Scribd
Upload
12 views15 pages

Security

Chapter 15 covers the security challenges faced by operating systems, including various threats such as program, system, and network attacks. It discusses the importance of cryptography, user authentication, and implementing security measures at multiple levels to protect against breaches of confidentiality, integrity, and availability. The chapter also highlights specific threats like viruses, worms, and denial-of-service attacks, along with countermeasures to mitigate these risks.

Uploaded by

vishnu060405
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
12 views15 pages

Security

Chapter 15 covers the security challenges faced by operating systems, including various threats such as program, system, and network attacks. It discusses the importance of cryptography, user authentication, and implementing security measures at multiple levels to protect against breaches of confidentiality, integrity, and availability. The chapter also highlights specific threats like viruses, worms, and denial-of-service attacks, along with countermeasures to mitigate these risks.

Uploaded by

vishnu060405
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 15

Chapter 15: Security

Operating System Concepts – 8th Edition Silberschatz, Galvin and Gagne ©2009
Chapter 15: Security

 The Security Problem


 Program Threats
 System and Network Threats
 Cryptography as a Security Tool
 User Authentication
 Implementing Security Defenses
 Firewalling to Protect Systems and Networks
 Computer-Security Classifications
 An Example: Windows XP

Operating System Concepts – 8th Edition 15.2 Silberschatz, Galvin and Gagne ©2009
Objectives

 To discuss security threats and attacks


 To explain the fundamentals of encryption,
authentication, and hashing
 To examine the uses of cryptography in
computing
 To describe the various countermeasures to
security attacks

Operating System Concepts – 8th Edition 15.3 Silberschatz, Galvin and Gagne ©2009
The Security Problem

 Security must consider external environment of


the system, and protect the system resources
 Intruders (crackers) attempt to breach security
 Threat is potential security violation
 Attack is attempt to breach security
 Attack can be accidental or malicious
 Easier to protect against accidental than
malicious misuse

Operating System Concepts – 8th Edition 15.4 Silberschatz, Galvin and Gagne ©2009
Security Violations
 Categories
 Breach of confidentiality
 Breach of integrity
 Breach of availability
 Theft of service
 Denial of service
 Methods
 Masquerading (breach authentication)
 Replay attack
 Message modification
 Man-in-the-middle attack
 Session hijacking

Operating System Concepts – 8th Edition 15.5 Silberschatz, Galvin and Gagne ©2009
Standard Security Attacks

Operating System Concepts – 8th Edition 15.6 Silberschatz, Galvin and Gagne ©2009
Security Measure Levels

 Security must occur at four levels to be effective:


 Physical

 Human

 Avoidsocial engineering, phishing,


dumpster diving
 Operating System
 Network

 Security is as weak as the weakest link in the


chain

Operating System Concepts – 8th Edition 15.7 Silberschatz, Galvin and Gagne ©2009
Program Threats
 Trojan Horse
 Code segment that misuses its environment
 Exploits mechanisms for allowing programs written by users to
be executed by other users
 Spyware, pop-up browser windows, covert channels
 Trap Door
 Specific user identifier or password that circumvents normal
security procedures
 Could be included in a compiler
 Logic Bomb
 Program that initiates a security incident under certain
circumstances
 Stack and Buffer Overflow
 Exploits a bug in a program (overflow either the stack or memory
buffers)

Operating System Concepts – 8th Edition 15.8 Silberschatz, Galvin and Gagne ©2009
C Program with Buffer-overflow Condition

#include <stdio.h>
#define BUFFER SIZE 256
int main(int argc, char *argv[])
{
char buffer[BUFFER SIZE];
if (argc < 2)
return -1;
else {
strcpy(buffer,argv[1]);
return 0;
}
}

Operating System Concepts – 8th Edition 15.9 Silberschatz, Galvin and Gagne ©2009
Layout of Typical Stack Frame

Operating System Concepts – 8th Edition 15.10 Silberschatz, Galvin and Gagne ©2009
Program Threats (Cont.)
 Viruses
 Code fragment embedded in legitimate program
 Very specific to CPU architecture, operating system,
applications
 Usually borne via email or as a macro
 Visual Basic Macro to reformat hard drive
Sub AutoOpen()
Dim oFS
Set oFS =
CreateObject(’’Scripting.FileSystemObject’’)
vs = Shell(’’c:command.com /k format c:’’,vbHide)
End Sub

Operating System Concepts – 8th Edition 15.11 Silberschatz, Galvin and Gagne ©2009
Program Threats (Cont.)
 Virus dropper inserts virus onto the system
 Many categories of viruses, literally many thousands of viruses
 File
 Boot
 Macro
 Source code
 Polymorphic
 Encrypted
 Stealth
 Tunneling
 Multipartite
 Armored

Operating System Concepts – 8th Edition 15.12 Silberschatz, Galvin and Gagne ©2009
A Boot-sector Computer Virus

Operating System Concepts – 8th Edition 15.13 Silberschatz, Galvin and Gagne ©2009
System and Network Threats
 Worms – use spawn mechanism; standalone program
 Internet worm
 Exploited UNIX networking features (remote access) and bugs in
finger and sendmail programs
 Grappling hook program uploaded main worm program
 Port scanning
 Automated attempt to connect to a range of ports on one or a range of
IP addresses
 Denial of Service
 Overload the targeted computer preventing it from doing any useful
work
 Distributed denial-of-service (DDOS) come from multiple sites at once

Operating System Concepts – 8th Edition 15.14 Silberschatz, Galvin and Gagne ©2009
The Morris Internet Worm

Operating System Concepts – 8th Edition 15.15 Silberschatz, Galvin and Gagne ©2009

You might also like