Information systems must manage the memory resources used by both the operating system and applications. When a single system supports many different uses, it becomes critical to isolate the memory used by each process to prevent it from being read or altered in an unauthorized way. In this video, Mike Chapple looks at the impact of security issues associated with memory, including memory leaks, pointer dereferencing, DLL injections, and resource exhaustion.
- Information systems must manage the memory resources used by both the operating system and applications. When a single system supports many different uses, it becomes critical to isolate the memory used by each process to prevent it from being read or altered in an unauthorized way. I covered the issues associated with memory overflows earlier in this course. You learned how attackers can exploit overflow vulnerabilities to overwrite the contents of memory belonging to other processes and possibly trick the system into executing attacker provided code using administrative privileges.
One of the other issues that we need to watch for with memory or any other limited resource on a system is resource exhaustion. Whether intentional or accidental, systems may consume all of the memory, storage, processing time or other resources available to them rendering the system disabled or crippled for other use. Memory leaks are one example of resource exhaustion. If an application requests memory from the operating system, it will eventually no longer need that memory and should then return the memory to the operating system for other uses.
In the case of an application with a memory leak, the application fails to return some memory that it no longer needs, perhaps by simply losing track of an object that it has written to a reserved area of memory. If the application continues to do this over a long period of time, it can slowly consume all of the memory available on the system causing the system or application to crash. Rebooting the system often resets the problem returning the memory to other uses, but if the memory leak isn't corrected the cycle simply begins again.
Memory pointers can also cause security issues. Pointers are a commonly used concept in application development. There is simply an area of memory that stores an address of another location in memory. For example, we might have a pointer called photo that contains the address of a location in memory where a photo is stored. When an application needs to access the actual photo, it performs an operation called pointer de-referencing. This simply means that the application follows the pointer and accesses the memory referenced by the address in the pointer.
There is nothing unusual with this process. Applications do it all the time. One security issue that might arise is if the pointer is empty containing what programmers call a null value. If the application tries to de-reference this null pointer, it causes a condition known as a null pointer exception. In the best case, a null pointer exception causes the program to crash providing an attacker with access to debugging information. It may be used for reconnaissance of the application security.
In the worse case, a null pointer exception may allow an attacker to bypass security controls. Security professionals should work with application developers to help them avoid these issues. DLL injection is another attack technique used by malware to undermine the security of a system. Windows depends upon dynamically linked libraries, or DLLs, to provide common code that applications may share. Applications that wish to use a DLL may load it and then make use of its contents.
In a DLL injection attack, the attacker may insert a malicious DLL into an area of memory used by an application and then trick the application into using that malicious DLL. All of these attacks introduce serious security concerns that may impact the confidentiality, integrity and availability of both systems and information. Security professionals should monitor these memory issues and work with application developers and system engineers to avoid them.
- Comparing viruses, worms, and Trojans
- Backdoors and logic bombs
- Understanding the attacker
- Attack types: from denial of service to brute force attacks
- Preventing insider threats
- Wireless attacks
- Understanding cross-site scripting
- Preventing SQL injection
- Social engineering
- Scanning for vulnerabilities
- Penetration testing
- Assessing the impact of vulnerabilities