3. Principles
Defense in Depth
• Use multi layers to protect against defense failure
• E.g. firewalls, IDS, Load balancers, IP restrictions
Least Privilege
• Grant fewer access to the system as possible
• E.g. restrict access to DB
Least Complicated
• Complexity generates mistakes
3
4. Practices
Filter input
• Ensure coming data it invalid
Escape output
• Ensure outgoing data is not misinterpreted
Input Application Output
4
5. Secure the network
Secure the host
Runtime
services
Platform
Secure the application
Services
Presentation Data Access
Business Logic
Operating Logic Logic
System
5
6. Anatomy of web attack
Survey and Exploit and Escalates
assess penetrate privileges
Maintain Deny
access service
6
7. Threat Categories
• STRIDE: based on goals and purposes of attacker
• Three categories based on the three-tiered
approach
Application Network
Host
7
8. Spoofing • Gain access to system with false identity
Tampering • Unauthorized modification of data
• Ability of user to deny of performing specific
Repudiation actions or transactions
Information • Exposure of private data
disclosure
Denial of Service • Making the system unavailable
Elevation of • user with limited privileges assumes the identity
Privilege of a full privileged user
8
9. • Strong authentication, SSL, avoid plaintext to
Spoofing store and send sensitive data
Tampering • Data Hashing, Digital signature, Authorization
Repudiation • Secure audit trails, Digital Signature
Information • Strong authorization and encryption, avoid
disclosure plaintexts, secure communication links
• Validate and filter input, bandwidth throttling
Denial of Service techniques, AAA Protocol
Elevation of Privilege • Follow principle of “Least Principle”
9
10. Information • Discover and profile network devices to
gathering find vulnerabilities
• Eavesdropping data across over the
Sniffing network traffic
• Hide one’s true ID and access the system
Spoofing and work around ACLs
Session hijacking • Main in the middle attack
• Denies legitimate access to server or
Denial of service services
10
11. Information • Configure routers to restrict to footprinting, disabled
gathering unused protocols and ports
• Use strong physical security, network
Sniffing segmentation, encrypt communication
Spoofing • Filter incoming packets and outgoing packets
• encrypted session negotiation and communication
Session hijacking channels
Denial of service • IDS, appropriate registry settings of TCP/IP stack
11
12. Viruses, Trojan • perform malicious acts and cause
horses, and worms disruption to OS
• Try to reveal valuable information of the
Footprinting system
Password cracking • try to establish an authenticated
connection with server
Arbitrary code • execute malicious code on the server
execution
Unauthorized • Try to access restricted information or
access perform restricted operations
12
13. Viruses, Trojan • Harden weak, default configuration
horses, and worms settings, anti-virus applications
• Disable unused ports and
Footprinting protocols, IDS, “defense in depth”
• Strong passwords, lockout policies, Audit
Password craking failed logins attempts
Arbitrary code • Lock down system commands & utilities with
execution restricted ACLs, update patches and updates
Unauthorized • Secure web permission, Lock down files and
access folders
13
14. Input Validation • Cross-site scripting(XSS), SQL injection
Authentication • Dictionary attacks, brute-force attacks
Session management • Session hijacking, man in the middle
• Poor key generation or key management, weak or
Cryptography custom encryption
Parameter • Query string & form field manipulation, cookie
manipulation manipulation, HTTP header manipulation
Exception • Information disclosure, denial of service
Management
14
15. • Validate input, Encode user output, Use
Input Validation parameterized stored procedures
Authentication • Strong passwords with hashes
Session management • SSL, expiration period on the session
cookie, HMACs
• Secure encryption system, DPAPI, use proven
Cryptography cryptographic services
Parameter • Session identifier, HTTP Post, Encrypt query
manipulation strings, HMACs
Exception • Exception Handling and logging
Management
15
16. By understanding STRIDE, it is more effective
when applying countermeasures.
Also understanding common threats, it can be
prevented from compromising the application
Thank You!
16
Editor's Notes
Disable remote connection,
Network-router,firewall,switch :protocols and portsHost-OS,appplatform,DBservices,webserver,app serverApp- Validation, AAA, exception management