Learn Software

Syllabus Point

Design, develop and implement secure code to protect user file and hardware vulnerabilities from file attacks and side channel attacks

File system attacks can occur through malicious uploads, path traversal, and injection attacks. Side channel attacks exploit information from physical implementation rather than algorithm weaknesses. Secure development strategies must address both file security and hardware vulnerabilities.

File System Security

These attacks involve unauthorised access, modification or deletion of user files. Attack vectors can include injection (e.g., SQL injection), directory traversal, and privilege escalation.

Malicious file uploads

Attacks can upload scripts or executables to a web server, which may be run if the application doesn't validate the file.

Path traversal (directory traversal)

When an attacker manipulates the file path to access files outside of the intended directory.

For example, inputting: "../../../etc/passwd" as the filename to access the system files.

Other vulnerabilities

Improper File Permissions
File name injection

Side Channel Attacks

These exploit information gained from the physical implementation of a system instead of weaknesses in the algorithms. Examples include timing attacks, power analysis and EM leakage.

Types of side channel attacks

Fault injection

Deliberately inducing faults or errors in a device's operation to disrupt its behaviour.

For example, rapidly cutting off power supply to cause malfunctions.

Buffer overflow

A program writes more data to a memory space than it can hold, so data is spilled into adjacent memory.

Direct memory access (DMA)

Attackers can read or write to memory without going through normal access controls.

Hardware attacks

Types of hardware attacks include:

Firmware attacks
- Vulnerabilities are exploited by attackers to gain control over the system
Cold boot attacks
- An attacker with physical access to a machine can restart it and retrieve sensitive information from memory
USB-based attacks
- Can be used to deliver malware or take control of a system

Development Strategies

Using secure and well-tested coding libraries and APIs for secure functions
Limit access to files and hardware with secure access controls and role-based access
Use programming languages/practices that prevent buffer overflows
Implement mechanisms that validate outputs and inputs to prevent unexpected states

Related Resources

Keep Progressing

Use the lesson navigation below to move through the module sequence.

Previous: Design, Develop and Implement Secure Code to Minimise Vulnerabilities in User Action ControlsLast content page in topic

Syllabus Point

Design, develop and implement secure code to protect user file and hardware vulnerabilities from file attacks and side channel attacks

File System Security

These attacks involve unauthorised access, modification or deletion of user files. Attack vectors can include injection (e.g., SQL injection), directory traversal, and privilege escalation.

Malicious file uploads

Attacks can upload scripts or executables to a web server, which may be run if the application doesn't validate the file.

Path traversal (directory traversal)

When an attacker manipulates the file path to access files outside of the intended directory.

For example, inputting: "../../../etc/passwd" as the filename to access the system files.

Other vulnerabilities

Improper File Permissions
File name injection

Side Channel Attacks

These exploit information gained from the physical implementation of a system instead of weaknesses in the algorithms. Examples include timing attacks, power analysis and EM leakage.

Types of side channel attacks

Fault injection

Deliberately inducing faults or errors in a device's operation to disrupt its behaviour.

For example, rapidly cutting off power supply to cause malfunctions.

Buffer overflow

A program writes more data to a memory space than it can hold, so data is spilled into adjacent memory.

Direct memory access (DMA)

Attackers can read or write to memory without going through normal access controls.

Hardware attacks

Types of hardware attacks include:

Firmware attacks
- Vulnerabilities are exploited by attackers to gain control over the system
Cold boot attacks
- An attacker with physical access to a machine can restart it and retrieve sensitive information from memory
USB-based attacks
- Can be used to deliver malware or take control of a system

Development Strategies

Using secure and well-tested coding libraries and APIs for secure functions
Limit access to files and hardware with secure access controls and role-based access
Use programming languages/practices that prevent buffer overflows
Implement mechanisms that validate outputs and inputs to prevent unexpected states

Related Resources

Keep Progressing

Use the lesson navigation below to move through the module sequence.

Previous: Design, Develop and Implement Secure Code to Minimise Vulnerabilities in User Action ControlsLast content page in topic

Design, Develop and Implement Secure Code to Protect User File and Hardware Vulnerabilities

Syllabus Point

File System Security

Malicious file uploads

Path traversal (directory traversal)

Other vulnerabilities

Side Channel Attacks

Types of side channel attacks

Fault injection

Buffer overflow

Direct memory access (DMA)

Hardware attacks

Development Strategies

Related Resources

Keep Progressing

Design, Develop and Implement Secure Code to Protect User File and Hardware Vulnerabilities

Syllabus Point

File System Security

Malicious file uploads

Path traversal (directory traversal)

Other vulnerabilities

Side Channel Attacks

Types of side channel attacks

Fault injection

Buffer overflow

Direct memory access (DMA)

Hardware attacks

Development Strategies

Related Resources

Keep Progressing