Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating Systems Security

Published byBertina Willis Modified over 8 years ago

Similar presentations

Presentation on theme: "Operating Systems Security"— Presentation transcript:

1 Operating Systems Security
Introduction 4/26/2017 Operating Systems Security

2 The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or bootstrapping. When a computer is turned on, it first executes code stored in a firmware component known as the BIOS (basic input/output system). On modern systems, the BIOS loads into memory the second-stage boot loader, which handles loading the rest of the operating system into memory and then passes control of execution to the operating system.

3 BIOS Passwords A malicious user could potentially seize execution of a computer at several points in the boot process. To prevent an attacker from initiating the first stages of booting, many computers feature a BIOS password that does not allow a second-stage boot loader to be executed without proper authentication.

4 Hibernation Modern machines have the ability to go into a powered-off state known as hibernation. While going into hibernation, the OS stores the contents of machine’s memory into a hibernation file (such as hiberfil.sys) on disk so the computer can be quickly restored later. But… without additional security precautions, hibernation exposes a machine to potentially invasive forensic investigation. 1. User closes a laptop computer, putting it into hibernation. 2. Attacker copies the hiberfil.sys file to discover any unencrypted passwords that were stored in memory when the computer was put into hibernation.

5 Event Logging Keeping track of what processes are running, what other machines have interacted with the system via the Internet, and if the operating system has experienced any unexpected or suspicious behavior can often leave important clues not only for troubleshooting ordinary problems, but also for determining the cause of a security breach.

6 Process Explorer

7 Memory and File System Security
The contents of a computer are encapsulated in its memory and file system. Thus, protection of a computer’s content has to start with the protection of its memory and its file system.

8 Password Security The basic approach to guessing passwords from the password file is to conduct a dictionary attack, where each word in a dictionary is hashed and the resulting value is compared with the hashed passwords stored in the password file. A dictionary of 500,000 “words” is often enough to discover most passwords.

9 Password Salt One way to make the dictionary attack more difficult to launch is to use salt. Associate a random number with each userid. Rather than comparing the hash of an entered password with a stored hash of a password, the system compares the hash of an entered password and the salt for the associated userid with a stored hash of the password and salt.

10 How Password Salt Works
Without salt: Password file: 1. User types userid, X, and password, P. 2. System looks up H, the stored hash of X’s password. 3. System tests whether h(P) = H. X: H With salt: 1. User types userid, X, and password, P. 2. System looks up S and H, where S is the random salt for userid X and H is stored hash of S and X’s password. 3. System tests whether h(S||P) = H. Password file: X: S, H

11 How Salt Increases Search Space Size
Assuming that an attacker cannot find the salt associated with a userid he is trying to compromise, then the search space for a dictionary attack on a salted password is of size 2B*D, where B is the number of bits of the random salt and D is the size of the list of words for the dictionary attack. For example, if a system uses a 32-bit salt for each userid and its users pick passwords in a 500,000 word dictionary, then the search space for attacking salted passwords would be 232 * 500,000 = 2,147,483,648,000,000, which is over 2 quadrillion. Also, even if an attacker can find a salt password for a userid, he only learns one password.

12 Hash Chains Brute forcing one password at a time takes a lot of time
Alternative: precompute hash values for lots of passwords ahead of time, sort hashes, and then do a lookup for a given hash to find its password But this takes lots of space in addition to the precomputation time Hellman showed how to use precomputation to reduce both time (when cracking a given hash) and space when doing brute force search for a password that produces a given hash Idea is to form hash chains, alternating between password and hash value, and only store the last hash value in the chain Then make many hash chains, and record the start point (a password) and the end point (a hash) for each chain

13 Hash Chains Must alternate between potential password and hash to form chain Password to hash is easy – just use hash function Hash to possible password requires a “reduce” operation Given a target hash value H See if H is in stored hashes If not, reduce H and hash again to form new hash H’ and repeat If H’ appears in stored hashes, go to corresponding starting password and reduce/hash enough times to get to H’, then take previous potential password as password

14 Hash Chains Hash values Hash values Start values Pos. PWs End hashes
Table sorted by end hashes h11 h11 h1m p11 p12 p1m h21 h21 h2m p21 p22 p2m Hash Start h3m p31 h27m p27 him pi hjm pj h31 h31 h3m p31 p32 p3m hN1 hN1 hNm pN1 pN2 pNm hash reduce hash … reduce hash

15 Hash Chains Start values Pos. PWs End hashes Table sorted
h1m p11 p12 p1m Table sorted by end hashes h21 h21 h2m p21 p22 p2m h31 h31 h3m Hash Start h3m p31 h27m p27 him pi hjm pj p31 p32 p3m hN1 hN1 hNm pN1 pN2 pNm hash reduce hash … reduce hash H0 H1 Hk P1 Pk Interesting hash H0 Check if H0 in table … if not … until get a match (or not)

16 Hash Chains Suppose interesting hash H0 can be chained k times to produce hash Hk that matches end hash him in table Start value Pos. PWs End hash hi1 hik’ him Pi1 Pik’ Pim hash reduce … reduce hash ??? hi1 H0 Hk Pi1 Pik’ P1 Pk If it took k reduce/hash iterations to get from H0 to him And it took 1 hash then m-1 reduce/hash iterations to get from Pi1 to him Then it should take how many hashes and reduce/hashes to get from Pi1 to H0? 1 hash and m-k-1 reduce/hash iterations

17 Hash Chain Problems Hash chains may collide This means that …
… may get false positive … and table is less effective – has duplication Search hashes to see if match while building table … hi1 hik him Pi1 Pik’ Pim hj1 hjm Pij Pjk’ Pjm

18 Rainbow Tables Use different reduction at each step
h1m p11 p12 p1m h21 h21 h2m p21 p22 p2m h31 h31 h3m p31 p32 p3m hN1 hN1 hNm pN1 pN2 pNm hash R1 hash … Rm-1 hash H0 H1 Hk P1 Pk This forces collisions to happen in the same column Which also means they will be caught at end

19 Rainbow Tables How big is table? How long does it take to build it?
N starting points => N endpoints – O(N) storage How long does it take to build it? M iterations per chain => O(NM) hash/reduce operations O(N log N) time to sort by hash value How long does it take to apply to a hashed password? At most M reduce/hash operations Search for each one is O(log N) Each “hit” takes O(M) hash/reduce operations So total of at most O(M (M + log N)) but practically O(M log N) since hits are rare

20 Rainbow Tables How effective is it?
If no collisions, cover NM possible passwords So at best NM/S probability of success, where S = total number of possible passwords With collisions, accounting is more complicated Tradeoff in increasing N and M to obtain greater chances of success vs. decreasing returns due to collisions Bottom line: Rainbow Tables allow for trading off precomputation time and storage vs. time taken during attack In practice, can be very effective

21 Rainbow Tables How to defeat them? Larger password space
Can’t really defeat per se But can make them less useful Larger password space Larger hash size More expensive hash function Most of all … salts! Why? Must make a separate table for each salt value Multiplies precomputation by number of salt values! Make big salt values!

Download ppt "Operating Systems Security"

Similar presentations

By Wild King. Generally speaking, a rainbow table is a lookup table which is used to recover the plain-text password that derives from a hashing or cryptographic.

By Wild King. Generally speaking, a rainbow table is a lookup table which is used to recover the plain-text password that derives from a hashing or cryptographic.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
CS4432: Database Systems II Buffer Manager 1. 2 Covered in week 1.

CS4432: Database Systems II Buffer Manager 1. 2 Covered in week 1.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.

Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
CSUF Chapter 3.2 1. CSUF Operating Systems Security 2.

CSUF Chapter CSUF Operating Systems Security 2.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.

COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Section 3.2: Operating Systems Security

Section 3.2: Operating Systems Security
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Log Files. O(n) Data Structure Exercises 16.1.

Log Files. O(n) Data Structure Exercises 16.1.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
1 CSI 101 Elements of Computing Fall 2009 Lecture #4 Using Flowcharts Monday February 2nd, 2009.

1 CSI 101 Elements of Computing Fall 2009 Lecture #4 Using Flowcharts Monday February 2nd, 2009.
REPRESENTING SETS CSC 172 SPRING 2002 LECTURE 21.

REPRESENTING SETS CSC 172 SPRING 2002 LECTURE 21.
Tirgul 8 Universal Hashing Remarks on Programming Exercise 1 Solution to question 2 in theoretical homework 2.

Tirgul 8 Universal Hashing Remarks on Programming Exercise 1 Solution to question 2 in theoretical homework 2.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
Introduction to Hashing CS 311 Winter, 2013. Dictionary Structure A dictionary structure has the form: (Key, Data) Dictionary structures are organized.

Introduction to Hashing CS 311 Winter, Dictionary Structure A dictionary structure has the form: (Key, Data) Dictionary structures are organized.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.

Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.
Lecture 11 oct 7 Goals: hashing hash functions chaining closed hashing application of hashing.

Lecture 11 oct 7 Goals: hashing hash functions chaining closed hashing application of hashing.

Similar presentations

Ads by Google