This document discusses operating system security concepts from the textbook "Operating System Concepts" by Silberschatz and Galvin. It covers topics such as the security problem, authentication, program threats like trojan horses and trap doors, system threats like worms and viruses, threat monitoring, and encryption. The goal of security is to protect systems from unauthorized access, malicious modification, and accidental inconsistency while being easier to protect against accidents than malicious attacks.
Professional drones are now actively used across various industries to perform daily critical operations. In this awareness session, Nils Rodday will perform a live hack which exploits vulnerabilities of the professional drone and effectively compromises the security of the system to take over control. His session will also discuss practical fixes and approaches for remediating these issues.
(Source: RSA USA 2016-San Francisco)
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONGCODE BLUE
Recently, drone systems are rapidly taking over markets around the world, and drone systems are also made and developed rapidly as well. However, its security aren’t in the same way as you think.
I am going to demonstrate you how to ultimately compromise a drone by using drone's convenient features. My malware, also known as HSDrone, enables itself to spread from one device to an another and takes privileges over to compromise and control them.
Master Serial Killer - DEF CON 22 - ICS VillageChris Sistrunk
Updated slides on Master Serial Killer from Adam Crain and Chris Sistrunk's research on ICS Protocol Vulnerabilities called Project Robus, the Aegis Fuzzer, and mitigations of these vulnerabilities.
Defcon through the_eyes_of_the_attacker_2018_slidesMarina Krotofil
Through the Eyes of the Attacker: Designing Embedded Systems Exploits for Industrial Control Systems
In 2017 a malware framework dubbed TRITON (also referred to as TRISIS or HatMan) was discovered targeting a petrochemical plant in Saudi Arabia. TRITON was designed to compromise the Schneider Electric Triconex line of Safety Instrumented Systems (SIS), potentially in order to cause physical damage. TRITON is the most complex publicly known ICS attack framework to date and the first publicly known one to target safety controllers. While the functionality of the malware is understood, little is known about the complexity of developing such an implant. The goal of this talk is to provide the audience with a “through the eyes of the attacker” experience in designing advanced embedded systems exploits & implants for Industrial Control Systems (ICS). Attendees will learn about the background of the TRITON incident, the process of reverse-engineering and exploiting ICS devices and developing implants and OT payloads as part of a cyber-physical attack and will be provided with details on real-world ICS vulnerabilities and implant strategies.
In the first part of the talk we will provide an introduction to ICS attacks in general and the TRITON incident in particular. We will outline the danger of TRITON being repurposed by copycats and estimate the complexity and development cost of such offensive ICS capabilities.
In the second and third parts of the talk we will discuss the process of exploiting ICS devices to achieve code execution and developing ICS implants and OT payloads. We will discuss real-world ICS vulnerabilities and present several implant scenarios such as arbitrary code execution backdoors (as used in TRITON), pin configuration attacks, protocol handler hooking to spoof monitored signal values, suppressing interrupts & alarm functionality, preventing implant removal and control logic restoration and achieving cross-boot persistence. We will discuss several possible OT payload scenarios and how these could be implemented on ICS devices such as the Triconex safety controllers.
In the final part of the talk we'll wrap up our assessment of the complexity & cost of developing offensive ICS capabilities such as the TRITON attack and offer recommendations to defenders and ICS vendors.
Professional drones are now actively used across various industries to perform daily critical operations. In this awareness session, Nils Rodday will perform a live hack which exploits vulnerabilities of the professional drone and effectively compromises the security of the system to take over control. His session will also discuss practical fixes and approaches for remediating these issues.
(Source: RSA USA 2016-San Francisco)
CODE BLUE 2014 : Drone attack by malware and network hacking by DONGCHEOL HONGCODE BLUE
Recently, drone systems are rapidly taking over markets around the world, and drone systems are also made and developed rapidly as well. However, its security aren’t in the same way as you think.
I am going to demonstrate you how to ultimately compromise a drone by using drone's convenient features. My malware, also known as HSDrone, enables itself to spread from one device to an another and takes privileges over to compromise and control them.
Master Serial Killer - DEF CON 22 - ICS VillageChris Sistrunk
Updated slides on Master Serial Killer from Adam Crain and Chris Sistrunk's research on ICS Protocol Vulnerabilities called Project Robus, the Aegis Fuzzer, and mitigations of these vulnerabilities.
Defcon through the_eyes_of_the_attacker_2018_slidesMarina Krotofil
Through the Eyes of the Attacker: Designing Embedded Systems Exploits for Industrial Control Systems
In 2017 a malware framework dubbed TRITON (also referred to as TRISIS or HatMan) was discovered targeting a petrochemical plant in Saudi Arabia. TRITON was designed to compromise the Schneider Electric Triconex line of Safety Instrumented Systems (SIS), potentially in order to cause physical damage. TRITON is the most complex publicly known ICS attack framework to date and the first publicly known one to target safety controllers. While the functionality of the malware is understood, little is known about the complexity of developing such an implant. The goal of this talk is to provide the audience with a “through the eyes of the attacker” experience in designing advanced embedded systems exploits & implants for Industrial Control Systems (ICS). Attendees will learn about the background of the TRITON incident, the process of reverse-engineering and exploiting ICS devices and developing implants and OT payloads as part of a cyber-physical attack and will be provided with details on real-world ICS vulnerabilities and implant strategies.
In the first part of the talk we will provide an introduction to ICS attacks in general and the TRITON incident in particular. We will outline the danger of TRITON being repurposed by copycats and estimate the complexity and development cost of such offensive ICS capabilities.
In the second and third parts of the talk we will discuss the process of exploiting ICS devices to achieve code execution and developing ICS implants and OT payloads. We will discuss real-world ICS vulnerabilities and present several implant scenarios such as arbitrary code execution backdoors (as used in TRITON), pin configuration attacks, protocol handler hooking to spoof monitored signal values, suppressing interrupts & alarm functionality, preventing implant removal and control logic restoration and achieving cross-boot persistence. We will discuss several possible OT payload scenarios and how these could be implemented on ICS devices such as the Triconex safety controllers.
In the final part of the talk we'll wrap up our assessment of the complexity & cost of developing offensive ICS capabilities such as the TRITON attack and offer recommendations to defenders and ICS vendors.
Understanding Hacker Tools and Techniques: A live Demonstration EnergySec
Presented by: Monta Elkins, FoxGuard Solutions
Abstract: Learn what the hackers know. See the tools used by hackers to scan your networks, guess your passwords, and break into your un-patched Windows® XP systems to take full control in this live demonstration. Use the knowledge you gain to better prepare yourself and your systems against attacks.
Droidcon it 2015: Android Lollipop for EnterpriseConsulthinkspa
With the latest major release of the Android OS, codenamed “Lollipop”, Google is playing its best cards to enter the enterprise market. Android 5.0 Lollipop has introduced new features, security enhancement and upgraded API for device management; it can now be considered a mature operating system to be used in critical environment and a potential major player in the enterprise world. The talk will explore new features such as the “kill switch” factory reset, the smart lock functionality and other innovative security features and improvements. The session will end with a deep technical discussion on the device management extensions offered by Android; it will focus on the new “managed profile” feature for “containerization technology”, based on the integration of Samsung‘s KNOX platform, which offers the ability to run enterprise applications in a secure protected environment and to keep the working and personal spaces independent from each other.
D1 t1 t. yunusov k. nesterov - bootkit via smsqqlan
Having developed a test set, we started to research how safe it is for clients to use 4G networks of the telecommunication companies. During the research we have tested SIM-cards, 4G USB modems, radio components, IP access network. First of all we looked for the vulnerabilities that could be exploited remotely, via IP or radio network.
And the result was not late in arriving. In some cases we managed to attack SIM-cards and install a malicious Java applet there, we were able to update remotely USB modem firmware, to change password on a selfcare portal via SMS and even to get access to the internal technological network of a carrier.
Further attack evolution helped to understand how it is possible to use a simple SMS as an exploit that is able not only to compromise a USB modem and all the communications that go through it, but also to install bootkit on a box, that this modem is connected to.
Understanding Hacker Tools and Techniques: A live Demonstration EnergySec
Presented by: Monta Elkins, FoxGuard Solutions
Abstract: Learn what the hackers know. See the tools used by hackers to scan your networks, guess your passwords, and break into your un-patched Windows® XP systems to take full control in this live demonstration. Use the knowledge you gain to better prepare yourself and your systems against attacks.
Droidcon it 2015: Android Lollipop for EnterpriseConsulthinkspa
With the latest major release of the Android OS, codenamed “Lollipop”, Google is playing its best cards to enter the enterprise market. Android 5.0 Lollipop has introduced new features, security enhancement and upgraded API for device management; it can now be considered a mature operating system to be used in critical environment and a potential major player in the enterprise world. The talk will explore new features such as the “kill switch” factory reset, the smart lock functionality and other innovative security features and improvements. The session will end with a deep technical discussion on the device management extensions offered by Android; it will focus on the new “managed profile” feature for “containerization technology”, based on the integration of Samsung‘s KNOX platform, which offers the ability to run enterprise applications in a secure protected environment and to keep the working and personal spaces independent from each other.
D1 t1 t. yunusov k. nesterov - bootkit via smsqqlan
Having developed a test set, we started to research how safe it is for clients to use 4G networks of the telecommunication companies. During the research we have tested SIM-cards, 4G USB modems, radio components, IP access network. First of all we looked for the vulnerabilities that could be exploited remotely, via IP or radio network.
And the result was not late in arriving. In some cases we managed to attack SIM-cards and install a malicious Java applet there, we were able to update remotely USB modem firmware, to change password on a selfcare portal via SMS and even to get access to the internal technological network of a carrier.
Further attack evolution helped to understand how it is possible to use a simple SMS as an exploit that is able not only to compromise a USB modem and all the communications that go through it, but also to install bootkit on a box, that this modem is connected to.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Honest Reviews of Tim Han LMA Course Program.pptxtimhan337
Personal development courses are widely available today, with each one promising life-changing outcomes. Tim Han’s Life Mastery Achievers (LMA) Course has drawn a lot of interest. In addition to offering my frank assessment of Success Insider’s LMA Course, this piece examines the course’s effects via a variety of Tim Han LMA course reviews and Success Insider comments.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
1. Operating System Concepts Silberschatz and Galvin199920.1Operating System Concepts Silberschatz and Galvin19995.1Operating System Concepts Silberschatz and Galvin 19994.1
1 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
O P E R A T I N G S Y S T E M S
Module 20 : Security
• The Security Problem
• Authentication
• Program Threats
• System Threats
• Threat Monitoring
• Encryption
2. Operating System Concepts Silberschatz and Galvin199920.2Operating System Concepts Silberschatz and Galvin19995.2Operating System Concepts Silberschatz and Galvin 19994.2
2 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Module 20: Security
• The Security Problem
• Authentication
• Program Threats
• System Threats
• Threat Monitoring
• Encryption
3. Operating System Concepts Silberschatz and Galvin199920.3Operating System Concepts Silberschatz and Galvin19995.3Operating System Concepts Silberschatz and Galvin 19994.3
3 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
The Security Problem
• Security must consider external environment of the system, and
protect it from:
– unauthorized access.
– malicious modification or destruction
– accidental introduction of inconsistency.
• Easier to protect against accidental than malicious misuse.
4. Operating System Concepts Silberschatz and Galvin199920.4Operating System Concepts Silberschatz and Galvin19995.4Operating System Concepts Silberschatz and Galvin 19994.4
4 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Authentication
• User identity most often established through passwords, can be
considered a special case of either keys or capabilities.
• Passwords must be kept secret.
– Frequent change of passwords.
– Use of “non-guessable” passwords.
– Log all invalid access attempts.
5. Operating System Concepts Silberschatz and Galvin199920.5Operating System Concepts Silberschatz and Galvin19995.5Operating System Concepts Silberschatz and Galvin 19994.5
5 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Program Threats
• Trojan Horse
– Code segment that misuses its environment.
– Exploits mechanisms for allowing programs written by users
to be executed by other users.
• Trap Door
– Specific user identifier or password that circumvents normal
security procedures.
– Could be included in a compiler.
6. Operating System Concepts Silberschatz and Galvin199920.6Operating System Concepts Silberschatz and Galvin19995.6Operating System Concepts Silberschatz and Galvin 19994.6
6 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
System Threats
• Worms – use spawn mechanism; standalone program
• Internet worm
– Exploited UNIX networking features (remote access) and
bugs in finger and sendmail programs.
– Grappling hook program uploaded main worm program.
• Viruses – fragment of code embedded in a legitimate program.
– Mainly effect microcomputer systems.
– Downloading viral programs from public bulletin boards or
exchanging floppy disks containing an infection.
– Safe computing.
7. Operating System Concepts Silberschatz and Galvin199920.7Operating System Concepts Silberschatz and Galvin19995.7Operating System Concepts Silberschatz and Galvin 19994.7
7 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
The Morris Internet Worm
8. Operating System Concepts Silberschatz and Galvin199920.8Operating System Concepts Silberschatz and Galvin19995.8Operating System Concepts Silberschatz and Galvin 19994.8
8 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Threat Monitoring
• Check for suspicious patterns of activity – i.e., several incorrect
password attempts may signal password guessing.
• Audit log – records the time, user, and type of all accesses to an
object; useful for recovery from a violation and developing better
security measures.
• Scan the system periodically for security holes; done when the
computer is relatively unused.
9. Operating System Concepts Silberschatz and Galvin199920.9Operating System Concepts Silberschatz and Galvin19995.9Operating System Concepts Silberschatz and Galvin 19994.9
9 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Threat Monitoring (Cont.)
• Check for:
– Short or easy-to-guess passwords
– Unauthorized set-uid programs
– Unauthorized programs in system directories
– Unexpected long-running processes
– Improper directory protections
– Improper protections on system data files
– Dangerous entries in the program search path (Trojan
horse)
– Changes to system programs: monitor checksum values
10. Operating System Concepts Silberschatz and Galvin199920.10Operating System Concepts Silberschatz and Galvin19995.10Operating System Concepts Silberschatz and Galvin 19994.10
10 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Network Security Through Domain Separation Via Firewall
11. Operating System Concepts Silberschatz and Galvin199920.11Operating System Concepts Silberschatz and Galvin19995.11Operating System Concepts Silberschatz and Galvin 19994.11
11 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Encryption
• Encrypt clear text into cipher text.
• Properties of good encryption technique:
– Relatively simple for authorized users to incrypt and decrypt
data.
– Encryption scheme depends not on the secrecy of the
algorithm but on a parameter of the algorithm called the
encryption key.
– Extremely difficult for an intruder to determine the encryption
key.
• Data Encryption Standard substitutes characters and rearranges
their order on the basis of an encryption key provided to
authorized users via a secure mechanism. Scheme only as
secure as the mechanism.
12. Operating System Concepts Silberschatz and Galvin199920.12Operating System Concepts Silberschatz and Galvin19995.12Operating System Concepts Silberschatz and Galvin 19994.12
12 toOperating System Concepts | Silberschatz and Galvin 1999https://github.com/syaifulahdan/ 12
Encryption (Cont.)
• Public-key encryption based on each user having two keys:
– public key – published key used to encrypt data.
– private key – key known only to individual user used to
decrypt data.
• Must be an encryption scheme that can be made public without
making it easy to figure out the decryption scheme.
– Efficient algorithm for testing whether or not a number is
prime.
– No efficient algorithm is know for finding the prime factors of
a number.