Chapter 2-Computer System Threat
Chapter 2-Computer System Threat
Chapter 2-Computer System Threat
3
Security features in Operating System
• An operating system manages and controls access
to hardware components
• Older operating systems focused on ensuring data
confidentiality
• Modern operating systems support four basic
functions
– Positively identify a user
– Restrict access to authorized resources
– Record user activity
– Ensure proper communications with other computers and
devices (sending and receiving data)
4
Operating system Security attack types
Malware Attack:
- A generic term for software that has malicious purpose
- is software that is intentionally included or inserted in a
system for a harmful purpose.
• Different forms of malicious software (malware)
• Intended to
– Cause distress to a user
– Damage files or systems
– Disrupt normal computer and network functions
• Examples
• Viruses, worms
• Logic bomb
• Trojan horses
• Spy-wares
• New ones: Spam/scam, Slammer, Nimda, e-payment 5
frauds, etc.
Name Description
Virus Attaches itself to a program and propagates copies of itself to
other programs
Worm Program that propagates copies of itself to other computers
Backdoor (trapdoor) is a secret entry point into a program that allows someone
that is aware of the backdoor to gain access without going
through the usual security access procedures.
Worms
• A worm is a program that can replicate itself and
send copies from computer to computer across
network connections.
9
More on Virus
During its lifetime, a typical virus goes through the following four
phases:
• Dormant phase: The virus is idle.
– The virus will eventually be activated by some event, such as a date, the
presence of another program or file, or the capacity of the disk exceeding
some limit.
• Propagation phase: The virus places an identical copy of itself into
other programs or into certain system areas on the disk.
– Each infected program will now contain a clone of the virus, which will itself
enter a propagation phase.
• Triggering phase: The virus is activated to perform the function for
which it was intended.
– As with the dormant phase, the triggering phase can be caused by a variety
of system events
12
Malware Attack…
• Logic bomb
The logic bomb is code embedded in some legitimate
program that is set to "explode" when certain
conditions are met.
Examples of conditions that can be used as triggers for
a logic bomb are:
• the presence or absence of certain files,
• a particular day of the week or date, or
• a particular user running the application.
16
Malware attacks…
• Infection mechanisms
First, the virus should search for and detect objects
to infect
Installation into the infectable object
• Writing on the boot sector
• Add some code to executable programs
• Add some code to initialization/auto-executable
programs
• Trigger mechanism
Date
Number of infections
First use
• Install updates
• Use malicious software scanners
• Back up systems and create repair disks
• Create and implement organizational
policies
19
Using Malicious Software Scanners
21
Suggestions to fight spam
• Never reply junk emails
• Do not open any files or executable
attachments
• Immediately DELETE the malicious email
• Don’t post your actual email address in the
website.
• Norton, McAfee, and many more include spam
as one of the threats that they protect
against.
• Can use spam filtering applications
22
OS Security: Files
• Common threats to file system:
– File permission
– File sharing
23
Access Permissions
• This listing indicates that the file is readable,
writable, and executable by the user who owns
the file (user Abe)
24
OS Security: Memory
25
OS Authentication Methods
• Authentication:
– Verifies user identity; something a person is, has, or does.
– Permits access to the operating system
– Use of biometrics, passwords, passphrase, token, or other
private information.
– Strong Authentication is important
• Physical authentication:
– Allows physical entrance to company property
– Magnetic cards and biometric measures
• Digital authentication:
– verifies user identity by digital means
26
OS Authentication Methods…
• Passwords
– User name + password most common
identification, authentication scheme.
– Weak security mechanism, must
implement strong password
protections
• Passphrase
– Is a sequence of characters that is
longer than a password.
– Takes the place of a password.
– Can be more secure than a password
because it is more complex.
Digital certificates:
- digital passport that identifies and verifies holder of certificate
Kerberos: 27
Developed by MIT
Class of Attacks
Reconnaissance is the information-gathering stage
of ethical hacking, where you collect data about the
target system. This data can include anything from
network infrastructure to employee contact details.
The goal of reconnaissance is to identify as many
potential attack vectors as possible
2
Program Flaws
Buffer Overflows
Buffer overflow flaw — often inadvertent (=>non-malicious)
but with serious security consequences
Many languages require buffer size declaration
For Example:
C language statement: char sample[10];
Execute statement: sample[i] = ‘A’; where i=10
Out of bounds (0-9) subscript – buffer overflow occurs
Some compilers don’t check for exceeding bounds
C does not perform array bounds checking.
Similar problem caused by pointers
No reasonable way to define limits for pointers
Where does ‘A’ go?
Depends on what is adjacent to ‘sample[10]’
Affects user’s data - overwrites user’s data
Affects users code - changes user’s instruction
Affects OS data - overwrites OS data
Affects OS code - changes OS instruction
This is a case of aliasing 30
Program Flaws ...
Buffer Overflows...
Implications of buffer overflow:
Attacker can insert malicious data values/instruction codes
into „overflow space”
Supp. buffer overflow affects OS code area
Attacker code executed as if it were OS code
Attacker might need to experiment to see what happens when
he inserts A into OS code area
Can raise attacker’s privileges (to OS privilege level)
When A is an appropriate instruction
Attacker can gain full control of OS
Web server attack similar to buffer overflow attack: pass very
long string to web server
Buffer overflows still common
Used by attackers
to crash systems
to exploit systems by taking over control
Large number of vulnerabilities due to buffer overflows 31
Program Flaws...
Incomplete Mediation
Incomplete mediation flaw — often inadvertent (=>
nonmalicious) but with serious security consequences
Incomplete mediation:
Sensitive data are in exposed, uncontrolled condition
Example URL to be generated by client’s browser to
access server, e.g.:
http://www.things.com/order/final&custID=101&part=555
A&qy=20&price=10&ship=boat&shipcost=5&total=205
32
Program Flaws...
Incomplete Mediation ...
Unchecked data are under a serious vulnerability!
33
Program Flaws ...
Time-of-check to Time-of-use Errors
Time-of-check to time-of-use flaw — often inadvertent (=>
nonmalicious) but with serious security consequences
34
TOCTTOU — mediation with “bait and switch” in the middle
...
Q: Any examples of TOCTTOU problems from
computing?
35
Prevention of TOCTTOU errors
...
Q: Any examples of preventing TOCTTOU from
DBMS/OS areas?
36
Many Thanks!
Letting if u have
any questions!