CSE 513 I ntroduction to Operating Systems Class 10 - Security J - - PowerPoint PPT Presentation
CSE 513 I ntroduction to Operating Systems Class 10 - Security J onat han Walpole Dept . of Comp. Sci. and Eng. Oregon Healt h and Science Universit y Overview I ntro to cryptography tools one-way f unct ions, public vs pr ivat e key
I ntro to cryptography tools
hash f unct ions, and digit al signat ur es
Protection domains and protection mechanisms User authentication I nternal attacks
Tr oj an hor ses, spoof ing, logic bombs, t r ap door s,
buf f er over f low at t acks
External attacks
Vir uses, wor ms, mobile code, sand boxing,
int er pr et at ion
Conf ident ialit y - Abilit y t o prot ect secret s I nt egrit y -Abilit y t o prot ect t he dat a cont ent s Availabilit y - Abilit y t o cont inue t o operat e
User st upidit y (bad def ault set t ings f rom companies) I nsider snooping Out sider snooping Blat ant at t acks (viruses and worms) Bot s!
U malf unct ion, bad disk, program bugs
Example: mono- alphabetic substitution
Plaint ext : ABCDEFGHIJKLMNOPQRSTUVWXYZ Cypher t ext : QWERTYUIOPASDFGHJKLZXCVBNM
Given the encryption key (QWERTYUI OPASDFGHJKLZXCVBNM),
easy t o f ind decr ypt ion key using st at ist ical
pr oper t ies of nat ur al language (common let t er s and digr ams)
…
despit e size of sear ch space of 26! possible keys
Function should be more complex and search
Mangler f unction
based on splitting, rotating, bit extraction and combination
Fast f or encryption and decryption Dif f icult to break analytically Subject to brute f orce attacks
as comput er s get f ast er must incr ease t he number
Main problem
how t o dist r ibut e t he keys in t he f ir st place?
Use dif f erent keys f or encryption and decryption Knowing the encryption key doesn’t help you decrypt
t he encr ypt ion key can be made public encr ypt ion key is given t o sender decr ypt ion key is held pr ivat ely by t he r eceiver
But how does it work?
Asymmetric (one- way) f unctions
given f unct ion f it is easy t o evaluat e y = f (x) but given y it s comput at ionally inf easible t o f ind x
Trivial example of an asymmetric f unction
encr ypt ion: y = x 2 decr ypt ion: x = squar er oot (y)
Challenge
f inding a f unct ion wit h st r ong secur it y pr oper t ies but
ef f icient encr ypt ion and decr ypt ion
= mi < n
ci = mi
e (mod n)
mi = ci
d (mod n)
RSA is more secure than DES RSA requires 100- 1000 times more computation
RSA can be used to exchange private DES keys DES can be used f or message contents
Hash f unctions h = H(m) are one way f unctions
can’t f ind input m f r om out put h easy t o comput e h f r om m
Weak collision resistance
given m and h = H(m) dif f icult t o f ind dif f er ent
input m’ such t hat H(m) = H(m’)
Strong collision resistance
given H it is dif f icult t o f ind any t wo dif f er ent input
values m and m’ such t hat H(m) = H(m’)
They typically generate a short f ixed length
MD5 - (Message Digest)
pr oduces a 16 byt e r esult
SHA - (Secure Hash Algorithm)
pr oduces a 20 byt e r esult
The structure of MD5
pr oduces a 128-bit digest f r om a set of 512-bit blocks k block digest s r equir e k phases of pr ocessing each wit h
f our r ounds of pr ocessing t o pr oduce one message digest
Each phase involves f or rounds of processing
F (x,y,z) = (x AND y) OR ((NOT x) AND z) G (x,y,z) = (x AND z) OR (y AND (NOT z)) H (x,y,z) = x XOR y XOR z I (x,y,z) = y XOR (x OR (NOT z))
MD5 using f unction F
To verif y the integrity of data
if t he dat a has changed t he hash will change (weak
and st r ong collision r esist ance pr oper t ies)
To “sign” or “certif y” data or sof tware
Computing a signature block What the receiver gets
(b)
Private key of A Public key of A Secret key shared by A and B KA, B Descr ipt ion Not at ion K
A +
K
A −
Private key of A Public key of A Secret key shared by A and B KA, B Descr ipt ion Not at ion K
A +
K
A −
Every process executes in some protection domain
det er mined by it s cr eat or , aut hent icat ed at login t ime
OS mechanisms f or switching protection domains
syst em calls set UI D capabilit y on execut able f ile r e-aut hent icat ing user
Domain
Domain
Domain matrix is typically large and sparse
inef f icient t o st or e t he whole t hing st or e occupied columns only, wit h t he r esour ce? - ACLs st or e occupied r ows only, wit h t he domain? - Capabilit ies
Two access control lists with user names and
Domain
Domain matrix is typically large and sparse
inef f icient t o st or e t he whole t hing st or e occupied columns only, wit h t he r esour ce? - ACLs st or e occupied r ows only, wit h t he domain? - Capabilit ies
Each process has a capability list
f (Objects, Rights, Check) Rights Object Server
How a cracker broke into LBL
a U.S. Dept . of Ener gy r esear ch lab
The use of salt to def eat precomputation of
salt changes each t ime passwor d changes incr eases t he size of t he sear ch space
Magnetic cards
magnet ic st r ipe car ds chip car ds: st or ed value car ds, smar t car ds
Authentication - making sure the user is the user Attacks include
Placement of passwor ds in t he clear
Net wor k packet snif f ers
Snooping
Aut omat ed bot s
Limiting times when someone can log in Automatic callback at number prespecif ied Limited number of login tries Keep a database of all logins Honey pot
leave simple login name/ passwor d as a t r ap secur it y per sonnel not if ied when at t acker bit es
Better passwords
No dict ionar y wor ds, special char act er s, longer
Don’t give up inf ormation
Login pr ompt s or any ot her t ime
One time passwords
Sat ellit e dr iven secur it y car ds
Limited- time passwords
Annoying but ef f ect ive
Challenge- response pairs
Ask quest ions
Physical authentication combined with passwords
Free program made available to unsuspecting user
Act ually cont ains code t o do har m
Place altered version of utility program on victim' s
t r ick user int o r unning t hat pr ogr am example, ls at t ack
Trick the user into executing something they
Revenge driven attack Company programmer writes program
pot ent ial t o do har m OK as long as he/ she ent er s passwor d daily if pr ogr ammer f ir ed, no passwor d and bomb “explodes”
(a) Situation when main program is running (b) Af ter program A called (c) Buf f er overf low shown in gray
The basic idea
exploit lack of bounds checking t o over wr it e r et ur n
addr ess and t o inser t new r et ur n addr ess and code at t hat addr ess
exploit lack of separ at ion bet ween st ack and code
(abilit y t o execut e bot h)
allows user (at t acker ) code t o be placed in a set
UI D r oot pr ocess and hence execut ed in a mor e pr ivileged pr ot ect ion domain
Request memory, disk space, tapes and just read Try illegal system calls Start a login and hit DEL, RUBOUT, or BREAK Try modif ying complex OS structures Try to do specif ied DO NOTs Convince a system programmer to add a trap door Beg someone with access to help a poor user who
The TENEX password problem
r equir es 128n t r ies inst ead of 128n
External threat
code t r ansmit t ed t o t ar get machine code execut ed t her e, doing damage may ut ilize an int er nal at t ack t o gain mor e pr ivilege
(ie. Buf f er over f low)
Goals of virus writer
quickly spr eading vir us dif f icult t o det ect har d t o get r id of
Virus = program that can reproduce itself
at t ach it s code t o anot her pr ogr am
Blackmail Denial of service as long as virus runs Permanently damage hardware Target a competitor' s computer
do har m espionage
I ntra- corporate dirty tricks
sabot age anot her cor por at e of f icer ' s f iles
Virus written in assembly language I nserted into another program
use t ool called a “dropper”
Virus dormant until program executed
t hen inf ect s ot her programs event ually execut es it s “payload”
recaptured it
Virus placed where likely to be copied or
When it arrives at a new machine
inf ect s pr ogr ams on har d dr ive, f loppy may t r y t o spr ead over LAN
Attach to innocent looking email
when it r uns, use mailing list t o r eplicat e f ur t her
(a) A program (b) I nf ected program (c) Compressed inf ected program (d) Encrypted virus (e) Compressed virus with encrypted compression code
Examples of a polymorphic virus
All of t hese examples do t he same t hing
I ntegrity checkers
use checksums on execut able f iles hide checksums t o pr event t amper ing? encr ypt checksums and keep key pr ivat e
Behavioral checkers
cat ch syst em calls and check f or suspicious act ivit y what does “nor mal” act ivit y look like?
Virus avoidance
good OS inst all only shr ink-wr apped sof t war e use ant ivir us sof t war e do not click on at t achment s t o email f r equent backups
Recovery f rom virus attack
halt comput er , r eboot f r om saf e disk, r un ant ivir us
Robert Morris constructed the f irst I nternet
Consist ed of t wo pr ogr ams
Wor m f ir st hid it s exist ence t hen r eplicat ed it self
Focused on t hr ee f laws in UNI X
I t was too aggressive and he was caught
Denial of service (DoS) attacks
Examples of known at t acks
– Ping of death – large ping packets – Teardrop – overlapping I P segments
Usually prevented by some sort of f irewall but
(a) Memory divided into 1- MB sandboxes
each applet has t wo sandboxed f or code and dat a some st at ic checking of addresses
(b) Code inserted f or runtime checking of dynamic target addresses
member s
Client , server and collaborat or processes Encapsulat ed server can st ill leak t o collaborat or via covert channels
Pictures appear the same Picture on right has text of 5 Shakespeare plays
encrypt ed, insert ed int o low order bit s of color values
Zebras Hamlet , Macbet h, J ulius Caesar Merchant of Venice, King Lear
Trusted Computing Base
here also