Chapter 3 - Programs and programming Flashcards
Error
a human makes a mistake in performing some
software activity
Fault
an incorrect step, command, process, or data definition in a computer program, design, or documentation.
Failure
a departure from the system’s required behavior
Program counter
Computers use a pointer or register that indicates the
next instruction.
Heap
storage for dynamically created data
Stack
Storage for subtask call and return data
Program fault
Trying to execute something that does not correspond to a valid instruction or trying to execute a privileged instruction when not in the proper mode
Privilege escalation
By replacing a few instructions right after returning from his or her own procedure, the attacker regains control from the operating system, possibly with
raised privileges.
Buffer (or array or string)
a space in which data can be held.
local data
data used strictly within one procedure
shared or common or global data
shared between two or more procedures
Stack frame
This data group of parameters, return address, and stack pointer
stack smashing
Arbitrary data in the wrong place causes strange behavior, but particular data in a predictable location causes a planned impact.
data driven attack
the harm occurs by the data the attacker sends.
static code analyzer
analyzes source code to detect unsafe conditions
canary
to protect the stack, we can do that by wrapping each stack frame in a protective layer.
mediation
Verifying that the subject is authorized to perform the operation on an object
time-of-check to time-of-use (TOCTTOU)
concerns mediation that is performed with a
“bait and switch” in the middle. it exploits the delay between the two actions: check and use. That is, between the time the access was checked and the time the result of the check was used, a change occurred, invalidating the result of the check.
backdoor or trapdoor
An undocumented access point
integer overflow
occurs because a storage location is of fixed, finite size and therefore can contain only integers up to a certain limit.
null terminated
meaning that the end of the string is denoted by a null byte
race condition or serialization flaw
two processes execute concurrently, and the outcome of the computation depends on the order in which instructions of the processes execute.
Malicious code or rogue programs or malware
the general name for programs or program parts planted by an agent with malicious intent to cause unanticipated or undesired effects.
virus
a program that can replicate itself and pass on malicious code to other non-malicious programs by modifying them.
transient virus
a life span that depends on the life of its host; the virus runs when the program to which it is attached executes, and it terminates when the attached program ends.
resident virus
locates itself in memory; it can then remain active or be activated as a stand-alone program, even after its attached program ends.
worm
a program that spreads copies of itself through a network.
bot (short for robot)
a kind of worm used in vast numbers by search engine hosts like Bing and Google.
Trojan horse
malicious code that, in addition to its primary effect, has a second, nonobvious, malicious effect. slips inside a program undetected and produces unwelcome effects later on.
zero-day attack
use of malware that exploits a previously unknown vulnerability or a known vulnerability for which no countermeasure has yet been distributed.
zero-day exploit
An attack before availability of the control
virus hoaxes
messages falsely warning of a piece of malicious code, apparently to cause receivers to panic and forward the message to contacts, thus spreading the panic.
multipartite form
they install themselves in several pieces in distinct locations, sometimes to carry out different objectives.
interpretive data
Although such a file is not executable as a program itself, it can cause activity in the program that handles it.
stealth
avoiding detection during installation, while
executing, or even at rest in storage.
Steganography
permits data to be hidden in large, complex, redundant data sets.
polymorphic virus
A virus that can change its appearance
encrypting viruses.
A simple variety of polymorphic virus uses encryption under various keys to make the stored form of the virus different.
modular
to create a design or code in small, self-contained units, called components or modules;
encapsulation
If a component is isolated from the effects of other components, then the system is designed in a way that limits the damage any fault causes. developers can readily see where vulnerabilities may lie
if the component is isolated.
Information hiding
each component hides its precise implementation or some other design decision from the others.
Modularization
the process of dividing a task into subtasks
cohesion
all the elements of a component have a logical and functional reason for being there; every aspect of the component is tied to the component’s single purpose.
Coupling
the degree with which a component depends on other components in the system.
mutual suspicion
operate as if other routines in the system were malicious or incorrect.
confined program
strictly limited in what system resources it can access
SSL
secure socket layer
a cryptographic technique by which browser web communications are secured, for example, to protect the privacy of a banking transaction.
Address-space-layout randomization
a technique by which a module is loaded into different locations at different times (using a relocation device similar to base and bounds registers)
module testing, component testing, or unit testing
verifies that the component functions properly with the types of input expected from a study of the component’s design.
Integration testing
the process of verifying that the system components work together as described in the system and program design specifications.
function test
evaluates the system to determine whether the functions described by the requirements specification are actually performed by the integrated system.
performance test
compares the system with the remainder of these software and hardware requirements.
acceptance test
the system is checked against the customer’s requirements description.
installation test
run to make sure that the system still functions as it should
regression testing
After a change is made to enhance the system or fix a problem ensures that all remaining functions are still working and that performance has not been degraded by the change.
Black-box testing
testers cannot “see inside” the system, so they apply particular inputs and verify that they get the expected output.
Clear-box testing
allows visibility. Here, testers can examine the design and code directly, generating test cases based on the code’s actual construction.
program verification
involves making initial assertions about the program’s inputs and then checking to see if the desired output is generated.
Validation
assuring that the system developers have implemented all requirements.
design by contract™ (a trademark of Eiffel Software) or
programming by contract
a formal program development approach, but more widely, these terms refer to documenting for each program module its preconditions, postconditions, and invariants.
assertions
explicit statements about modules.
penetrate-and-patch
analysts searched for and repaired flaws.
security by or through obscurity
ineffective countermeasure of assuming the attacker will not find a vulnerability. the belief that a system can be secure as long as nobody outside its implementation group is told anything about its internal mechanisms.
work factor
the amount of effort necessary for an adversary to defeat a security control.
halting problem
asks whether a computer program stops execution or
runs forever.
