe utility libraries

Malware

Programs planted by an agent with malicious intent to cause unanticipated or undesired effects

Virus

A program that can replicate itself and pass on malicious code to other nonmalicious programs by modifying them

Worm

A program that spreads copies of itself through a network

Trojan horse

Code that, in addition to its stated effect, has a second, nonobvious, malicious effect

Types of Malware

Types of Malware (cont.)

History of Malware

History of Malware (cont.)

Harm from Malicious Code

Harm to users and systems:

Sending email to user contacts

Deleting or encrypting files

Modifying system information, such as the Windows registry

Stealing sensitive information, such as passwords

Attaching to critical system files

Hide copies of malware in multiple complementary locations

Harm to the world:

Some malware has been known to infect millions of systems, growing at a geometric rate

Infected systems often become staging areas for new infections

Transmission and Propagation

Setup and installer program

Attached file

Document viruses

Autorun

Using nonmalicious programs:

Appended viruses

Viruses that surround a program

Integrated viruses and replacements

Malware Activation

One-time execution (implanting)

Boot sector viruses

Memory-resident viruses

Application files

Code libraries

Virus Effects

Countermeasures for Users

Use software acquired from reliable sources

Test software in an isolated environment

Only open attachments when you know them to be safe

Treat every website as potentially harmful

Create and maintain backups

Virus Detection

Virus scanners look for signs of malicious code infection using signatures in program files and memory

Traditional virus scanners have trouble keeping up with new malware—detect about 45% of infections

Detection mechanisms:

Known string patterns in files or memory

Execution patterns

Storage patterns

https://cybermap.kaspersky.com/

Virus Signatures

Countermeasures for Developers

Modular code: Each code module should be

Single-purpose

Small

Simple

Independent

Encapsulation

Information hiding

Mutual Suspicion

Confinement

Genetic diversity

Code Testing

Unit testing

Integration testing

Function testing

Performance testing

Acceptance testing

Installation testing

Regression testing

Penetration testing

Design Principles for Security

Least privilege

Economy of mechanism

Open design

Complete mediation

Permission based

Separation of privilege

Least common mechanism (no sharing)

Ease of use

Other Countermeasures

Good

Proofs of program correctness—where possible

Defensive programming – to ensure the continuing function of a piece of software under unforeseen circumstances.

Design by contract (DbC) – specify pre-/post- conditions.

Bad

Penetrate-and-patch

Security by obscurity (secrecy of design)

Flaws & Controls

Two classes of security flaws: those that compromise or change data and those that affect computer service.

There are three controls on such activities: development controls, operating system controls, and administrative controls.

Development controls limit software development activities, making it harder for a developer to create malicious programs. These same controls are effective against inadvertent mistakes made by developers. Program controls help produce better software.

The operating system provides some degree of control by limiting access to computing system objects. They limit access as a way of promoting the safe sharing of information among programs.

Administrative controls limit the kinds of actions people can take, and improves system usability, reusability, and maintainability.

Summary

Buffer overflow attacks can take advantage of the fact that code and data are stored in the same memory in order to maliciously modify executing programs

Programs can have a number of other types of vulnerabilities, including off-by-one errors, incomplete mediation, and race conditions

Malware can have a variety of harmful effects depending on its characteristics, including resource usage, infection vector, and payload

Developers can use a variety of techniques for writing and testing code for security

For fun: http://www.fogcam.org/

image2.png

image3.emf

image4.emf

image5.emf

image6.png

image7.emf

image8.emf

image9.emf

image10.emf

image11.emf

image12.emf

image13.png

Microsoft_Word_Document.docx

Code Type

Characteristics

Virus

Collepals.com Plagiarism Free Papers

Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.

Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS

Why Hire Collepals.com writers to do your paper?

Quality- We are experienced and have access to ample research materials.

We write plagiarism Free Content

Confidential- We never share or sell your personal information to third parties.

Support-Chat with us today! We are always waiting to answer all your questions.

Why Choose Us

Best Essay Writing Services- Get Quality Homework Essay Paper at Discounted Prices

At the risk of sounding immodest, we must point out that we have an elite team of writers. Ours isn’t a collection of individuals who are good at searching for information on the Internet and then conveniently re-writing the information obtained to barely beat Plagiarism Software. Who can’t do that?

Our writers have strong academic backgrounds with regards to their areas of writing. A paper on History will only be handled by a writer who is trained in that field. A paper on health care can only be dealt with by a writer qualified on matters health care. Thesis papers will only be handled by Masters’ Degree holders while Dissertations will strictly be handled by PhD holders. With such a system, you needn’t worry about the quality of work. Quality isn’t just an option, it is the only option. We don’t just employ writers, we hire professionals.

We have writers spread into all fields including but not limited to Philosophy, Economics, Business, Medicine, Nursing, Education, Technology, Tourism and Travels, Leadership, History, Poverty, Marketing, Climate Change, Social Justice, Chemistry, Mathematics, Literature, Accounting and Political Science.

Our writers are also well trained to follow client instructions as well adhere to various writing conventional writing structures as per the demand of specific articles.

They are also well versed with citation styles such as APA, MLA, Chicago, Harvard, and Oxford which come handy during the preparation of academic papers.

They also have unrivalled skill in writing language be it UK English or USA English considering that they are native English speakers. You also needn’t worry about logical flow of thought, sentence structure as well as proper use of phrases.

Our writers are also not the kind to decorate articles with unnecessary filler words. We respect your money and most importantly your trust in us. In writing, we will be precise and to the point and fill the paper with content as opposed to words aimed at beating the word count.

Our shift-system also ensures that you get fresh writers each time you send a job. This helps overcome occupational hazards brought about by fatigue. Hence, quality will consistently be at the top.

From our writers, you expect; good quality work, friendly service, timely deliveries, and adherence to client’s demands and specifications.

Once you’ve submitted your writing requests, you can go take a stroll while waiting for our all-star team of writers and editors to submit top quality work.

How Our Website Works

Get an Essay from Us

College Essays is the biggest affiliate and testbank for WriteDen. We hire writers from all over the world with an aim to give the best essays to our clients.

Our writers will help you write all your homework. They will write your papers from scratch. We also have a team of editors who read each paper from our writers just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE.

Step 1
To make an Order you only need to click ORDER NOW and we will direct you to our Order Page. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline. Deadline range from 6 hours to 30 days.

Step 2
Once done with writing your paper we will upload it to your account on our website and also forward a copy to your email.

Step 3
Upon receiving your paper, review it and if any changes are needed contact us immediately. We offer unlimited revisions at no extra cost.

Is it Safe to use our services?
We never resell papers on this site. Meaning after your purchase you will get an original copy of your assignment and you have all the rights to use the paper.

Pricing and Discounts
Our price ranges from $8-$14 per page. If you are short of Budget, contact our Live Support for a Discount Code. All new clients are eligible for 20% off in their first Order. Our payment method is safe and secure.
Please note we do not have prewritten answers. We need some time to prepare a perfect essay for you.