220 lines
5.4 KiB
HTML
220 lines
5.4 KiB
HTML
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>Foil Semantic Attacks</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="Secure Programming for Linux and Unix HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Structure Program Internals and Approach"
|
|
HREF="internals.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="Prevent Cross-Site (XSS) Malicious Content"
|
|
HREF="cross-site-malicious-content.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="Be Careful with Data Types"
|
|
HREF="careful-typing.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Secure Programming for Linux and Unix HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="cross-site-malicious-content.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 7. Structure Program Internals and Approach</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="careful-typing.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="SEMANTIC-ATTACKS"
|
|
></A
|
|
>7.16. Foil Semantic Attacks</H1
|
|
><P
|
|
>A ``semantic attack'' is an attack in which the attacker uses the
|
|
computing infrastructure/system in a way that fools the victim into
|
|
thinking they are doing something, but are doing something different,
|
|
yet the computing infrastructure/system is working exactly as it was
|
|
designed to do.
|
|
Semantic attacks often involve financial scams, where the attacker is
|
|
trying to fool the victim into giving the attacker large sums of money
|
|
(e.g., thinking they're investing in something).
|
|
For example, the attacker may try to convince the user that they're
|
|
looking at a trusted website, even if they aren't.</P
|
|
><P
|
|
>Semantic attacks are difficult to counter, because they're exploiting
|
|
the correct operation of the computer.
|
|
The way to deal with semantic attacks is to help give the human
|
|
additional information, so that when ``odd'' things happen the human
|
|
will have more information or a warning will be presented
|
|
that something may not be what it appears to be.</P
|
|
><P
|
|
>One example is URIs that, while legitimate, may fool users into
|
|
thinking they have a different meaning.
|
|
For example, look at this URI:
|
|
<TABLE
|
|
BORDER="0"
|
|
BGCOLOR="#E0E0E0"
|
|
WIDTH="100%"
|
|
><TR
|
|
><TD
|
|
><FONT
|
|
COLOR="#000000"
|
|
><PRE
|
|
CLASS="PROGRAMLISTING"
|
|
> http://www.bloomberg.com@www.badguy.com</PRE
|
|
></FONT
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
>
|
|
If a user clicked on that URI, they might think that they're going
|
|
to Bloomberg (who provide financial commodities news), but instead
|
|
they're going to www.badguy.com (and providing the username
|
|
www.bloomberg.com, which www.badguy.com will conveniently ignore).
|
|
If the badguy.com website then imitated the bloomberg.com site,
|
|
a user might be convinced that they're seeing the real thing
|
|
(and make investment decisions based on attacker-controlled
|
|
information).
|
|
This depends on URIs being used in an unusual way - clickable URIs
|
|
can have usernames, but usually don't.
|
|
One solution for this case is for the web browser to detect such unusual
|
|
URIs and create a pop-up confirmation widget, saying
|
|
``You are about to log into www.badguy.com as user www.bloomberg.com;
|
|
do you wish to proceed?''
|
|
If the widget allows the user to change these entries, it provides
|
|
additional functionality to the user as well as providing protection
|
|
against that attack.</P
|
|
><P
|
|
>Another example is homographs, particularly international homographs.
|
|
Certain letters look similar to each other, and these can be exploited
|
|
as well.
|
|
For example, since 0 (zero) and O (the letter O) look similar to each
|
|
other, users may not realize that WWW.BLOOMBERG.COM and WWW.BL00MBERG.COM
|
|
are different web addresses.
|
|
Other similar-looking letters include 1 (one) and l (lower-case L).
|
|
If international characters are allowed, the situation is worse.
|
|
For example, many Cyrillic letters look essentially the same as
|
|
Roman letters, but the computer will treat them differently.
|
|
Currently most systems don't allow international characters in host names,
|
|
but for various good reasons it's widely agreed that support for them
|
|
will be necessary in the future.
|
|
One proposed solution has been to diplay letters from different code regions
|
|
using different colors - that way,
|
|
users get more information visually.
|
|
If the users look at URI, they will hopefully notice the strange coloring.
|
|
[Gabrilovich 2002]
|
|
However, this does show the essence of a semantic attack -
|
|
it's difficult to defend against, precisely because the computers are
|
|
working correctly.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="cross-site-malicious-content.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="careful-typing.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>Prevent Cross-Site (XSS) Malicious Content</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="internals.html"
|
|
ACCESSKEY="U"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>Be Careful with Data Types</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |