1. The document discusses computer security and operating systems. It defines operating systems and their functions in managing computer resources and processes.
2. It then covers various operating systems like Linux, Windows, iOS and Android. It discusses computer security in terms of operating systems, defining it as preventing unauthorized access.
3. The document outlines several common security threats like viruses, trojan horses, trap doors, logic bombs and buffer overflows. It describes different types of each threat and how they exploit systems. It also discusses security techniques used in operating systems like authentication, access control and intrusion detection.
4. Security
Operating System
Computer SecurityWHAT IS AN OPERATING SYSTEM
It manages the
computer's memory, processes, and all of
its software and hardware
It also allows you to communicate with
the computer without knowing how to
speak the computer's language
An operating system is the most
important software that runs on
a computer
The operating system coordinates all of this to
make sure each program gets what it needs.
6. Security
Operating System
Computer SecuritySECURITY (OPERATING SYSTEM)
GARFRINKEL
โa computer is secure if you can depend on it and its software to
behave as you expectโ
GOLLMEN
โdeals with the prevention and detection of unauthorized actions
by users of a computer systemโ
ROSS
โthe ability of a system to protect information and system
resources with respect to confidentiality and integrityโ
7. Security
Operating System
Computer Security
STANDARD SECURITY ATTACKS
01
Computer
System
02
Screening
04
Capability
03
Modern
Computing
Physical
Human
Network
OS
โข Physical โ Physical protection
of the computer system.
โข Human โ Screening of users
given access to the computer
system.
e.g. Phishing, Dumpster
Diving, Password Cracking.
โข Network โ As network
communications become
ever more important and
pervasive in modern
computing environments, it
becomes ever more
important to protect this
area of the system.
โข Operating System โ OS must
be capable of protecting
itself from accidental or
intentional security breaches
.
8. 8
SECURITY THREATS
The first part of presentation outlines security threats and briefly describes the methods, tools, and techniques
that intruders use to exploit vulnerabilities in systems to achieve their goals. The section discusses a theoretical
model and provides some real life scenarios. The appendixes give detailed analyses of the various aspects and
components that are discussed in this presentation.
9. 01Program threats
They attack
specific programs
or are carried and
distributed in
programs.
02
System and
Network threats
They attack the
operating system or the
network itself, or
leverage those systems
to launch their attacks.
03 Rootkits
A rootkit is a type
of malicious
software that is
activated each time
your system boots
up.
TYPES OF
SECURITY THREATS
11. Security
Operating System
Computer Security1.TROJAN HORSE
IT
INLCUDES
Data
Modification
Deletion
Blocking
Modifying
Copying
Distraction
Performance
โThe primary role of Trojan horses is to perform various actions that were not explicitly
allowed by the user.โ
12. Security
Operating System
Computer SecurityTROJAN HORSE CLASSIFICATION
01EXPLOIT
02 BACKDOOR
03RANSOM
Exploit Trojans are applications that seek
security vulnerabilities of software and
operating systems already installed on a
computer for malicious intent.
Trojan-Ransoms will modify or block
data on a computer either so it
doesnโt work properly or so certain
files canโt be accessed.
These are created to give an
unauthorized user remote
control of a computer.
04
05
06
SPY
This type of Trojan horse will be invisible to the
user while he or she goes about their daily
routines. They can collect keyboard data,
monitor program usage and take screenshots
of the activity performed on the computer.DDoS
A sub sect of backdoor Trojans,
denial of service (DDoS) attacks are
made from numerous computers to
cause a web address to fail.
BANKER
Trojan-bankers are created for
the sole purpose of gathering
usersโ bank, credit card, debit
card and e-payment information.
13. โขA Trap Door is when a designer or a
programmer ( or hacker ) deliberately inserts a
security hole that they can use later to access
the system.
โขBecause of the possibility of trap doors, once a
system has been in an untrustworthy state, that
system can never be trusted again. Even the
backup tapes may contain a copy of some
cleverly hidden back door.
TRAP DOOR
โขA Logic Bomb is code that is not designed to cause havoc
all the time, but only when a certain set of circumstances
occurs, such as when a particular date or time is reached
or some other noticeable event.
โขA classic example is the Dead-Man Switch, which is
designed to check whether a certain person ( e.g. the
author ) is logging in every day, and if they don't log in for a
long time ( presumably because they've been fired ), then
the logic bomb goes off and either opens up security holes
or causes other problems.
LOGIC BOMB
STACK AND BUFFER OVERFLOW
โขA Buffer Overflow is a flaw that occurs when more
data is written to a block of memory, or buffer, than
the buffer is allocated to hold. Exploiting a buffer
overflow allows an attacker to modify portions of the
target processโ address space.
14. Security
Operating System
Computer SecurityVIRUS
A
A virus is a fragment of code embedded
in an otherwise genuine program,
designed to replicate itself ( by infecting
other programs ), and ( eventually )
causing destruction. B
Viruses are delivered to systems in
a virus dropper, usually some form
of a Trojan Horse, and usually via e-
mail or unsafe downloads.
C
Viruses are more likely to infect PCs
than UNIX or other multi-user systems,
because programs in the latter systems
have limited authority to modify other
programs or to access critical system
structure.
15. Security
Operating System
Computer SecurityTYPES OF VIRUSES
03
04
05
06
โขMacro - exist as a script that are
run automatically by certain
macro-capable programs
โขSource code - viruses look for
source code and infect it in order
to spread
โขPolymorphic - viruses change
every time they spread
โขEncrypted - viruses travel in
encrypted form to escape
detection
01
02
โขFile โ A virus attaches itself to
an executable file (.exe)
โขBoot - virus occupies the boot
sector, and runs before the OS
is loaded
07
โขStealth - viruses try to avoid
detection by modifying parts of the
system that could be used to
detect it.
Lorem Ipsum
Lorem ipsum dolor sit amet,
consectetur adipiscing.
16. Security
Operating System
Computer SecurityFORMS OF VIRUSES
1
2
3
4
5
6
File โ A virus attaches itself to an executable file (.exe)
Boot - virus occupies the boot sector, and runs before the OS is
loaded.
Macro - exist as a script that are run automatically by certain
macro-capable programs
Source code - viruses look for source code and infect it in
order to spread
Encrypted - viruses travel in encrypted form to escape
detection
Stealth - viruses try to avoid detection by modifying parts of
the system that could be used to detect it.
17. Security
Operating System
Computer SecuritySystem and Network Threats
1
2
3
DOS attacks do not attempt to actually access or
damage systems, but merely to block them up so badly
that they cannot be used for any useful work. Tight
loops that repeatedly request system services are an
obvious form of this attack.
DENIAL OF SERVICE (DOS)
Port scanning is technically not an attack,
but rather a search for vulnerabilities to
attack.
PORT SCANNING
A worm is a process that uses the fork / spawn process to make copies of
itself in order to cause havoc(disorder) on a system. Worms consume
system resources, often blocking out other, valid processes.
WORMS
18. Security
Operating System
Computer SecurityROOTKITS
Persistent โ Activates each time the system
boots. The rootkit must store code in a
persistent store, such as the registry or file
system and configure a method by which the
code executes without user intervention.
ROOTKITS
1
2
3
4
Memory Based โ Has no persistent
mode and therefore cannot survive a
reboot.
User Mode โ Intercepts calls to
APIโs(Application Program Interface)
and modifies returned results.
Kernel Mode โ Can intercept calls to native
APIโs in kernel mode. The rootkit can also
hide the presence of a malware process by
removing it from the kernelโs list of active
processes.
A Rootkit virus is a stealth type of malware that is designed to
hide the existence of certain processes or programs on your
computer from regular detection methods, so as to allow it or
another malicious process privileged access to your computer.
19. SECURITY TECHNIQUES
Security is a journey, not a destination. This is a security industry axiom that means we can strive for security, and
by making this effort, we can put ourselves on a path to security. But while we may achieve a relative degree of
security, our businesses will never be 100 percent secureโthe destination we all strive for. Even Fort Knox, the
White House and the New York Stock Exchange are vulnerable.
20. Security
Operating System
Computer SecuritySECURITY TECHNIQUES
TECHNIQUES
FOR SECURING
SYSTEM
Authentication
Access Control
Intrusion
Detection
One Time
passwords
โข The operating system is the physical
environment where your application
runs. Any vulnerability in the
operating system could compromise
the security of the application. By
securing the operating system, you
make the environment stable, control
access to resources, and control
external access to the environment.
โข The physical security of the system is
essential. Threats can come through
the Web, but they can also come
from a physical terminal. Even if the
Web access is very secure, if an
attacker obtains physical access to a
server, breaking into a system is
much easier.
21. Security
Operating System
Computer SecurityAUTHENTICATION
PASSWORDCARD
BIOMETRIC
User need to enter a
registered username and
password with Operating
system to login into the
system.
User need to punch card in card slot, or enter
key generated by key generator in option
provided by operating system to login into the
system.
User need to pass his/her attribute via
designated input device used by operating
system to login into the system.
Authentication refers to
identifying the each user of the
system and associating the
executing programs with those
users. It is the responsibility of
the Operating System to create a
protection system which ensures
that a user who is running a
particular program is authentic.
22. Security
Operating System
Computer SecurityACCESS CONTROL LIST
CREATIVE
An access control model is a framework that dictates how subjects access objects.
It uses access control technologies and security mechanisms to enforce the rules and objectives of
the model.
Discretionary Access List
Role-based Access List
Mandatory Access List
23. Security
Operating System
Computer SecurityTYPES OF ACCESS CONTROL MODELS
DAC MAC RBAC
The control of access is
based on the discretion
(wish) of the owner.
A system that uses DAC
enables the owner of the
resource to specify which
subjects can access specific
resources
The most common
implementation of DAC is
through ACLโs which are
dictated and set by the
owners and enforced by the
OS.
This model is very strict and is
based on a security label
attached to all objects.
The subjects are given security
clearance by classifying the
subjects as secret, top secret,
confidential etc.) and the objects
are also classified similarly.
This model is used and is
suitable for military systems
where classifications and
confidentiality is of at most
important.
A RBAC is based on user roles and
uses a centrally administered set of
controls to determine how subjects
and objects interact.
The RBAC approach simplifies the
access control administration
It is a best system for a company
that has high employee turnover
24. Security
Operating System
Computer SecurityONE TIME PASSWORDS
THREE
TYPES
RANDOM NUMBERS
Users are provided cards having numbers printed
along with corresponding alphabets. System asks
for numbers corresponding to few alphabets
randomly chosen.
SECRET KEY
User are provided a hardware device which can
create a secret id mapped with user id. System
asks for such secret id which is to be generated
every time prior to login.
NETWORK PASSWORD
Some commercial applications send one time password to user on
registered mobile/ email which is required to be entered prior to login.
One time passwords provides
additional security along with normal
authentication. In One-Time Password
system, a unique password is required
every time user tries to login into the
system. Once a one-time password is
used then it can not be used again.
One time password are implemented
in various ways.
25. Security
Operating System
Computer SecurityREERENCES
โข Book: operating systems internals and design principles by william stallings 7th edition
โข https://www.cs.uic.edu/~jbell/coursenotes/operatingsystems/15_security.html
โข http://www.tutorialspoint.com/operating_system/os_security.htm
โข https://en.wikibooks.org/wiki/fundamentals_of_information_systems_security/access_control_systems
โข http://www.computerworld.com/article/2572130/security0/buffer-overflow.html
โข http://pcunleashed.com/different-types-of-trojan-horse-malware/
โข http://support.kaspersky.com/viruses/general/614