Towards End-to-End Security Analysis of Networked Systems

Slides:



Advertisements
Similar presentations
Operating Systems Components of OS
Advertisements

Secure Virtual Machine Execution Under an Untrusted Management OS Chunxiao Li Anand Raghunathan Niraj K. Jha.
Trusted System Elements and Examples CS461/ECE422 Fall 2011.
CS533 Concepts of Operating Systems Class 14 Virtualization and Exokernels.
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Virtualization and Cloud Computing. Definition Virtualization is the ability to run multiple operating systems on a single physical system and share the.
Dancing with Giants: Wimpy Kernels for On-demand Isolated I/O Presenter: Probir Roy Computer Science Department College of William & Mary.
A Logic of Secure Systems and its Application to Trusted Computing Anupam Datta, Jason Franklin, Deepak Garg, and Dilsun Kaynar Carnegie Mellon University.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
CS533 Concepts of Operating Systems Class 14 Virtualization.
Systems with small trusted computing bases (TCBs) open possibility for automated security verification of systems Example: SecVisor - a 3kLOC security.
1 Achieving Trusted Systems by Providing Security and Reliability (Research Project #22) Project Members: Ravishankar K. Iyer, Zbigniew Kalbarczyk, Jun.
1 Modeling and Analysis of Networked Secure Systems with Application to Trusted Computing Jason Franklin Joint work with Deepak Garg, Dilsun Kaynar, and.
outline Purpose Design Implementation Market Conclusion presentation Outline.
Towards Application Security On Untrusted OS
Towards High-Assurance Hypervisors Jason Franklin Joint with Anupam Datta, Sagar Chaki, Ning Qu, Arvind Seshadri.
1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.
Virtual Machine Security Summer 2013 Presented by: Rostislav Pogrebinsky.
Intrusion Prevention System Group 6 Mu-Hsin Wei Renaud Moussounda Group 6 Mu-Hsin Wei Renaud Moussounda.
N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.
Norman SecureSurf Protect your users when surfing the Internet.
On-Chip Control Flow Integrity Check for Real Time Embedded Systems Fardin Abdi Taghi Abad, Joel Van Der Woude, Yi Lu, Stanley Bak, Marco Caccamo, Lui.
Port Knocking Software Project Presentation Paper Study – Part 1 Group member: Liew Jiun Hau ( ) Lee Shirly ( ) Ong Ivy ( )
G53SEC 1 Reference Monitors Enforcement of Access Control.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Virtual Machine Security Systems Presented by Long Song 08/01/2013 Xin Zhao, Kevin Borders, Atul Prakash.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
25-Oct-15Network Layer Connecting Devices Networks do not normally operate in isolation.They are connected to one another using connecting devices. The.
Advanced Design and System Patterns The Microkernel Pattern.
出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲 吳俊逸.
G53SEC 1 Reference Monitors Enforcement of Access Control.
OPERATING SYSTEM SUPPORT DISTRIBUTED SYSTEMS CHAPTER 6 Lawrence Heyman July 8, 2002.
0 Penn State, NSRC Industry Day, Trent Jaeger – Past Projects and Results Linux Security –Aim to Build Measurable, High Integrity Linux Systems.
Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.
Self-service Cloud Computing by Jack Luo Shakeel Butt (Rugtgers University) H.Andres Lagar-Cavilla (GridCentric Inc.) Abhinav Srivastava (AT&T Labs-Research)
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
Improving Xen Security through Disaggregation Derek MurrayGrzegorz MilosSteven Hand.
Operating Systems Security
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Wireless and Mobile Security
Presentation Layer (Graphical User Interface) AppGUI Logic Layer (Business Logic and data access) Network Discovery Device Information Extraction Network.
Major OS Components CS 416: Operating Systems Design, Spring 2001 Department of Computer Science Rutgers University
PROJECT DOMAIN : NETWORK SECURITY Project Members : M.Ananda Vadivelan & E.Kalaivanan Department of Computer Science.
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 draft-urien-eap-smartcard-06.txt “EAP-Support in Smartcard”
Some Great Open Source Intrusion Detection Systems (IDSs)
Constraint Framework, page 1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Constraints approach.
CS457 Introduction to Information Security Systems
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S
Conflict Resolution & Policy Compliance in Multi-Cloud Distributed System. Presented By:- Adarsh Pillay Deepak Begrajka Rudra gupta.
Network Security Analysis Name : Waleed Al-Rumaih ID :
Definition of Distributed System
Computer Data Security & Privacy
Security Issues.
Outline What does the OS protect? Authentication for operating systems
Presentation by Omar Abu-Azzah
Sami Raatikainen/SCOMS
Outline What does the OS protect? Authentication for operating systems
University of Technology
Hardware Support for Embedded Operating System Security
Free Exam Questions | New Microsoft Exam Dumps and Exam News
Seraphim : A Security Architecture for Active Networks
Bastion secure processor architecture
AEGIS: Secure Processor for Certified Execution
Tiers vs. Layers.
Operating Systems: A Modern Perspective, Chapter 3
Sai Krishna Deepak Maram, CS 6410
FIREWALL.
Firewall Installation
Honeypots Visit for more Learning Resources 1.
Virtual machine monitors & Secure operation
Presentation transcript:

Towards End-to-End Security Analysis of Networked Systems Extending protocol analysis to include secure system primitives Deepak Garg, Jason Franklin, Dilsun Kaynar, and Anupam Datta

Virtual Machine Monitor Secure Hamburgers User Level Programs Malicious Mustard Lettuce Operating System Layer diagrams specify both interfaces and dependences Virtual Machine Monitor Hardware * My apologies to any vegetarian or hungry members of the audience.

… Networked Secure Hamburgers Virtual Machine Virtual Machine Client Malicious Mustard Virtual Machine Virtual Machine … Malicious Mustard Client Virtual Machine Monitor Malicious Mustard Memory Hardware Secure Co-processor Feisty Fries

Logic of Secure Hamburgers Malicious local threads can corrupt unprotected data and code Malicious Mustard Killer Ketchup Key: Control Flow Hardware Resets Trusted Computing Technology old NEW!!! Memory Memory Protection Time As a first step towards model and analyzing networked secure systems we have added memory + memory protection etc… Prove you are safe from the killer ketchup… Threads Network Comm. Crypto.

Verifying Implementations Checking implementations using model checkers (have found attacks against a security hypervisor SOSP Seshadri 07] Found vulnerabilities in hypervisor design and implementation

Hungry for More? CMU Theory of Secure Systems Project http://www.cs.cmu.edu/~jfrankli/toss

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.