Padělání a pozměňování peněz / Counterfeiting and altering of money

Barák, Michal

January 2012

in English This thesis deals with the issue of counterfeiting, in terms of both criminal and criminological perspective. Its opening is devoted to the money, especially to their historical development. The following chapter, number three, continuously moves to the description of the most widely used security features of money, especially of banknotes. Although these security features are not the subject of my thesis, this part can look quite dominant. However, I am convinced that the technical protection of money plays the pivotal role it the whole issue, so I gave them enough space at the beginning of work. The following section deals with the valid legislation and focuses primarily on the enumeration and analysis of the actus reaus under the Criminal Code. In my opinion, the focus only on criminal legislation is inadequate, and therefore I consider it is necessary to mention also other legislation which is significantly related, ie Act No. 136/2011 Coll., on the circulation of banknotes and coins and amending Act No. 6/ 1993 Coll. on the Czech National Bank, as amended, which contains mainly the Czech National Bank's role in the issues mentioned above and responsibilities of defined group of persons handling the money suspected of counterfeiting. The procedure of the Police of the Czech Republic...

Skadlig kod och sårbarheter i Windows : En studie i virusens historia och nutidens olika säkerhetsrisker

Lejdemalm, Roger, Andreasson, Daniel

January 2008

<p>I dag kan man oftast läsa om olika säkerhetshot och risker en datoranvändare måste tänka på för att inte ge någon utomstående möjlighet att komma åt känslig och/eller privat information. Här talas det om nya virus och nya typer av trojaner som sprids som epidemier över Internet, och i bland handlar det om ett spionprogram som följer med en nedladdad fil. Det är svårt att hålla reda på alla typer av skadlig kod som nämns fast med ökad förståelse ökar också chanserna för att klara sig från smitta. Det har visat sig att utvecklingen av skadlig kod är lika stark som den inom kommersiella mjukvaror. Från persondatorns uppkomst i början av 80-talet och fram till i dag, har utveckling skett i alla områden av den skadliga kod det handlar om strategi, syfte och framförallt ren kodkomplexitet.</p><p>Dagens ledande leverantör av operativsystem och webbläsare, Microsoft, lovar allt mer sofistikerade säkerhetslösningar varje gång en ny version av ett program släpps. Framförallt nämndes det i samband med lanseringen av Windows Vista att säkerheten var det som stod högst på listan.</p><p>Vi har tillsammans med WM-data i Stockholm tagit fram en programvara för fjärradministration av Windows. Huvudmålet var att med hjälp av våra baskunskaper i programmering skapa ett program för Windows XP och Windows Vista där en rad funktioner skulle kunna fjärrstyras utan att en användare vid den drabbade datorn upptäckte intrånget.</p><p>I denna rapport beskrivs utvecklingen av programvaran och de tester som gjorts på de båda operativsystemen. Vidare delas begreppet ”skadlig kod” upp i kategorierna virus, maskar, trojaner samt rootkits och förklaras mer ingående tillsammans med en historisk bild över hur utvecklingen av skadlig kod har sett ut.</p> / <p>In media today, you often read about different security threats and risks that one has to be aware of. Many things must be taken into consideration in order to maintain your integrity and information secrecy. It might be new virus outbreak, a new trojan or some kind of spy ware that undetected finds the way to your computer. It’s hard to keep track of all terms and types of malicious code, and with greater understanding, the risk of infection decreases. The development when it comes to malicious code is as strong as the one in commercial software development. From the 80’s until present day, every area in the development of malicious code has evolved, from strategy and purpose to the pure complexity of the code.</p><p>Microsoft, the worlds leading supplier of operating systems and web browsers, ensure us with every new release, that measures has been taken in order to enhance the security features. As the new operating system Windows Vista was released, spokesmen said that the security was now the highest priority.</p><p>We have, together with WM-data in Stockholm, developed software for remote administration of Windows. The objectives where by using our limited programming skills only, to come up with a program for Windows XP and Windows Vista, where a number of functions could be remotely executed without alerting a user at the infected computer.</p><p>This report describes the development of the software together with test results of execution on both operating systems. Further on, the report discusses different types of malicious code, such as viruses, worms, Trojans and root kits, together with a historical study of the development of malicious code.</p>

Virus history

trojans

root kits

security mechanisms

Windows Vista UAC

developing malicious code

Windows built-in security features

Computer science

Datalogi

Practical Mitigations Against Memory Corruption and Transient Execution Attacks

Ismail, Mohannad Adel Abdelmoniem Ahmed

31 May 2024

Memory corruption attacks have existed in C and C++ for more than 30 years, and over the years many defenses have been proposed. In addition to that, a new class of attacks, Spectre, has emerged that abuse speculative execution to leak secrets and sensitive data through micro-architectural side channels. Many defenses have been proposed to mitigate Spectre as well. However, with every new defense a new attack emerges, and then a new defense is proposed. This is an ongoing cycle between attackers and defenders. There exists many defenses for many different attack avenues. However, many suffer from either practicality or effectiveness issues, and security researchers need to balance out their compromises. Recently, many hardware vendors, such as Intel and ARM, have realized the extent of the issue of memory corruption attacks and have developed hardware security mechanisms that can be utilized to defend against these attacks. ARM, in particular, has released a mechanism called Pointer Authentication in which its main intended use is to protect the integrity of pointers by generating a Pointer Authentication Code (PAC) using a cryptographic hash function, as a Message Authentication Code (MAC), and placing it on the top unused bits of a 64-bit pointer. Placing the PAC on the top unused bits of the pointer changes its semantics and the pointer cannot be used unless it is properly authenticated. Hardware security features such as PAC are merely mechanisms not full fledged defences, and their effectiveness and practicality depends on how they are being utililzed. Naive use of these defenses doesn't alleviate the issues that exist in many state-of-the-art software defenses. The design of the defense that utilizes these hardware security features needs to have practicality and effectiveness in mind. Having both practicality and effectiveness is now a possible reality with these new hardware security features. This dissertation describes utilizing hardware security features, namely ARM PAC, to build effective and practical defense mechanisms. This dissertation first describes my past work called PACTight, a PAC based defense mechanism that defends against control-flow hijack- ing attacks. PACTight defines three security properties of a pointer such that, if achieved, prevent pointers from being tampered with. They are: 1) unforgeability: A pointer p should always point to its legitimate object; 2) non-copyability: A pointer p can only be used when it is at its specific legitimate location; 3) non-dangling: A pointer p cannot be used after it has been freed. PACTight tightly seals pointers and guarantees that a sealed pointer cannot be forged, copied, or dangling. PACTight protects all sensitive pointers, which are code pointers and pointers that point to code pointers. This completely prevents control-flow hijacking attacks, all while having low performance overhead. In addition to that, this dissertation proposes Scope-Type Integrity (STI), a new defense policy that enforces pointers to conform to the programmer's intended manner, by utilizing scope, type, and permission information. STI collects information offline about the type, scope, and permission (read/write) of every pointer in the program. This information can then be used at runtime to ensure that pointers comply with their intended purpose. This allows STI to defeat advanced pointer attacks since these attacks typically violate either the scope, type, or permission. We present Runtime Scope-Type Integrity (RSTI). RSTI leverages ARM Pointer Authentication (PA) to generate Pointer Authentication Codes (PACs), based on the information from STI, and place these PACs at the top bits of the pointer. At runtime, the PACs are then checked to ensure pointer usage complies with STI. RSTI overcomes two drawbacks that were present in PACTight: 1) PACTight relied on a large external metadata for protection, whereas RSTI uses very little metadata. 2) PACTight only protected a subset of pointers, whereas RSTI protects all pointers in a program. RSTI has large coverage with relatively low overhead. Also, this dissertation proposes sPACtre, a new and novel defense mechanism that aims to prevent Spectre control-flow attacks on existing hardware. sPACtre is an ARM-based defense mechanism that prevents Spectre control-flow attacks by relying on ARM's Pointer Authentication hardware security feature, annotations added to the program on the secrets that need to be protected from leakage and a dynamic tag-based bounds checking mechanism for arrays. We show that sPACtre can defend against these attacks. We evaluate sPACtre on a variety of cryptographic libraries with several cryptographic algorithms, as well as a synthetic benchmark, and show that it is efficient and has low performance overhead Finally, this dissertation explains a new direction for utilizing hardware security features to protect energy harvesting devices from checkpoint-recovery errors and malicious attackers. / Doctor of Philosophy / In recent years, cyber-threats against computer systems have become more and more preva- lent. In spite of many recent advancements in defenses, these attacks are becoming more threatening. However, many of these defenses are not implemented in the real-world. This is due to their high performance overhead. This limited efficiency is not acceptable in the real-world. In addition to that, many of these defenses have limited coverage and do not cover a wide variety of attacks. This makes the performance tradeoff even less convincing. Thus, there is a need for effective and practical defenses that can cover a wide variety of attacks. This dissertation first provides a comprehensive overview of the current state-of-the-art and most dangerous attacks. More specifically, three types of attacks are examined. First, control-flow hijacking attacks, which are attacks that divert the proper execution of a pro- gram to a malicious execution. Second, data oriented attacks. These are attacks that leak sensitive data in a program. Third, Spectre attacks, which are attacks that rely on sup- posedly hidden processor features to leak sensitive data. These "hidden" features are not entirely hidden. This dissertation explains these attacks in detail and the corresponding state-of-the-art defenses that have been proposed by the security research community to mitigate them. This dissertation then discusses effective and practical defense mechanisms that can mitigate these attacks. The dissertation discusses past work, PACTight, as well as its contributions, RSTI and sPACtre, presenting the full design, threat model, implementation, security eval- uation and performance evaluation of each one of these mechanisms. The dissertation relies on insights derived from the nature of the attack and compiler techniques. A compiler is a tool that transforms human-written code into machine code that is understandable by the computer. The compiler can be modified and used to make programs more secure with compiler techniques. The past work, PACTight, is a defense mechanism that defends against the first type of attacks, control-flow hijacking attacks, by preventing an attacker from abusing specific code in the program to divert the program to a malicious execution. Then, this dissertation presents RSTI, a new defense mechanism that overcomes the limitations of PACTight and extends it to cover data oriented attacks and prevent attackers from leaking sensitive data from the program. In addition to that, this dissertation presents sPACtre, a novel defesnse mechanism that defends against Spectre attacks, and prevents an attacker from abusing a processor's hidden features. Finally, this dissertation briefly discusses a possible future direction to protect a different class of devices, referred to as energy-harvesting devices, from attackers.

Hijacking

Data Oriented Attacks

Hardware Security Features

Speculative Execution

Compiler-enabled Defenses

Practical Design

System Software

Control-flow Spectre

Skadlig kod och sårbarheter i Windows : En studie i virusens historia och nutidens olika säkerhetsrisker

Lejdemalm, Roger, Andreasson, Daniel

January 2008

I dag kan man oftast läsa om olika säkerhetshot och risker en datoranvändare måste tänka på för att inte ge någon utomstående möjlighet att komma åt känslig och/eller privat information. Här talas det om nya virus och nya typer av trojaner som sprids som epidemier över Internet, och i bland handlar det om ett spionprogram som följer med en nedladdad fil. Det är svårt att hålla reda på alla typer av skadlig kod som nämns fast med ökad förståelse ökar också chanserna för att klara sig från smitta. Det har visat sig att utvecklingen av skadlig kod är lika stark som den inom kommersiella mjukvaror. Från persondatorns uppkomst i början av 80-talet och fram till i dag, har utveckling skett i alla områden av den skadliga kod det handlar om strategi, syfte och framförallt ren kodkomplexitet. Dagens ledande leverantör av operativsystem och webbläsare, Microsoft, lovar allt mer sofistikerade säkerhetslösningar varje gång en ny version av ett program släpps. Framförallt nämndes det i samband med lanseringen av Windows Vista att säkerheten var det som stod högst på listan. Vi har tillsammans med WM-data i Stockholm tagit fram en programvara för fjärradministration av Windows. Huvudmålet var att med hjälp av våra baskunskaper i programmering skapa ett program för Windows XP och Windows Vista där en rad funktioner skulle kunna fjärrstyras utan att en användare vid den drabbade datorn upptäckte intrånget. I denna rapport beskrivs utvecklingen av programvaran och de tester som gjorts på de båda operativsystemen. Vidare delas begreppet ”skadlig kod” upp i kategorierna virus, maskar, trojaner samt rootkits och förklaras mer ingående tillsammans med en historisk bild över hur utvecklingen av skadlig kod har sett ut. / In media today, you often read about different security threats and risks that one has to be aware of. Many things must be taken into consideration in order to maintain your integrity and information secrecy. It might be new virus outbreak, a new trojan or some kind of spy ware that undetected finds the way to your computer. It’s hard to keep track of all terms and types of malicious code, and with greater understanding, the risk of infection decreases. The development when it comes to malicious code is as strong as the one in commercial software development. From the 80’s until present day, every area in the development of malicious code has evolved, from strategy and purpose to the pure complexity of the code. Microsoft, the worlds leading supplier of operating systems and web browsers, ensure us with every new release, that measures has been taken in order to enhance the security features. As the new operating system Windows Vista was released, spokesmen said that the security was now the highest priority. We have, together with WM-data in Stockholm, developed software for remote administration of Windows. The objectives where by using our limited programming skills only, to come up with a program for Windows XP and Windows Vista, where a number of functions could be remotely executed without alerting a user at the infected computer. This report describes the development of the software together with test results of execution on both operating systems. Further on, the report discusses different types of malicious code, such as viruses, worms, Trojans and root kits, together with a historical study of the development of malicious code.

Virus history

trojans

root kits

security mechanisms

Windows Vista UAC

developing malicious code

Windows built-in security features

Computer Sciences

Datavetenskap (datalogi)

Vyprošťování osob z havarovaných vozidel s ohledem na jejich konstrukci / Extrication of Persons Trapped in Crashed Vehicles with Respect to their Construction

Pirner, Adam

January 2012

This thesis deals with the topic of extrication of people trapped incrashed vehicles regarding the construction of the vehicle. Part of the resources needed for this theses was taken from a literary survey drawn up with the help of the Research and scientific library in Hradec Králové according to the given topic and key phrases. The first part of the thesis deals with specific parts of the constructions of cars. This part is followed by description of road accidents, various kinds of accidents and possible deformations of cars after accidents. The thesis deals with extrication itself made by fire brigades, suitable procedures, kinds of interventions and means of used technical equipment. Another part suggests ways of saving trails and evidence during road accident interventions. Final part of the thesis is focused on overall analysis of the given problem based on personal experience, suggestions, negative aspects of the current situation and differences in training of possible situations with reality at the site of the accident.

Journalsystemet TakeCare : En studie av funktioner utifrån ett informationssäkerhets- och användarperspektiv / The health record system TakeCare : A study of functions based on a user and information security perspective

Aspnor, Ida, Sandell, Elin

January 2012

Sedan införandet av datoriserade patientjournalsystem och sammanhållen journalföring har det riktats kritik mot hälso- och sjukvårdens hantering av patientinformation. Det råder delade meningar om det är användare eller systemen som felar. Syftet med undersökningen är att inspektera utvalda funktioner i journalsystemet TakeCare som utvecklats för att upprätthålla patient- och informationssäkerhet. Genom att jämföra funktionerna med Socialstyrelsens uppsatta informationssäkerhetskrav har uppsatsen som mål att hitta var de påtalade problemen kan uppstå. Genom att fråga användare kring deras uppfattning om systemet är avsikten att få en förståelse av om problemet ligger i de tekniska funktionerna eller i hanteringen av systemet. Metoder som använts under arbetet är e-postintervjuer och ett studiebesök på Stockholms läns landstings IT-avdelning i form av en intervju och presentation av TakeCare. Vi har sett att det finns funktioner som tar hänsyn till samtliga informationssäkerhetskrav samt att användarna anser att de kan hantera systemet, men trots det kritiseras informationshanteringen inom sjukvården. Utifrån vår undersökning anser vi att problem uppstår när obehöriga tar beslutet att ta del av information, vilket inte är ett resultat av systemets tillkortakommande. Vi anser att vårdpersonal har ansvar för patientens säkerhet oavsett om det gäller hantering av systemet eller vård av patienten. / Since the introduction of computerized health record systems and unified record-keeping, the health care management of patient information has been criticized. There are divided opinions about whether or not the users or the systems that is imperfect. The survey aims to inspect selected features of the health record system TakeCare developed to maintain patient and information security. By comparing the functions to information security requirements established by Socialstyrelsen, the paper aims to find where the noted problems can arise. By asking users about their view, we intend to find an understanding for whether the problems occur in the technical functions or in the use of the system. Used methods are e-mail interviews and a study visit to Stockholm County Council's department for IT in form of an interview and presentation of TakeCare. We have observed that there are functions that take information security requirements into account and that the users believe they can manage the system, but nevertheless health care’s way of handling information is criticized. Based on our study, we believe that the problem occurs when an unauthorized person makes the decision to take part of information, which is not a result of the system's shortcomings. We believe that health care professionals are responsible for the patient’s safety, whether it's usage of the system or care of the patient.

Information structure

information management

security features

availability

unified record-keeping

Take Care

IT in health care

health informatics.

Informationsstruktur

informationshantering

säkerhetsfunktioner

tillgänglighet

sammanhållen journalföring

TakeCare

IT i vården

hälsoinformatik.

Information Systems