Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security flaws in Windows XP due to Kernel Complexity Presented by: Zubin Lalani Daniel Beech Professor : Mike Burmester.

Published byBranden Armstrong Modified over 8 years ago

Similar presentations

Presentation on theme: "Security flaws in Windows XP due to Kernel Complexity Presented by: Zubin Lalani Daniel Beech Professor : Mike Burmester."— Presentation transcript:

1 Security flaws in Windows XP due to Kernel Complexity Presented by: Zubin Lalani Daniel Beech Professor : Mike Burmester

2 Presentation Outline Windows Vs Linux Kernel Organization Windows Security Model Security Flaws in Windows Microsoft Future plans for security

3 Windows Kernel Organization Originally designed as stand alone “offline” system Over 3000 + System calls Supports over 4000 distinct system configuration Over 50 million lines of code 600 million Windows copies (figures of July 2004) Windows 2000 supports more than 7,000 devices

4 Less than 255 system calls for linux Linux 2.6 has not more than 4 million phyiscal line of code Approximate 18 million users Lack of distinct hardware support Linux Kernel Organization

5 Kernel Organization Kernel-mode organized into NTOS (kernel-mode services) –Run-time Library, Scheduling, Executive services, object manager, services for I/O, memory, processes, … Hal (hardware-adaptation layer) –Insulates NTOS & drivers from hardware dependencies –Providers facilities, such as device access, timers, interrupt servicing, clocks, spinlocks

6 LINUX ARCHITECTURE

7 Windows Security Model … Security Model based on securable objects Based on per-object rights – “Generic read, write and execute” Model Involves following concepts : Security Identifiers Access Tokens Security Descriptors Access Control Lists and Privileges

8 WINDOWS SECURITY MODEL

9 FAMOUS FLAWS … Mellissa Virus Forced Microsoft to completely turn off their email system Started to affect in March 1999 More than $80 million I Love You Virus Affected May 2000 Brought down www.skyinet.net, deleted.mp3 and.jpg files and mails to every contact in microsoft Outlookwww.skyinet.net $1 Billion financial loss in North America alone and more than $2.5 in total Affected more than 600000 computer

10 FAMOUS FLAWS Code Red The economic cost more than $2 billion Was so powerful that it forced White House to change its numerical IP address and prompted the Pentagon to takes its website offline Blaster Worm $500 million or more estimate in Financial loss 16 million or more system fell victim Exploited the DCOM(Distributed component object Model) vulnerability Happened in August 2003

11 LATEST SECURITY THREATS SPYWARE Not a virus but a complete program Tracks internet habits and nags you with advertisment About 2/3 rd personal computers are infected How it works? - Piggybacked software installation, Drive-by download, Browser add-ons, Masquerading as anti-spy ware

12 FUTURE PLANS Include Windows Anti Spy-ware Technology Improvements in Windows Update Site “Singularity” prototype OS - said to be Very Secure

13 Biblography http://www.acmqueue.org/modules.php?name=Content&pa=showpage&pid=159&page=5 http://archives.cnn.com/2001/TECH/internet/08/08/code.red.II/ http://computer.howstuffworks.com/virus4.htm http://www.exn.ca/nerds/virus.cfm http://www.legalelite.com/articles/a-kpasich-0500-iloveyoubug.htm http://news.com.com/2100-1001-240304.html?legacy=cnet http://users.dot.net.au/~rick/ms/culp.html http://www.microsoft.com

Download ppt "Security flaws in Windows XP due to Kernel Complexity Presented by: Zubin Lalani Daniel Beech Professor : Mike Burmester."

Similar presentations

Chapter 8: Operating Systems and Utility Programs

Chapter 8: Operating Systems and Utility Programs
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Primary Threats to Computer Security

Primary Threats to Computer Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
P1-P2-M1-D1-D2.

P1-P2-M1-D1-D2.
Chapter 7 Operating Systems and Utility Programs.

Chapter 7 Operating Systems and Utility Programs.
Spyware and other annoying Pop-ups. What are we going to learn? What is spyware What is the threat Where does it come from Why does spyware exist How.

Spyware and other annoying Pop-ups. What are we going to learn? What is spyware What is the threat Where does it come from Why does spyware exist How.
Computer Viruses.

Computer Viruses.
Viruses and Spyware The Real Story Mr. G. From Whence Spyware Comes Spyware usually ends up on your machine because of something you do, like clicking.

Viruses and Spyware The Real Story Mr. G. From Whence Spyware Comes Spyware usually ends up on your machine because of something you do, like clicking.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
The MS Blaster worm Presented by: Zhi-Wen Ouyang.

The MS Blaster worm Presented by: Zhi-Wen Ouyang.
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
The Death of Windows XP End of the line for venerable operating system Dr. Jan Vanderpool

The Death of Windows XP End of the line for venerable operating system Dr. Jan Vanderpool
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.

To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
Protecting Your Computer & Your Information

Protecting Your Computer & Your Information

Similar presentations

Ads by Google