Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 149: Operating Systems April 30 Class Meeting Department of Computer Science San Jose State University Spring 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak.

Published byEverett Cory West Modified over 9 years ago

Similar presentations

Presentation on theme: "CS 149: Operating Systems April 30 Class Meeting Department of Computer Science San Jose State University Spring 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak."— Presentation transcript:

1 CS 149: Operating Systems April 30 Class Meeting Department of Computer Science San Jose State University Spring 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak 1Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

2 2 Security  Protection mechanisms protect against internal problems.  Security measures protect against external threats. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

3 3 Security Violations  Breach of confidentiality Unauthorized reading of data.  Breach of integrity Unauthorized modification of data.  Breach of availability Unauthorized destruction of data. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

4 4 Security Violations, cont’d  Theft of service Unauthorized use of resources.  Denial of service (DOS) Prevention of legitimate use. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

5 5 Security Violation Methods  Masquerading (breach authentication) Pretend to be an authorized user to escalate privileges.  Replay attack With or without message modification.  Session hijacking Intercept an already-established session to bypass authentication. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

6 6 Security Violation Methods  Man-in-the-middle attack An intruder sits in data flow to masquerade as the sender in order to fool the receiver, and vice versa. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

7 7 Man (or Woman) in the Middle Attack Operating Systems Concepts, 9 th edition Silberschatz, Galvin, and Gagne (c) 2013 John Wiley & Sons. All rights reserved. 978-1-118-06333-0 Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

8 8 Levels of Security  It is impossible to have absolute security.  Make the cost to the perpetrator sufficiently high to deter most intruders.  Security is as strong as the weakest link in the chain.  But can too much security be a problem? Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

9 9 Levels of Security, cont’d  Security must occur at four levels to be effective: Physical  Data centers, servers, connected terminals. Human  Avoid social engineering, phishing, dumpster diving. Operating system  Protection mechanisms, debugging. Network  Intercepted communications, interruption, DOS. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

10 10 Trojan Horse Attack  A program written by one user can execute in another user’s environment. The program gains the other user’s access rights. The program misuses those rights.  A long UNIX path names exposes each directory on the path.  A path that includes “.” when used in another user’s directory can give a program access to the other user’s home directory. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

11 11 Trojan Horse Attack, cont’d  Examples: spyware pop-up browser windows browser plug-ins covert channels  Up to 80% of spam is delivered by spyware-infected systems. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

12 12 Trap Door Attack  Specific user identifier or password that circumvents normal security procedures.  The trap door could be included in a compiler. How can you inspect every compiled program? Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

13 13 Logic Bomb  A program initiates a security incident under certain circumstances.  Developed by a disgruntled programmer. Must enter a password daily to prevent the bomb from going off.  If the programmer is fired, the bomb explodes.  Must hire the programmer back as an expensive consultant to “solve” the problem. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

14 14 Stack and Buffer Overflow  Exploit a bug in a program to gain unauthorized user or privilege escalation. Overflow either the stack or memory buffers. Fail to check bounds on inputs or arguments.  Write past the arguments on the stack into the return address on stack.  When routine returns from a function call, it returns to a hacked address. Load code onto stack that executes malicious instructions. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

15 15 Stack and Buffer Overflow, cont’d Before attackAfter attack Operating Systems Concepts, 9 th edition Silberschatz, Galvin, and Gagne (c) 2013 John Wiley & Sons. All rights reserved. 978-1-118-06333-0 Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

16 16 Viruses  A malicious code fragment embedded in a legitimate program.  Self-replicating, designed to infect other computers.  Very specific to CPU architecture, operating system, applications.  Usually borne via email or as a macro. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

17 17 Categories of Viruses  Parasitic file  Boot  Macro  Source code  Polymorphic Avoids having a virus signature  Encrypted Encrypted to avoid detection. Decrypts to execute. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

18 18 Categories of Viruses, cont’d  Stealth Modifies parts of the system that can be used to detect it.  Tunneling Installs in the interrupt-handler chain or in device drivers.  Multipartite Infect multiple parts of a system.  Armored Hard for antivirus researchers to detect. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

19 19 Boot Sector Computer Virus Operating Systems Concepts, 9 th edition Silberschatz, Galvin, and Gagne (c) 2013 John Wiley & Sons. All rights reserved. 978-1-118-06333-0 Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

20 20 Keystroke Logger Virus  A virus that intercepts keystrokes.  Records passwords, etc.  Sends confidential information to a malicious recipient. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

21 21 The Morris Internet Worm  A worm uses a spawn mechanism to duplicate itself.  The Morris Internet worm Launched November 2, 1988 by Robert Morris, a first-year Cornell grad student. Exploited UNIX networking features and bugs in the finger and sendmail programs. Exploited trust-relationship mechanism used by rsh to access friendly systems without the use of a password. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

22 22 The Morris Internet Worm, cont’d  The Morris Internet worm, cont’d The grappling hook program uploaded the main worm program.  99 lines of C code Hooked systems then uploaded main code and attacked connected systems.  Morris was convicted in federal court.  Now a computer science professor at MIT. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

23 23 The Morris Internet Worm, cont’d Operating Systems Concepts, 9 th edition Silberschatz, Galvin, and Gagne (c) 2013 John Wiley & Sons. All rights reserved. 978-1-118-06333-0 Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

24 24 Port Scanning  Automated attempt to connect to a range of ports on one IP address or on a range of IP addresses.  Detect answering service protocol.  Detect OS and version running on system. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

25 25 Port Scanning, cont’d  nmap scans all ports in a given IP range or a response http://www.insecure.org/nmap  Frequently launched from zombie systems. To decrease traceability. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

26 26 Denial of Service  Overload the targeted computer to prevent it from doing any useful work.  A distributed denial-of-service (DDOS) comes from multiple sites at once. “Ping” of death.  Consider traffic to a web site. How can you tell the difference between being a target and being really popular? Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

27 27 Denial of Service, cont’d  Accidental CS students writing bad fork() code.  Purposeful Extortion, punishment Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

28 28 Design Principles for Security  The system design should be public.  The default should be no access.  Check for current authority.  Give each process the least authority possible. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

29 29 Design Principles for Security, cont’d  The protection mechanism should be simple, uniform, and built into the lowest layers of the system.  The scheme chosen must be psychologically acceptable. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

30 30 User Authentication: Passwords  Easy to defeat.  Passwords are often easy to guess. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

31 31 User Authentication: Passwords, cont’d  A classic research study in 1979 compiled a list of likely passwords. first and last names street and city names words from a moderate-sized dictionary license plate numbers short strings of random numbers  Discovered that over 86% of passwords then in use were in their list. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

32 32 Security Firewalls Operating Systems Concepts, 9 th edition Silberschatz, Galvin, and Gagne (c) 2013 John Wiley & Sons. All rights reserved. 978-1-118-06333-0 Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

33 33 Cryptography as a Security Tool Encryption and decryption using RSA asymmetric cryptography. Product plug: Take CS 166: Information Security Operating Systems Concepts, 9 th edition Silberschatz, Galvin, and Gagne (c) 2013 John Wiley & Sons. All rights reserved. 978-1-118-06333-0 Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

34 34 The Bad Guys  “Script kiddies” Young “hackers” who run malicious scripts that are shared among the hacker communities. Break-ins and stolen data are trophies for bragging. Can be thwarted by “honey pots”  Fake data at a site designed to lure hackers.  Corporate thieves Steal confidential data from competitors.  Hostile (or friendly) governments Snooping and monitoring Spying Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

35 35 Computer Security as a Career  Cybersecurity is a hot field. Computers are used everywhere. Big data. Privacy issues.  Operate in a dark, shadowy world. SRI anecdote. Department of Computer Science Spring 2015: April 30 CS 149: Operating Systems © R. Mak

Download ppt "CS 149: Operating Systems April 30 Class Meeting Department of Computer Science San Jose State University Spring 2015 Instructor: Ron Mak www.cs.sjsu.edu/~mak."

Similar presentations

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.

Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 URL: Security.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Chapter 15 Security Bernard Chen Spring 2007. Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.

Chapter 15 Security Bernard Chen Spring Protection vs. Security Protection (Ch.14) deals with internal problem Security (Ch. 15) Deals with external.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.

Security  The Security Problem  Authentication  Program Threats  System Threats  Securing Systems  Intrusion (unwanted involvement) Detection  Encryption.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.

1 Protection Protection = access control Goals of protection Protecting general objects Example: file protection in Linux.
Module 6.0: Security and Protection

Module 6.0: Security and Protection
Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)

Chapter 15: Security. The Security Problem Security must consider external environment of the system, and protect the system resources Intruders (crackers)
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
What we will cover… Protection and Security in OS.

What we will cover… Protection and Security in OS.
Lecture 21 Chapter 14: Protection Chapter 15: Security

Lecture 21 Chapter 14: Protection Chapter 15: Security
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Protection and Security CSCI 444/544 Operating Systems Fall 2008.

Protection and Security CSCI 444/544 Operating Systems Fall 2008.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Similar presentations

Ads by Google