Security flaws in Windows XP due to Kernel Complexity Presented by: Zubin Lalani Daniel Beech...
-
Upload
branden-armstrong -
Category
Documents
-
view
216 -
download
3
Transcript of Security flaws in Windows XP due to Kernel Complexity Presented by: Zubin Lalani Daniel Beech...
Security flaws in Windows XP due to Kernel Complexity
Presented by:
Zubin Lalani
Daniel Beech
Professor :
Mike Burmester
Presentation Outline
• Windows Vs Linux Kernel Organization
• Windows Security Model
• Security Flaws in Windows
• Microsoft Future plans for security
Windows Kernel Organization
• Originally designed as stand alone “offline” system
• Over 3000 + System calls
• Supports over 4000 distinct system configuration
• Over 50 million lines of code
• 600 million Windows copies (figures of July 2004)
• Windows 2000 supports more than 7,000 devices
• Less than 255 system calls for linux
• Linux 2.6 has not more than 4 million phyiscal line of code
• Approximate 18 million users
• Lack of distinct hardware support
Linux Kernel Organization
Kernel Organization
Kernel-mode organized into
NTOS (kernel-mode services)
–Run-time Library, Scheduling, Executive services, object manager, services for I/O, memory, processes, …
Hal (hardware-adaptation layer)
–Insulates NTOS & drivers from hardware dependencies
–Providers facilities, such as device access, timers, interrupt servicing, clocks, spinlocks
LINUX ARCHITECTURE
Windows Security Model …
• Security Model based on securable objects
• Based on per-object rights – “Generic read, write and execute”
• Model Involves following concepts :
• Security Identifiers
• Access Tokens
• Security Descriptors
• Access Control Lists and Privileges
WINDOWS SECURITY MODEL
FAMOUS FLAWS …
• Mellissa Virus
Forced Microsoft to completely turn off their email system
Started to affect in March 1999
More than $80 million
• I Love You Virus
Affected May 2000
Brought down www.skyinet.net, deleted .mp3 and .jpg files and mails to every contact in microsoft Outlook
$1 Billion financial loss in North America alone and more than $2.5 in total
Affected more than 600000 computer
FAMOUS FLAWS
• Code Red
The economic cost more than $2 billion
Was so powerful that it forced White House to change its numerical
IP address and prompted the Pentagon to takes its website offline
•Blaster Worm
$500 million or more estimate in Financial loss
16 million or more system fell victim
Exploited the DCOM(Distributed component object Model) vulnerability
Happened in August 2003
LATEST SECURITY THREATS
• SPYWARE
Not a virus but a complete program
Tracks internet habits and nags you with advertisment
About 2/3rd personal computers are infected
How it works? - Piggybacked software installation,
Drive-by download, Browser add-ons, Masquerading
as anti-spy ware
FUTURE PLANS
Include Windows Anti Spy-ware Technology
Improvements in Windows Update Site
“Singularity” prototype OS - said to be Very Secure
Biblography
• http://www.acmqueue.org/modules.php?name=Content&pa=showpage&pid=159&page=5
• http://archives.cnn.com/2001/TECH/internet/08/08/code.red.II/
• http://computer.howstuffworks.com/virus4.htm
• http://www.exn.ca/nerds/virus.cfm
• http://www.legalelite.com/articles/a-kpasich-0500-iloveyoubug.htm
• http://news.com.com/2100-1001-240304.html?legacy=cnet
• http://users.dot.net.au/~rick/ms/culp.html
• http://www.microsoft.com