

































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This document will explore System Access threats, Malicious Software , Intrusion Detection Systems, Buffer Overflow , Compile TIME defences and Access control Schemes.
Typology: Lecture notes
1 / 41
This page cannot be seen from the preview
Don't miss anything!


































Operating
Systems:
Internals
Chapter 15
Operating
System
Security
Eighth Edition
Malicious threats
fall
gener
al
System
acces
s
into
two
Programs that exploit vulnerabilities in computing systems
Also referred to as malware
Can be divided into two categories:
parasitic
fragments of programs that cannot exist independently
of some
actual application program, utility, or system program
viruses, logic bombs, and backdoors are examples
independent
self-contained programs that can be scheduled and run
by the
RFC 4949 ( Internet Security Glossary) defines intrusion
detection as a security
service that monitors and analyzes system events for the purpose
of finding,
and providing real-time or near real-time warning of, attempts to
access
system resources in an unauthorized manner
Intrusion detection systems (IDSs) can be classified as:
host-based IDS
monitors the characteristics of a single host and
the events occurring within that host for
suspicious activity
network-based IDS
In most computer security contexts, user authentication is the
fundamental building block and the primary line of defense
RFC 4949 defines user authentication as the process of
verifying an identity claimed by or for a system entity
An authentication process consists of two steps:
identification step
presenting an identifier to the security system
verification step
presenting or generating authentication
information that corroborates the binding between
the entity and the identifier
possess
es
(dynamic
biometrics)
keycards, smart
cards, and
by voice pattern,
handwriting
referred to as a
token
rhyth
m
Something the individual knows Something the individual
is
examples include a password,
(static biometrics)
a personal identification examples include
recognition number (PIN), or answers to by
fingerprint, retina, and
a prearranged set of questions face
Something the individual (^) Something the individual
does
examples include electronic
examples include
protecting a local
system or
network-based security
threats
point, so that all
incoming
outside world via wide
area
must pass through the
firewall
Traditionally, a firewall
is a
the traffic that is
authorized to
with computers outside a
network
Design goals:
Can be an effective means of
network of
systems from traffic and all outgoing traffic
while affording access to the
networks and the Internet
security policy, which defines
dedicated computer that
interfaces
pass (^) and has special security
precautions built into it in
order to
Also known as a buffer overrun
Defined in the NIST (National Institute of Standards
and
Technology) Glossary of Key Information Security
Terms as:
“A condition at an interface under which more input can be
placed
into a buffer or data-holding area than the capacity allocated,
overwriting
other information. Attackers exploit such a condition to crash
a system or
Memory Before After Contains
Address gets(str2) gets(str2) Value of
............
bffffbf 4 34fcffbf 34fcffbf argv
4... 3...
bffffbf 0 01000000 01000000 argc
........
bffffbec c6bd034 0 c6bd034 0 return addr
... @... @
bffffbe 8 08fcffbf 08fcffbf old base ptr
........
bffffbe 4 00000000 01000000 valid
........
bffffbe 0 80640140 00640140
. d. @. d. @
bffffbdc 54001540 4e50555 4 str1[4-
7] T.. @ N P U T
bffffbd 8 53544152 42414449 str1[0-
3] S T A R B A D I
bffffbd 4 00850408 4e50555 4 str2[4-7]
.... N P U T
bffffbd 0 30561540 42414449 str2[0-3]
0 V. @ B A D I
............
Figure 15. 2 Basic Buffer Overflow Stack Values
vulnerability in some
program
externally sourced data
under
will be stored in the
processes
To identify a buffer overflow
that can be triggered
using
the attackers control
To understand how
that buffer
memory, and hence the
potential for corrupting
adjacent memory locations
overflows by
instrumenting
systems and updates
and can
existing vulnerable
programs
These defenses involve
changes to
virtual address space of
processes
choose a high-level
language
overflows
standar
ds
alter the
properties of
or to make predicting
the
sufficiently
difficult to attacks
include additional
code to
frame
Compile-time
Runtime
Aim to prevent or detect buffer Can be deployed
in operating
programs when they are compiled provide some
protection for
Possibilities:
that does not permit buffer
the memory
management of the
encourage safe coding
these changes act
librarie
s
one possibility is to write the program
using a
has a strong notion of variable type
and what
augment compilers to automatically
insert range
languages does come at a cost in
resource use,
that must execute at runtime
standard semantics but includes
additional
extend beyond the local variable
space in the
rewrite any unsafe coding constructs
an example is the OpenBSD project
which
UNIX-like operating system
among other technology changes,
programmers
existing code base, including the
operating
against classic stack overflow
attacks is to
set up and then check its stack
frame for any
mechanisms, is a GNU Compile
Collection
function entry and exit code
Choice of programming language Language extensions
and use of safe
modern high-level programming language that there have been a number of proposals
to
constitutes permissible operations on them checks on pointer references
the flexibility and safety provided by these Libsafe is an example that implements
the
both at compile time and also in additional code checks to ensure that the copy
operations do not
stack frame
Safe coding techniques Stack protection
mechanisms
programmers need to inspect the
code and
an effective method for protecting
programs
Identifies a user to the system
Associated with each user there can be a profile that
specifies permissible operations and file accesses
The operating system can then enforce rules based on the user
profile
The database management system, however, must control
access to specific records or even portions of records
The database management system decision for access
depends not only on the user’s identity but also on the
specific parts of the data being accessed and even on the