L Cai,Xh Yang

DOI: https://doi.org/10.1109/ICSMC.2005.1571196

2005-01-01

Abstract:More and more network attacks are focusing on application level vulnerabilities. Recently, several examples of this trend have been highly publicized such as the SQL Slammer and SQL Snake attacks. Traditional firewalls, used for protecting the database, only prevent attacks searching for vulnerabilities. Database firewalls take defense deep into the organization by providing full syntax control and audit of the SQL AN stream before it reaches the database, and enforcing content-driven access to database. This paper proposes a layered reference model for database firewalls by enhancing the capability of COAST Laboratory's model. It separates a database firewall into three layers (network layer, schematic layer and semantic layer) according to the knowledge, computation target, and the control granularity of each layer. Based on this model, a database firewall product had been prototyped It can greatly improve the database security by introducing self-controlled authentication principal mapping, object mapping, and mandatory access control modules.

Jun Zhu,Bill Chu,Heather Richter Lipford

DOI: https://doi.org/10.1145/2914642.2914661

2016-01-01

Abstract:ABSTRACTPrivilege Escalation is a common and serious type of security attack. Although experience shows that many applications are vulnerable to such attacks, attackers rarely succeed upon first trial. Their initial probing attempts often fail before a successful breach of access control is achieved. This paper presents an approach to automatically instrument application source code to report events of failed access attempts that may indicate privilege escalation attacks to a run time application protection mechanism. The focus of this paper is primarily on the problem of instrumenting web application source code to detect access control attack events. We evaluated false positives and negatives of our approach using two open source web applications.

Shixiong Zhao,Rui Gu,Haoran Qiu,Tsz On Li,Yuexuan Wang,Heming Cui,Junfeng Yang

DOI: https://doi.org/10.1109/DSN.2018.00033

2018-01-01

Abstract:Just like bugs in single-threaded programs can lead to vulnerabilities, bugs in multithreaded programs can also lead to concurrency attacks. We studied 31 real-world concurrency attacks, including privilege escalations, hijacking code executions, and bypassing security checks. We found that compared to concurrency bugs' traditional consequences (e.g., program crashes), concurrency attacks' consequences are often implicit, extremely hard to be observed and diagnosed by program developers. Moreover, in addition to bug-inducing inputs, extra subtle inputs are often needed to trigger the attacks. These subtle features make existing tools ineffective to detect concurrency attacks. To tackle this problem, we present OWL, the first practical tool that models general concurrency attacks' implicit consequences and automatically detects them. We implemented OWL in Linux and successfully detected five new concurrency attacks, including three confirmed and fixed by developers, and two exploited from previously known and well-studied concurrency bugs. OWL has also detected seven known concurrency attacks. Our evaluation shows that OWL eliminates 94.1% of the reports generated by existing concurrency bug detectors as false positive, greatly reducing developers' efforts on diagnosis. All OWL source code, concurrency attack exploit scripts, and results are available on github.com/hku-systems/owl.

李红,刘志杰,谢晓尧

DOI: https://doi.org/10.3969/j.issn.1004-5570.2011.03.019

2011-01-01

Abstract:Connected to the Internet, the network of complexity, openness, internal connection, etc make oracle database systems more vulnerable to attack. So the oracle distributed database system security corresponding also gets more and more attention. These papers from Oracle database systems own security mechanism and network environment to analysis and research Oracle database security problems. To the database internal security problems, we can take measure in database systems and database data. Towards the network security problem, Oracle＇ s senior security mechanism intermediate technology could be a good choice.

Liang Cai,Xiaohu Yang,Jinxiang Dong

2001-01-01

Abstract:We briefly introduce the special characteristics of database security in information warfare and related researches, then emphasis the importance of antagonizing, malicious DBMS in information warfare. This paper suggests a threat model for malicious DBMS by carefully analyzing the possible security threats by malicious DBMS, then a database security architecture capable of antagonizing the malicious DBMS is proposed based on this threat model and the special requirements of critical applications in China. It can greatly improve the critical application's capability to antagonize malicious DBMS by incorporating, self-controlled authentication, principal / object mapping, transparent attribute encryption / decryption, attribute / tuple level mandatory access control, and parallel structure of multiple DBMSs.

Alex Zhu,Wei Qi Yan

DOI: https://doi.org/10.4018/ijdcf.2017100106

2017-01-01

International Journal of Digital Crime and Forensics

Abstract:SQLIA is adopted to attack websites with and without confidential information. Hackers utilized the compromised website as intermediate proxy to attack others for avoiding being committed of cyber-criminal and also enlarging the scale of Distributed Denial of Service Attack DDoS. The DDoS is that hackers maliciously turn down a website and make network resources unavailable to web users. It is extremely difficult to effectively detect and prevent SQLIA because hackers adopt various evading SQLIA Intrusion Detection System techniques. Victims may not be even aware of that their confidential data has been compromised for a long time. In this paper, our contribution is that we evaluate several most popular open source SQLIA tools and SQLIA prevention tools with both qualitative and quantitative assessments.

Jingyu Zhou,Giovanni Vigna

DOI: https://doi.org/10.1109/csac.2004.17

2004-01-01

Abstract:Host security is achieved by securing both the operating system kernel and the privileged applications that run on top of it. Application-level bugs are more frequent than kernel-level bugs, and, therefore, applications are often the means to compromise the security of a system. Detecting these attacks can be difficult, especially in the case of attacks that exploit application-logic errors. These attacks seldom exhibit characterizing patterns as in the case of buffer overflows and format string attacks. In addition, the data used by intrusion detection systems is either too low-level, as in the case of system calls, or incomplete, as in the case of syslog entries. This paper presents a technique to enforce nonbypassable, application-level auditing that does not require the recompilation of legacy systems. The technique is implemented as a kernel-level component, a privileged daemon, and an offline language tool. The technique uses binary rewriting to instrument applications so that meaningful and complete audit information can be extracted. This information is then matched against application-specific signatures to detect attacks that exploit application-logic errors. The technique has been successfully applied to detect attacks against widely-deployed applications, including the Apache Web server and the OpenSSH server.

Zhi Xue

2011-01-01

Abstract:With the increasing demand of information storage,Oracle database structure is widely adopted in all kinds of institutes,while the relative security research is not in an all-round way.Based on some former data ensconcing techniques,especially HTTP tunnel,a new type of data ensconcing and transferring method based on Oracle net protocol is proposed,which could be used in file transfer over different networks.Oracle protocol and user-defined function or stored procedure could be employed to simply bypass the Oracle's security mechanism and access the operation system directly.The experiment results indicate that hidden file transfer tunnel is of high flexibility and concealment,and also could hardly be blocked by a firewall.

Wei Liu,Shouvick Mondal,Tse-Hsun Chen

2024-05-24

Abstract:Database-backed applications rely on the database access code to interact with the underlying database management systems (DBMSs). Although many prior studies aim at database access issues like SQL anti-patterns or SQL code smells, there is a lack of study of database access bugs during the maintenance of database-backed applications. In this paper, we empirically investigate 423 database access bugs collected from seven large-scale Java open source applications that use relational database management systems (e.g., MySQL or PostgreSQL). We study the characteristics (e.g., occurrence and root causes) of the bugs by manually examining the bug reports and commit histories. We find that the number of reported database and non-database access bugs share a similar trend but their modified files in bug fixing commits are different. Additionally, we generalize categories of the root causes of database access bugs, containing five main categories (SQL queries, Schema, API, Configuration, SQL query result) and 25 unique root causes. We find that the bugs pertaining to SQL queries, Schema, and API cover 84.2% of database access bugs across all studied applications. In particular, SQL queries bug (54%) and API bug (38.7%) are the most frequent issues when using JDBC and Hibernate, respectively. Finally, we provide a discussion on the implications of our findings for developers and researchers.

Software Engineering,Databases

WANG Jun

DOI: https://doi.org/10.3969/j.issn.1009-3044.2012.23.013

2012-01-01

Abstract:Along with the social informatization is getting higher and higher,the data stored in the DBMS to security requirements are also gradually improve.Systems generally will require the user to input the password,that is,by setting a password to protect the security of the database.It’s talking about commonly used methods of password analysis about database encryption.It’s obvious that encryption algorithm has been greatly enhanced in the new version through to the contrast analysis between an encrypted database of Access 2003 and an encrypt ed database of Access 2010,improved the password security of Access 2010.

Cong WANG,Ren-bin ZHANG,Gang LI

DOI: https://doi.org/10.13873/J.1000-9787(2017)01-0146-03

2017-01-01

Abstract:Privilege mechanism is the core of Android security mechanism.On the basis of analysis on principle of privilege escalation,a scheme of privilege escalation attack detection is presented.The scheme makes full use of characteristics of permission transfer and communication connection between components,realize from dynamic and static states,detection rate based on defect is 78.7 ％,and based on component is more than 50 ％.Experimental results show that the detection method can effectively detect privilege escalation attack,which provides a feasible solution for solving problems of reliability of privilege escalation attack detection model.

Xiuzhen Chen,Jianhua Li,Shaojun Zhang

DOI: https://doi.org/10.1109/iccs.2008.4737375

2008-01-01

Abstract:All current vulnerability assessment tools only can locate individual vulnerabilities on a single host without considering correlated effect of these vulnerabilities. Aiming at this issue, this paper proposes a method of generating attack graph based on privilege escalation. The vulnerabilities and known attacks with their prerequisites and consequences are modeled based on predicate logic theory and are correlated so as to automatically construct attack graphs with strong operation power of RDBMS. The testing result shows that this system can discover security problems undetectable if only the hosts are assessed individually in a network without simulating attacks. As an application based on relational database, it can be easily integrated with other security tools based on RDBMS.

Jun Zhu,Bill Chu,Heather Richter Lipford,Tyler Thomas

DOI: https://doi.org/10.1145/2752952.2752976

2015-01-01

Abstract:ABSTRACTAccess control vulnerabilities due to programming errors have consistently ranked amongst top software vulnerabilities. Previous research efforts have concentrated on using automatic program analysis techniques to detect access control vulnerabilities in applications. We report a comparative study of six open source PHP applications, and find that implicit assumptions of previous research techniques can significantly limit their effectiveness. We propose a more effective hybrid approach to mitigate access control vulnerabilities. Developers are reminded in-situ of potential access control vulnerabilities, where self-review of code can help them discover mistakes. Additionally, developers are prompted for application-specific access control knowledge, providing samples of code that could be thought of as static analysis by example. These examples are turned into code patterns that can be used in performing static analysis to detect additional access control vulnerabilities and alert the developer to take corrective actions. Our evaluation of six open source applications detected 20 zero-day access control vulnerabilities in addition to finding all access control vulnerabilities detected in previous works.

Haoqi Wu,Zhengxuan Yu,Dapeng Huang,Haodong Zhang,Weili Han

DOI: https://doi.org/10.1109/trustcom50675.2020.00075

2020-01-01

Abstract:The state-of-the-art database-backed web applications usually assign full privileges to connections between applications and data sources. This phenomenon, which would enable a malicious attacker to easily compromise the applications through arbitrarily manipulating the data sources without the restriction of privileges, seriously breaks the principle of least privilege (PLP), a fundamental law of system security. Motivated to counter this problem, we propose a framework PDA (PLP over Data source Access) to automatically enforce this principle over data source access based on application-driven privilege separation. Our proposed PDA contributes from the following aspects: i) PDA achieves the privilege separation by intercepting database queries and enforcing privileged connections to database for each database query; ii) PDA can effectively defend against SQL-based vulnerabilities including buggy queries and SQL injection attacks. Lastly, we evaluate PDA on a widely used application platform, JForum, to demonstrate the effectiveness of PDA with a promising performance overhead of 8.13%.

YUAN Chun,WEN Zhen-kun,ZHANG Ji-hong,ZHONG Yu-zhuo

DOI: https://doi.org/10.3321/j.issn:0372-2112.2006.11.023

2006-01-01

Abstract:Researchers on security database concern more and more the security threats from DBA(database administrator),for its resulting in increasing crime to internet commercial databases which exist in the mode of ASP(Application service provider) recently,and its theoretic and technical hardness.Traditional access control could not provide enough security for the purpose,cryptographic security database becomes a promising scheme favored by its computing complexity of mathematical difficulties.We analyse various and up to date security threats to distributed database application systems,and give an overview for cryptographic access control and encryption database technology.Each class and approach is described and evaluated with its cryptographic principle,algorithm characters and positive and negative performance.We focus on the term of cryptanalysis of the schemes,which is considered the crucial points of the technology.

Baowen Zhang,William Zhu,Zhi Xue

DOI: https://doi.org/10.1109/fskd.2007.406

2007-01-01

Abstract:Computer security is an important issue in our society. In order to prevent computer systems and networks from attacks, we should try to find flaws in these systems and evaluate them. Generally researchers and red teams use attack graphs to perform network vulnerability analysis, which tend to suffer scalability problems. In this paper we put forward a mining method to generate privilege escalation paths in networks. With these privilege escalation paths we create net privilege graphs and use them for network vulnerability analysis. Experiments show that our approach is valid and scalable to find the possible vulnerabilities exploitation ways in networks.

Gökhan Kul,Shambhu Upadhyaya,Andrew Hughes

DOI: https://doi.org/10.1145/3391231

2021-03-31

ACM Transactions on Management Information Systems

Abstract:Insider attacks are one of the most dangerous threats to an organization. Unfortunately, they are very difficult to foresee, detect, and defend against due to the trust and responsibilities placed on the employees. In this article, we first define the notion of user intent and construct a model for a common scenario that poses a very high risk for sensitive data stored in the organization’s database. We show that the complexity of identifying pseudo-intents of a user in this scenario is coNP-Complete, and launching a harvester insider attack within the boundaries of the defined threat model takes linear time while a targeted threat model is an NP-Complete problem. We also discuss the general defense mechanisms against the modeled threats and show that countering the harvester insider attack takes quadratic time while countering the targeted insider attack can take linear to quadratic time, depending on the strategy chosen. We analyze the adversarial behavior and show that launching an attack with minimum risk is also an NP-Complete problem. Finally, we perform timing experiments with the defense mechanisms on SQL query workloads collected from a national bank to test the feasibility of using these systems in real time.

Jingzheng Wu,Shen Liu,Shouling Ji,Mutian Yang,Tianyue Luo,Yanjun Wu,Yongji Wang

DOI: https://doi.org/10.1109/icse-seip.2017.12

2017-01-01

Abstract:Android is characterized as a complicated open source software stack created for a wide array of devices with different form of factors, whose latest release has over one hundred million lines of code. Such code is mainly developed with the Java language, which builds complicated logic and brings implicit information flows among components and the inner framework. By studying the source code of system service interfaces, we discovered an unknown type of code flaw, which is named uncaughtException flaw, caused by un-well implemented exceptions that could crash the system and be further vulnerable to system level Denial-of-Service (DoS) attacks. We found that exceptions are used to handle the errors and other exceptional events but sometimes they would kill some critical system services exceptionally. We designed and implemented ExHunter, a new tool for automatic detection of this uncaughtException flaw by dynamically reflecting service interfaces, continuously fuzzing parameters and verifying the running logs. On 11 new popular Android devices, ExHunter extracted 1045 system services, reflected 758 suspicious functions, discovered 132 uncaughtException flaws which are 0-day vulnerabilities that have never been known before and generated 275 system DoS attack exploitations. The results showed that: (1) almost every type of Android phone suffers from this flaw, (2) the flaws are different from phone by phone, and (3) all the vulnerabilities can be exploited by direct/indirect trapping. To mitigate uncaughtException flaws, we further developed ExCatcher to re-catch the exceptions. Finally, we informed four internationally renowned manufacturers and provided secure improvements in their commercial phones.

Si-hua AN,Ping YI,Xin-chun WANG,Chao-feng LI

DOI: https://doi.org/10.3969/j.issn.1002-0802.2014.07.018

2014-01-01

Abstract:OpenSSL is an open source code library of secure sockets layer. It is accomplished with C. It a-chieves the basic function of transport layer data encryption. OpenSSL is widely used in major online bank-ing, online payment, electricity supplier sites, portal website, email, and other fields. So OpenSSL's safety and reliability are very import. Since OpenSSL's vulnerabilities may lead to a large network disaster, it is necessary to study its vulnerability. The article introduces the newly discovered loophole named OpenSSL Heartbleed, analyzes the attack principle and introduces some methods to defense this attack. First it proposes the concept of OpenSSL, then analyzes the attack principle of Heartbleed, at last intro-duces some methods to prevention this attack.

Zhiyuan Jiang,Shuitao Gan,Adrian Herrera,Flavio Toffalini,Lucio Romerio,Chaojing Tang,Manuel Egele,Chao Zhang,Mathias Payer

DOI: https://doi.org/10.1145/3548606.3560575

2022-01-01

Abstract:The popularity of coverage-guided greybox fuzzers has led to a tsunami of security-critical bugs that developers must prioritize and fix. Knowing the capabilities a bug exposes (e.g., type of vulnerability, number of bytes read/written) enables prioritization of bug fixes. Unfortunately, understanding a bug's capabilities is a time consuming process, requiring (a) an understanding of the bug's root cause, (b) an understanding how an attacker may exploit the bug, and (c) the development of a patch mitigating these threats. This is a mostly-manual process that is qualitative and arbitrary, potentially leading to a misunderstanding of the bug's capabilities.