CS 450/650 Fundamentals of Integrated Computer Security

Fall 2014

Homework 3 : Authentication

Due on Tuesday, Oct 14 at 1:00 pm

The following problems are from the text book (Stallings and Brown, 3rd edition):

Chapter 5

6 - Figure 5.16 shows a fragment of code that implements the login functionality for a database application. The code dynamically builds an SQL query and submits it to a database.
a. Suppose a user submits login, password, and pin as doe, secret, and 123. Show the SQL query that is generated.
b. Instead, the user submits for the login field the following: ’ or 1 = 1 - - What is the effect?

9 -Figure 5.17 shows a sequence of grant operations for a specific access right on a table. Assume that at t = 70, B revokes the access right from C. Using the conventions defined in Section 5.2, show the resulting diagram of access right dependencies.

Chapter 6

3 -The following code fragments show a sequence of virus instructions and a metamorphic version of the virus. Describe the effect produced by the metamorphic code.

5 -Consider the following fragment:

 legitimate code
 if data is Friday the 13th;
 legitimate code
What type of malware is this?

6 -Consider the following fragment in an authentication program:

 username = read_username();
 password = read_password();
 if username is “133t h4ck0r”
    return ALLOW_LOGIN;
 if username and password are valid
    return ALLOW_LOGIN
 else return DENY_LOGIN
What type of malicious software is this?

Chapter 7

4 -In order to implement a DNS amplification attack, the attacker must trigger the creation of a sufficiently large volume of DNS response packets from the intermediary to exceed the capacity of the link to the target organization. Consider an attack where the DNS response packets are 500 bytes in size (ignoring framing overhead). How many of these packets per second must the attacker trigger to flood a target organization using a 0.5-Mbps link? A 2-Mbps link? Or a10-Mbps link? If the DNS request packet to the intermediary is 60 bytes in size, how much bandwidth does the attacker consume to send the necessary rate of DNS request packets for each of these three cases?

What to turn in: A softcopy of your solutions (could be a scanned version of the hard copy) to be uploaded as a single file to WebCampus.