LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/HOWTO/Secure-Programs-HOWTO/semantic-attacks.html

220 lines
5.4 KiB
HTML
Raw Permalink Blame History

<HTML
><HEAD
><TITLE
>Foil Semantic Attacks</TITLE
><META
NAME="GENERATOR"
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
REL="HOME"
TITLE="Secure Programming for Linux and Unix HOWTO"
HREF="index.html"><LINK
REL="UP"
TITLE="Structure Program Internals and Approach"
HREF="internals.html"><LINK
REL="PREVIOUS"
TITLE="Prevent Cross-Site (XSS) Malicious Content"
HREF="cross-site-malicious-content.html"><LINK
REL="NEXT"
TITLE="Be Careful with Data Types"
HREF="careful-typing.html"></HEAD
><BODY
CLASS="SECT1"
BGCOLOR="#FFFFFF"
TEXT="#000000"
LINK="#0000FF"
VLINK="#840084"
ALINK="#0000FF"
><DIV
CLASS="NAVHEADER"
><TABLE
SUMMARY="Header navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TH
COLSPAN="3"
ALIGN="center"
>Secure Programming for Linux and Unix HOWTO</TH
></TR
><TR
><TD
WIDTH="10%"
ALIGN="left"
VALIGN="bottom"
><A
HREF="cross-site-malicious-content.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="80%"
ALIGN="center"
VALIGN="bottom"
>Chapter 7. Structure Program Internals and Approach</TD
><TD
WIDTH="10%"
ALIGN="right"
VALIGN="bottom"
><A
HREF="careful-typing.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
></TABLE
><HR
ALIGN="LEFT"
WIDTH="100%"></DIV
><DIV
CLASS="SECT1"
><H1
CLASS="SECT1"
><A
NAME="SEMANTIC-ATTACKS"
></A
>7.16. Foil Semantic Attacks</H1
><P
>A ``semantic attack'' is an attack in which the attacker uses the
computing infrastructure/system in a way that fools the victim into
thinking they are doing something, but are doing something different,
yet the computing infrastructure/system is working exactly as it was
designed to do.
Semantic attacks often involve financial scams, where the attacker is
trying to fool the victim into giving the attacker large sums of money
(e.g., thinking they're investing in something).
For example, the attacker may try to convince the user that they're
looking at a trusted website, even if they aren't.</P
><P
>Semantic attacks are difficult to counter, because they're exploiting
the correct operation of the computer.
The way to deal with semantic attacks is to help give the human
additional information, so that when ``odd'' things happen the human
will have more information or a warning will be presented
that something may not be what it appears to be.</P
><P
>One example is URIs that, while legitimate, may fool users into
thinking they have a different meaning.
For example, look at this URI:
<TABLE
BORDER="0"
BGCOLOR="#E0E0E0"
WIDTH="100%"
><TR
><TD
><FONT
COLOR="#000000"
><PRE
CLASS="PROGRAMLISTING"
> http://www.bloomberg.com@www.badguy.com</PRE
></FONT
></TD
></TR
></TABLE
>
If a user clicked on that URI, they might think that they're going
to Bloomberg (who provide financial commodities news), but instead
they're going to www.badguy.com (and providing the username
www.bloomberg.com, which www.badguy.com will conveniently ignore).
If the badguy.com website then imitated the bloomberg.com site,
a user might be convinced that they're seeing the real thing
(and make investment decisions based on attacker-controlled
information).
This depends on URIs being used in an unusual way - clickable URIs
can have usernames, but usually don't.
One solution for this case is for the web browser to detect such unusual
URIs and create a pop-up confirmation widget, saying
``You are about to log into www.badguy.com as user www.bloomberg.com;
do you wish to proceed?''
If the widget allows the user to change these entries, it provides
additional functionality to the user as well as providing protection
against that attack.</P
><P
>Another example is homographs, particularly international homographs.
Certain letters look similar to each other, and these can be exploited
as well.
For example, since 0 (zero) and O (the letter O) look similar to each
other, users may not realize that WWW.BLOOMBERG.COM and WWW.BL00MBERG.COM
are different web addresses.
Other similar-looking letters include 1 (one) and l (lower-case L).
If international characters are allowed, the situation is worse.
For example, many Cyrillic letters look essentially the same as
Roman letters, but the computer will treat them differently.
Currently most systems don't allow international characters in host names,
but for various good reasons it's widely agreed that support for them
will be necessary in the future.
One proposed solution has been to diplay letters from different code regions
using different colors - that way,
users get more information visually.
If the users look at URI, they will hopefully notice the strange coloring.
[Gabrilovich 2002]
However, this does show the essence of a semantic attack -
it's difficult to defend against, precisely because the computers are
working correctly.</P
></DIV
><DIV
CLASS="NAVFOOTER"
><HR
ALIGN="LEFT"
WIDTH="100%"><TABLE
SUMMARY="Footer navigation table"
WIDTH="100%"
BORDER="0"
CELLPADDING="0"
CELLSPACING="0"
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
><A
HREF="cross-site-malicious-content.html"
ACCESSKEY="P"
>Prev</A
></TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="index.html"
ACCESSKEY="H"
>Home</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
><A
HREF="careful-typing.html"
ACCESSKEY="N"
>Next</A
></TD
></TR
><TR
><TD
WIDTH="33%"
ALIGN="left"
VALIGN="top"
>Prevent Cross-Site (XSS) Malicious Content</TD
><TD
WIDTH="34%"
ALIGN="center"
VALIGN="top"
><A
HREF="internals.html"
ACCESSKEY="U"
>Up</A
></TD
><TD
WIDTH="33%"
ALIGN="right"
VALIGN="top"
>Be Careful with Data Types</TD
></TR
></TABLE
></DIV
></BODY
></HTML
>
Reference in New Issue View Git Blame Copy Permalink