SlideShare a Scribd company logo

Chapter 2Controlling a ComputerChapter 2 OverviewOverv

Download as DOCX, PDF
E
EstelaJeffery653

This chapter discusses controlling access to computers through various mechanisms. It introduces buffer overflow attacks and describes how the Morris Worm in 1988 exploited a buffer overflow vulnerability to spread rapidly and disable many internet computers. It then explains the basic strategies that operating systems use to control access, including process isolation, access controls, and separating programs into user and kernel modes.

Education
1 of 14
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Chapter 2 Controlling a Computer Chapter 2 Overview Overview of the general strategies for controlling access Buffer overflow: a well-known technique for subverting computer software Introduction to attack scenarios and case studies Mechanisms typically used to control access within a computer Security planning: describing the protections needed and how to implement them CPU Hardware: Motherboard Left: © iStockphoto/Thinkstock; Middle: © Péter Gudella/Dreamstime.com; Right: Courtesy of Dr. Richard Smith. Programs Data resides in RAM Numbers and other coded data Examined and modified by programs Stored in consecutively numbered locations Programs are lists of instructions Instructions reside in RAM Each is a single arithmetic operation or comparison Stored in consecutively numbered locations Executing a Machine Instruction
Left: Courtesy of Dr. Richard Smith; Right: © iStockphoto/Thinkstock Organizing RAM into “Sections” Control sections Contain instructions to execute Contain unchanging data Data sections Contain variables that change Contain “free form” RAM Buffers, stacks Control and Data Sections Functions, Procedures, Subroutines We break programs into pieces A piece with a particular job = function or procedure or subroutine, all roughly the same One function can execute another function PC is pointed to the called function’s address We save the current function’s “state” Saving the variables and the caller’s PC Saved in RAM, often on a “stack” One Function Calls Another Function We save the program counter in the “calling function” We execute the instructions in the “called function” At the end of the “called function” we restore the program counter This returns the CPU to where the “calling function” left off
Processes A program is a group of instructions A process is a running program Its PC is, or can be, changing It has some RAM with instructions and data Windows example Run two command shells One program, two processes Looking at processes with the Task Manager List Applications; List Processes Switching Processes The “dispatcher” procedure in the operating system (OS) switches running processes Stops (pauses) one process and starts another Save the PC for the stopped process Save other CPU data from the stopped process Locate the “saved state” for the one to start Load up the saved CPU data for the process Load the PC with the starting process’s PC value The Operating System Dispatching and process management is only one of its many tasks. RAM management – assigns RAM to active processes and manages free RAM I/O management – handles external devices File management – hard drives & mass storage User interface management – keyboards and GUIs Network protocols – connect to other computers
Buffer Overflow: The Morris Worm Morris Worm – first major Internet worm 1988 – disabled about 10% of Internet computers Used several attacks Buffer overflow vulnerability A program fails to keep track of its input The input data modifies RAM that it shouldn’t Attacker can take over the computer if the wrong RAM gets modified The “finger” Program Retrieved information about other users Rarely used today Command “finger [email protected]” Retrieved information about JSL at BU.EDU If the sender typed too many letters, like: finger [email protected] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX and so on… the program overflowed a buffer What Overflows? It Overflows the Stack When we call another procedure, we must save the PC and the current procedure’s working variables inside the CPU We save the information on a last-in first-out block of RAM called the stack If a storage area on the stack is overrun, the data may modify the saved PC
When the procedure is finished, it jumps back to the wrong instructions in RAM The Stack Overflow The Worm Connection Why Does the Shellcode Work? Programs execute from a control section The stack is in the data section If the computer has data execution prevention (DEP), it onl y executes instructions in a control section Not all systems – or programs – can use DEP The Worm Released Released in October 1988 Promptly infected 10% of Internet computers The worm was designed to infect each computer once The restricting code did not work Each computer was infected hundreds of times Infected computers became unusable Spread nationwide between 9pm and 11pm Fighting the Worm Telephone lines were not affected Analysts shared information by phone Many were at a meeting in Berkeley, fortunately As sites cleaned themselves up, they shared status and defensive data via email
Site cleanup was tricky – a “clean” computer had to be hardened against the worm or it would be infected all over again Security Alerts and Coordination The worm incident helped create the Computer Emergency Response Team (CERT) First nationwide, multi-organization computer security team – tracked and reported problems Today, reports are tracked by the Common Vulnerability Enumeration (CVE) Numerous public and private security organizations, like the “Internet Storm Center” Studying Cyber Attacks A systematic analysis, based on attack reports Attack scenarios May study potential or actual attacks Elements are all based on recorded attacks Attack case studies Report actual attacks A scenario that includes threat agent data 23 Attack Scenario Goals – a few sentences describing the goals of the attack. Resources required – personnel, skills, equipment, preparation, timing constraints How it happens – describe how it takes place Collateral results – attack results in addition to the goals noted above Recommended mitigation – basic steps that could prevent the
attack. Acts References – authoritative sources Attack Case Study Overview – summarizes the attack Perpetrator – brief description of threat agent Attack scenario – as described previously Risk management – how pre-attack risk management steps affected the attack’s outcome (omissions or comissions) References – consolidated list including those from the attack scenario Resources Required: Details Skills and/or training – special skills required for the attack Personnel – number and types of people required for the attack Equipment – special equipment required for the attack Preparation time – amount of lead time required to set up the attack Timing constraint – is the attack tied to a particular schedule or event? Access Control Strategies How do we control access? Four strategies: Islands A process is an island Vaults Safe deposit box; access control on a computer Puzzles Cryptography; Kerckhoff/Shannon Patterns Photo IDs; anti-virus; biometrics
An Island On an island, we can only touch what is there Everything else is brought from elsewhere A process can execute its instructions in RAM and modify variables in RAM It can only use resources brought into its RAM It can’t access anything else We restrict a process by not allowing it access to resources “Isolation and mediation” A Vault We can retrieve things from the vault only if allowed Someone/something restricts access Least privilege: we only have access to some items A bank safe deposit box – we have the key The banker lets us retrieve the box We can modify the box contents We can’t retrieve or modify any other boxes Computer access control – a process can retrieve a file or print data if granted the right permissions Puzzles Protect data by presenting a puzzle Authorized users know the puzzle’s answer Security Through Obscurity (STO) A weak puzzle, like protecting data by hiding it Strong puzzles use cryptography (“crypto”) Mathematical techniques to hide or protect data Quality cryptography is very hard to break Weak cryptography is simply a form of STO Open Design: A Basic Principle We open our systems for third-party analysis to help ensure
their effectiveness We withhold changeable, secret information “More eyes make bugs shallow” – Eric Raymond Kerckhoff’s Principle and crypto design Rely on a changeable secret, but make the rest of the design public and open to review Shannon’s Maxim: “The enemy knows the system” Pattern Matching Make decisions based on similarities Photo IDs – guard compares face against poor photo Photos are often laughably inaccurate Anti-virus software Searches computer for patterns found in viruses Must be updated continuously for new viruses Biometrics – fingerprint readers, for example Compare reading against a stored pattern Problems: false positives and false negatives Chain of Control: Another Principle We must never run programs that violate or bypass our security policy. To avoid this, we: Start the computer using a BIOS that maintains our security policy If the software we start (i.e., the OS) can start other software, then the other software either Complies with the security policy, OR Is constrained from violating the policy via access restrictions or other mechanisms Subverting the Chain of Control At the BIOS, we may Boot a different OS from a CD-ROM
Boot a different OS from a USB drive The other OS doesn’t enforce access restrictions Inside the OS, we may Install a privileged (administrative) program that can bypass access restrictions Trick an authorized user into leaking sensitive files Keeping Processes Separate Relies on hardware and software Hardware: two CPU features Program modes RAM protection Software: Operating system features Program dispatcher Memory manager User identities Program Modes Kernel or supervisor mode For highly privileged operating system programs with full CPU access Allows full access to RAM Dangerous! Used as rarely as possible User mode For most programs and all applications CPU blocks any attempt to use kernel mode instructions Personal Computer Evolution 1970s: PCs ran one program at a time Microprocessor CPUs didn’t support multitasking 1980s: Programs politely took turns Allowed several windows to be open at once Illusion of multitasking
1990s: Multitasking in desktop computers Microprocessor CPUs support multitasking Unix on PCs, Windows NT Operating System Protections Originally only available on mainframes and higher-end minicomputer OSes (Unix, VMS) Adapted to desktop OSes during 1990s OS security features Processes must take turns (“dispatching”) Processes are assigned different parts of RAM Processes can’t damage other areas of RAM User-oriented interface and access controls Sharing a Program Screenshots used with permission from Microsoft. Access Matrix A way to specify access permissions Rows for resources or RAM Columns for active entities or processes Sharing Data The problem: Allow two processes to share data stored in RAM Normally we isolate processes from each other This prevents one process from damaging the other one OS provides a separate data section Processes still have exclusive access to own data All shared data resides in this separate section Both processes have RW access to the shared section
Constructing a Security Plan The Security Plan is a detailed assessment A high-level analysis is an overview The Plan contains the details List of assets (see Chapter 1) Full risk assessment (see Chapter 1) Prioritized list of risks (see Chapter 1) Security requirements (see Chapter 1) Implementation – a list of security controls Requirements and Controls Requirements say what we want for protection Controls says what we get For each requirement, pick security controls Each control addresses one or more policy statements Security Plan: Process Protection How does the OS protect processes? Goals: Processes share the CPU Processes may share control sections Processes don’t share RAM except by request Risks: A process monopolizes the CPU A process reads or writes RAM that it shouldn’t Policy and Implementation Six policy statements (Table 2.5 in textbook) Specifies security to be arranged by the dispatcher Specifies when things should happen Security controls (Table 2.5 in textbook)
All are functional controls provided by software Some are steps in the dispatcher procedure Others are features of how the OS ensures that the dispatcher is run or how security is applied 45 image2.jpg image3.jpg image4.jpg image5.jpg image6.jpg image7.jpg image8.jpg image9.jpg image10.jpg image1.jpg Complete the following using the course text, professional journal articles, or other reputable resources (NO WIKIPEDIA or BLOGS). · Find a recent cybersecurity incident. A good resource for this may be the FBI, CERT, CISA, SANS, Verizon DataBreach reports and etc. · Write an attack case study about the incident. Make sure to include all five steps listed in the text (Overview, Perpetrator, Attack Scenario, Risk Management, and References). Paper Requirements: · Format: Microsoft Word · Font: Arial, 12-Point, Double-Space (or equivalent) ·
Citation Style: APA or MLA (The point is to use a style that makes your document readable and give credit to the sources you used.) Length Requirements: · 2–3 pages · Coversheet · List of References Page. · Proofread - Edit for spelling, grammar, punctuation, etc. · Use only course text, professional journal articles, or other reputable resources.

More Related Content

ODP
Portakal Teknoloji Otc Lyon Part 1
bora.gungoren
 
PPT
3e - Computer Crime
MISY
 
PPT
3e - Security And Privacy
MISY
 
PPTX
ppt of features of operating system.pptx
NehaAnand998175
 
PPT
Ch11
Raja Waseem Akhtar
 
PPT
Ch11 system administration
Raja Waseem Akhtar
 
PPTX
installing and optimizing operating system software
ziway
 
PPTX
Operating Systems R20 Unit 1.pptx
Prudhvi668506
 
Portakal Teknoloji Otc Lyon Part 1
bora.gungoren
 
3e - Computer Crime
MISY
 
3e - Security And Privacy
MISY
 
ppt of features of operating system.pptx
NehaAnand998175
 
Ch11
Raja Waseem Akhtar
 
Ch11 system administration
Raja Waseem Akhtar
 
installing and optimizing operating system software
ziway
 
Operating Systems R20 Unit 1.pptx
Prudhvi668506
 

Similar to Chapter 2Controlling a ComputerChapter 2 OverviewOverv (20)

PPT
Digital Immunity -The Myths and Reality
amiable_indian
 
PDF
Incident handling is a clearly defined set of procedures to manage and respon...
Varun Mithran
 
DOCX
Security and Ethical Challenges Contributors Kim Wanders.docx
fathwaitewalter
 
DOCX
Security and Ethical Challenges Contributors Kim Wanders.docx
edgar6wallace88877
 
PPT
OS Security 2009
Deborah Obasogie
 
PDF
Information Security Lecture Notes
FellowBuddy.com
 
ODP
CISSP Week 14
jemtallon
 
PPTX
Protection and security
mbadhi
 
PPTX
Security & protection in operating system
Abou Bakr Ashraf
 
PDF
AI for Ransomware Detection & Prevention Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
PDF
Insecurity vssut
RAVIKUMAR Digital Signal Processing
 
PPT
System Calls and Components of OS . ppt
aparna14patil
 
PPT
3. security architecture and models
7wounders
 
PPT
Ns
Deepenti123
 
PPT
Role of a Forensic Investigator
Agape Inc
 
PDF
Virtualizacion y sistemas operativos por microsoft. Contempla seguridad
AJ florez
 
PDF
Checking Windows for signs of compromise
Cal Bryant
 
PDF
Processing tech malicioussoftware_ecommerce
Chittagong University
 
PPT
Cyber forensics
pranjal dutta
 
PPT
Basic computersecurity
HarshadWadkar
 
Digital Immunity -The Myths and Reality
amiable_indian
 
Incident handling is a clearly defined set of procedures to manage and respon...
Varun Mithran
 
Security and Ethical Challenges Contributors Kim Wanders.docx
fathwaitewalter
 
Security and Ethical Challenges Contributors Kim Wanders.docx
edgar6wallace88877
 
OS Security 2009
Deborah Obasogie
 
Information Security Lecture Notes
FellowBuddy.com
 
CISSP Week 14
jemtallon
 
Protection and security
mbadhi
 
Security & protection in operating system
Abou Bakr Ashraf
 
AI for Ransomware Detection & Prevention Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Insecurity vssut
RAVIKUMAR Digital Signal Processing
 
System Calls and Components of OS . ppt
aparna14patil
 
3. security architecture and models
7wounders
 
Ns
Deepenti123
 
Role of a Forensic Investigator
Agape Inc
 
Virtualizacion y sistemas operativos por microsoft. Contempla seguridad
AJ florez
 
Checking Windows for signs of compromise
Cal Bryant
 
Processing tech malicioussoftware_ecommerce
Chittagong University
 
Cyber forensics
pranjal dutta
 
Basic computersecurity
HarshadWadkar
 
Ad

More from EstelaJeffery653 (20)

DOCX
Individual ProjectMedical TechnologyWed, 9617Num.docx
EstelaJeffery653
 
DOCX
Individual ProjectThe Post-Watergate EraWed, 3817Numeric.docx
EstelaJeffery653
 
DOCX
Individual ProjectArticulating the Integrated PlanWed, 31.docx
EstelaJeffery653
 
DOCX
Individual Multilingualism Guidelines1)Where did the a.docx
EstelaJeffery653
 
DOCX
Individual Implementation Strategiesno new messagesObjectives.docx
EstelaJeffery653
 
DOCX
Individual Refine and Finalize WebsiteDueJul 02View m.docx
EstelaJeffery653
 
DOCX
Individual Cultural Communication Written Assignment  (Worth 20 of .docx
EstelaJeffery653
 
DOCX
Individual ProjectThe Basic Marketing PlanWed, 3117N.docx
EstelaJeffery653
 
DOCX
Individual ProjectFinancial Procedures in a Health Care Organiza.docx
EstelaJeffery653
 
DOCX
Individual Expanded Website PlanView more »Expand view.docx
EstelaJeffery653
 
DOCX
Individual Expanded Website PlanDueJul 02View more .docx
EstelaJeffery653
 
DOCX
Individual Communicating to Management Concerning Information Syste.docx
EstelaJeffery653
 
DOCX
Individual Case Analysis-MatavIn max 4 single-spaced total pag.docx
EstelaJeffery653
 
DOCX
Individual Assignment Report Format• Report should contain not m.docx
EstelaJeffery653
 
DOCX
Include LOCO api that allows user to key in an address and get the d.docx
EstelaJeffery653
 
DOCX
Include the title, the name of the composer (if known) and of the .docx
EstelaJeffery653
 
DOCX
include as many events as possible to support your explanation of th.docx
EstelaJeffery653
 
DOCX
Incorporate the suggestions that were provided by your fellow projec.docx
EstelaJeffery653
 
DOCX
inal ProjectDUE Jun 25, 2017 1155 PMGrade DetailsGradeNA.docx
EstelaJeffery653
 
DOCX
include 1page proposal- short introduction to research paper and yo.docx
EstelaJeffery653
 
Individual ProjectMedical TechnologyWed, 9617Num.docx
EstelaJeffery653
 
Individual ProjectThe Post-Watergate EraWed, 3817Numeric.docx
EstelaJeffery653
 
Individual ProjectArticulating the Integrated PlanWed, 31.docx
EstelaJeffery653
 
Individual Multilingualism Guidelines1)Where did the a.docx
EstelaJeffery653
 
Individual Implementation Strategiesno new messagesObjectives.docx
EstelaJeffery653
 
Individual Refine and Finalize WebsiteDueJul 02View m.docx
EstelaJeffery653
 
Individual Cultural Communication Written Assignment  (Worth 20 of .docx
EstelaJeffery653
 
Individual ProjectThe Basic Marketing PlanWed, 3117N.docx
EstelaJeffery653
 
Individual ProjectFinancial Procedures in a Health Care Organiza.docx
EstelaJeffery653
 
Individual Expanded Website PlanView more »Expand view.docx
EstelaJeffery653
 
Individual Expanded Website PlanDueJul 02View more .docx
EstelaJeffery653
 
Individual Communicating to Management Concerning Information Syste.docx
EstelaJeffery653
 
Individual Case Analysis-MatavIn max 4 single-spaced total pag.docx
EstelaJeffery653
 
Individual Assignment Report Format• Report should contain not m.docx
EstelaJeffery653
 
Include LOCO api that allows user to key in an address and get the d.docx
EstelaJeffery653
 
Include the title, the name of the composer (if known) and of the .docx
EstelaJeffery653
 
include as many events as possible to support your explanation of th.docx
EstelaJeffery653
 
Incorporate the suggestions that were provided by your fellow projec.docx
EstelaJeffery653
 
inal ProjectDUE Jun 25, 2017 1155 PMGrade DetailsGradeNA.docx
EstelaJeffery653
 
include 1page proposal- short introduction to research paper and yo.docx
EstelaJeffery653
 
Ad

Recently uploaded (20)

PPTX
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PPTX
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
PPTX
Pharma ospi slides which help in ospi learning
rameetkumar304
 
PDF
Computing-Curriculum for Schools in Ghana
abigailanane203
 
PPTX
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
PPTX
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
PDF
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
PDF
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
PDF
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
PPTX
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
PDF
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PPTX
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
PDF
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
PDF
Classroom Observation Tools for Teachers
Nicaramirez
 
PPTX
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
PPTX
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
PPTX
master seminar digital applications in india
ananyaray35
 
PDF
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
PDF
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
PPTX
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 
Final Presentation General Medicine 03-08-2024.pptx
ZaheerAhmad228692
 
PPT- ENG7_QUARTER1_LESSON1_WEEK1. IMAGERY -DESCRIPTIONS pptx.pptx
KMDee
 
Pharma ospi slides which help in ospi learning
rameetkumar304
 
Computing-Curriculum for Schools in Ghana
abigailanane203
 
Renaissance Architecture: A Journey from Faith to Humanism
DrMonicaSharma
 
1st Inaugural Professorial Lecture held on 19th February 2020 (Governance and...
kawisojames10
 
Chapter 2 Heredity, Prenatal Development, and Birth.pdf
MarjorieLopezTiu
 
Physiotherapy_for_Respiratory_and_Cardiac_Problems WEBBER.pdf
DrMONISHAphysio
 
O7-L3 Supply Chain Operations - ICLT Program
labyankof
 
Cell Structure & Organelles in detailed.
DHANASHREESIVAKUMAR
 
grade 11-chemistry_fetena_net_5883.pdf teacher guide for all student
banteamlakmebratu738
 
PPH.pptx obstetrics and gynecology in nursing
SrideviDevaraj5
 
The Lost Whites of Pakistan by Jahanzaib Mughal.pdf
jahanzaibmughal6
 
Classroom Observation Tools for Teachers
Nicaramirez
 
Introduction_to_Human_Anatomy_and_Physiology_for_B.Pharm.pptx
chetansingh379583
 
Cell Types and Its function , kingdom of life
ClaireMangundayao1
 
master seminar digital applications in india
ananyaray35
 
STATICS OF THE RIGID BODIES Hibbelers.pdf
pascualasturiaskaye4
 
102 student loan defaulters named and shamed – Is someone you know on the list?
Kweku Zurek
 
school management -TNTEU- B.Ed., Semester II Unit 1.pptx
NihumathunnisaH
 

Chapter 2Controlling a ComputerChapter 2 OverviewOverv

  • 1. Chapter 2 Controlling a Computer Chapter 2 Overview Overview of the general strategies for controlling access Buffer overflow: a well-known technique for subverting computer software Introduction to attack scenarios and case studies Mechanisms typically used to control access within a computer Security planning: describing the protections needed and how to implement them CPU Hardware: Motherboard Left: © iStockphoto/Thinkstock; Middle: © Péter Gudella/Dreamstime.com; Right: Courtesy of Dr. Richard Smith. Programs Data resides in RAM Numbers and other coded data Examined and modified by programs Stored in consecutively numbered locations Programs are lists of instructions Instructions reside in RAM Each is a single arithmetic operation or comparison Stored in consecutively numbered locations Executing a Machine Instruction
  • 2. Left: Courtesy of Dr. Richard Smith; Right: © iStockphoto/Thinkstock Organizing RAM into “Sections” Control sections Contain instructions to execute Contain unchanging data Data sections Contain variables that change Contain “free form” RAM Buffers, stacks Control and Data Sections Functions, Procedures, Subroutines We break programs into pieces A piece with a particular job = function or procedure or subroutine, all roughly the same One function can execute another function PC is pointed to the called function’s address We save the current function’s “state” Saving the variables and the caller’s PC Saved in RAM, often on a “stack” One Function Calls Another Function We save the program counter in the “calling function” We execute the instructions in the “called function” At the end of the “called function” we restore the program counter This returns the CPU to where the “calling function” left off
  • 3. Processes A program is a group of instructions A process is a running program Its PC is, or can be, changing It has some RAM with instructions and data Windows example Run two command shells One program, two processes Looking at processes with the Task Manager List Applications; List Processes Switching Processes The “dispatcher” procedure in the operating system (OS) switches running processes Stops (pauses) one process and starts another Save the PC for the stopped process Save other CPU data from the stopped process Locate the “saved state” for the one to start Load up the saved CPU data for the process Load the PC with the starting process’s PC value The Operating System Dispatching and process management is only one of its many tasks. RAM management – assigns RAM to active processes and manages free RAM I/O management – handles external devices File management – hard drives & mass storage User interface management – keyboards and GUIs Network protocols – connect to other computers
  • 4. Buffer Overflow: The Morris Worm Morris Worm – first major Internet worm 1988 – disabled about 10% of Internet computers Used several attacks Buffer overflow vulnerability A program fails to keep track of its input The input data modifies RAM that it shouldn’t Attacker can take over the computer if the wrong RAM gets modified The “finger” Program Retrieved information about other users Rarely used today Command “finger [email protected]” Retrieved information about JSL at BU.EDU If the sender typed too many letters, like: finger [email protected] XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX and so on… the program overflowed a buffer What Overflows? It Overflows the Stack When we call another procedure, we must save the PC and the current procedure’s working variables inside the CPU We save the information on a last-in first-out block of RAM called the stack If a storage area on the stack is overrun, the data may modify the saved PC
  • 5. When the procedure is finished, it jumps back to the wrong instructions in RAM The Stack Overflow The Worm Connection Why Does the Shellcode Work? Programs execute from a control section The stack is in the data section If the computer has data execution prevention (DEP), it onl y executes instructions in a control section Not all systems – or programs – can use DEP The Worm Released Released in October 1988 Promptly infected 10% of Internet computers The worm was designed to infect each computer once The restricting code did not work Each computer was infected hundreds of times Infected computers became unusable Spread nationwide between 9pm and 11pm Fighting the Worm Telephone lines were not affected Analysts shared information by phone Many were at a meeting in Berkeley, fortunately As sites cleaned themselves up, they shared status and defensive data via email
  • 6. Site cleanup was tricky – a “clean” computer had to be hardened against the worm or it would be infected all over again Security Alerts and Coordination The worm incident helped create the Computer Emergency Response Team (CERT) First nationwide, multi-organization computer security team – tracked and reported problems Today, reports are tracked by the Common Vulnerability Enumeration (CVE) Numerous public and private security organizations, like the “Internet Storm Center” Studying Cyber Attacks A systematic analysis, based on attack reports Attack scenarios May study potential or actual attacks Elements are all based on recorded attacks Attack case studies Report actual attacks A scenario that includes threat agent data 23 Attack Scenario Goals – a few sentences describing the goals of the attack. Resources required – personnel, skills, equipment, preparation, timing constraints How it happens – describe how it takes place Collateral results – attack results in addition to the goals noted above Recommended mitigation – basic steps that could prevent the
  • 7. attack. Acts References – authoritative sources Attack Case Study Overview – summarizes the attack Perpetrator – brief description of threat agent Attack scenario – as described previously Risk management – how pre-attack risk management steps affected the attack’s outcome (omissions or comissions) References – consolidated list including those from the attack scenario Resources Required: Details Skills and/or training – special skills required for the attack Personnel – number and types of people required for the attack Equipment – special equipment required for the attack Preparation time – amount of lead time required to set up the attack Timing constraint – is the attack tied to a particular schedule or event? Access Control Strategies How do we control access? Four strategies: Islands A process is an island Vaults Safe deposit box; access control on a computer Puzzles Cryptography; Kerckhoff/Shannon Patterns Photo IDs; anti-virus; biometrics
  • 8. An Island On an island, we can only touch what is there Everything else is brought from elsewhere A process can execute its instructions in RAM and modify variables in RAM It can only use resources brought into its RAM It can’t access anything else We restrict a process by not allowing it access to resources “Isolation and mediation” A Vault We can retrieve things from the vault only if allowed Someone/something restricts access Least privilege: we only have access to some items A bank safe deposit box – we have the key The banker lets us retrieve the box We can modify the box contents We can’t retrieve or modify any other boxes Computer access control – a process can retrieve a file or print data if granted the right permissions Puzzles Protect data by presenting a puzzle Authorized users know the puzzle’s answer Security Through Obscurity (STO) A weak puzzle, like protecting data by hiding it Strong puzzles use cryptography (“crypto”) Mathematical techniques to hide or protect data Quality cryptography is very hard to break Weak cryptography is simply a form of STO Open Design: A Basic Principle We open our systems for third-party analysis to help ensure
  • 9. their effectiveness We withhold changeable, secret information “More eyes make bugs shallow” – Eric Raymond Kerckhoff’s Principle and crypto design Rely on a changeable secret, but make the rest of the design public and open to review Shannon’s Maxim: “The enemy knows the system” Pattern Matching Make decisions based on similarities Photo IDs – guard compares face against poor photo Photos are often laughably inaccurate Anti-virus software Searches computer for patterns found in viruses Must be updated continuously for new viruses Biometrics – fingerprint readers, for example Compare reading against a stored pattern Problems: false positives and false negatives Chain of Control: Another Principle We must never run programs that violate or bypass our security policy. To avoid this, we: Start the computer using a BIOS that maintains our security policy If the software we start (i.e., the OS) can start other software, then the other software either Complies with the security policy, OR Is constrained from violating the policy via access restrictions or other mechanisms Subverting the Chain of Control At the BIOS, we may Boot a different OS from a CD-ROM
  • 10. Boot a different OS from a USB drive The other OS doesn’t enforce access restrictions Inside the OS, we may Install a privileged (administrative) program that can bypass access restrictions Trick an authorized user into leaking sensitive files Keeping Processes Separate Relies on hardware and software Hardware: two CPU features Program modes RAM protection Software: Operating system features Program dispatcher Memory manager User identities Program Modes Kernel or supervisor mode For highly privileged operating system programs with full CPU access Allows full access to RAM Dangerous! Used as rarely as possible User mode For most programs and all applications CPU blocks any attempt to use kernel mode instructions Personal Computer Evolution 1970s: PCs ran one program at a time Microprocessor CPUs didn’t support multitasking 1980s: Programs politely took turns Allowed several windows to be open at once Illusion of multitasking
  • 11. 1990s: Multitasking in desktop computers Microprocessor CPUs support multitasking Unix on PCs, Windows NT Operating System Protections Originally only available on mainframes and higher-end minicomputer OSes (Unix, VMS) Adapted to desktop OSes during 1990s OS security features Processes must take turns (“dispatching”) Processes are assigned different parts of RAM Processes can’t damage other areas of RAM User-oriented interface and access controls Sharing a Program Screenshots used with permission from Microsoft. Access Matrix A way to specify access permissions Rows for resources or RAM Columns for active entities or processes Sharing Data The problem: Allow two processes to share data stored in RAM Normally we isolate processes from each other This prevents one process from damaging the other one OS provides a separate data section Processes still have exclusive access to own data All shared data resides in this separate section Both processes have RW access to the shared section
  • 12. Constructing a Security Plan The Security Plan is a detailed assessment A high-level analysis is an overview The Plan contains the details List of assets (see Chapter 1) Full risk assessment (see Chapter 1) Prioritized list of risks (see Chapter 1) Security requirements (see Chapter 1) Implementation – a list of security controls Requirements and Controls Requirements say what we want for protection Controls says what we get For each requirement, pick security controls Each control addresses one or more policy statements Security Plan: Process Protection How does the OS protect processes? Goals: Processes share the CPU Processes may share control sections Processes don’t share RAM except by request Risks: A process monopolizes the CPU A process reads or writes RAM that it shouldn’t Policy and Implementation Six policy statements (Table 2.5 in textbook) Specifies security to be arranged by the dispatcher Specifies when things should happen Security controls (Table 2.5 in textbook)
  • 13. All are functional controls provided by software Some are steps in the dispatcher procedure Others are features of how the OS ensures that the dispatcher is run or how security is applied 45 image2.jpg image3.jpg image4.jpg image5.jpg image6.jpg image7.jpg image8.jpg image9.jpg image10.jpg image1.jpg Complete the following using the course text, professional journal articles, or other reputable resources (NO WIKIPEDIA or BLOGS). · Find a recent cybersecurity incident. A good resource for this may be the FBI, CERT, CISA, SANS, Verizon DataBreach reports and etc. · Write an attack case study about the incident. Make sure to include all five steps listed in the text (Overview, Perpetrator, Attack Scenario, Risk Management, and References). Paper Requirements: · Format: Microsoft Word · Font: Arial, 12-Point, Double-Space (or equivalent) ·
  • 14. Citation Style: APA or MLA (The point is to use a style that makes your document readable and give credit to the sources you used.) Length Requirements: · 2–3 pages · Coversheet · List of References Page. · Proofread - Edit for spelling, grammar, punctuation, etc. · Use only course text, professional journal articles, or other reputable resources.