slide1
Download
Skip this Video
Download Presentation
Security flaws in Windows XP due to Kernel Complexity

Loading in 2 Seconds...

play fullscreen
1 / 13

Security flaws in Windows XP due to Kernel Complexity - PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on

Security flaws in Windows XP due to Kernel Complexity. Presented by: Zubin Lalani Daniel Beech Professor : Mike Burmester. Presentation Outline. Windows Vs Linux Kernel Organization Windows Security Model Security Flaws in Windows Microsoft Future plans for security.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Security flaws in Windows XP due to Kernel Complexity' - reece-molina


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Security flaws in Windows XP due to Kernel Complexity

Presented by:

Zubin Lalani

Daniel Beech

Professor :

Mike Burmester

slide2

Presentation Outline

  • Windows Vs Linux Kernel Organization
  • Windows Security Model
  • Security Flaws in Windows
  • Microsoft Future plans for security
slide3

Windows KernelOrganization

  • Originally designed as stand alone “offline” system
  • Over 3000 + System calls
  • Supports over 4000 distinct system configuration
  • Over 50 million lines of code
  • 600 million Windows copies (figures of July 2004)
  • Windows 2000 supports more than 7,000 devices
slide4

Linux KernelOrganization

  • Less than 255 system calls for linux
  • Linux 2.6 has not more than 4 million phyiscal line of code
  • Approximate 18 million users
  • Lack of distinct hardware support
slide5

KernelOrganization

Kernel-mode organized into

NTOS (kernel-mode services)

–Run-time Library, Scheduling, Executive services, object manager, services for I/O, memory, processes, …

Hal (hardware-adaptation layer)

–Insulates NTOS & drivers from hardware dependencies

–Providers facilities, such as device access, timers, interrupt servicing, clocks, spinlocks

slide7

Windows Security Model …

  • Security Model based on securable objects
  • Based on per-object rights – “Generic read, write and execute”
  • Model Involves following concepts :
    • Security Identifiers
    • Access Tokens
    • Security Descriptors
    • Access Control Lists and Privileges
slide9

FAMOUS FLAWS …

  • Mellissa Virus
  • Forced Microsoft to completely turn off their email system
  • Started to affect in March 1999
  • More than $80 million
  • I Love You Virus
  • Affected May 2000
  • Brought down www.skyinet.net, deleted .mp3 and .jpg files and mails to every contact in microsoft Outlook
  • $1 Billion financial loss in North America alone and more than $2.5 in total
  • Affected more than 600000 computer
slide10

FAMOUS FLAWS

  • Code Red
  • The economic cost more than $2 billion
  • Was so powerful that it forced White House to change its numerical
  • IP address and prompted the Pentagon to takes its website offline
  • Blaster Worm
    • $500 million or more estimate in Financial loss
    • 16 million or more system fell victim
    • Exploited the DCOM(Distributed component object Model) vulnerability
    • Happened in August 2003
slide11

LATEST SECURITY THREATS

  • SPYWARE
  • Not a virus but a complete program
  • Tracks internet habits and nags you with advertisment
  • About 2/3rd personal computers are infected
  • How it works? - Piggybacked software installation,
  • Drive-by download, Browser add-ons, Masquerading
  • as anti-spy ware
slide12

FUTURE PLANS

Include Windows Anti Spy-ware Technology

Improvements in Windows Update Site

“Singularity” prototype OS - said to be Very Secure

slide13

Biblography

  • http://www.acmqueue.org/modules.php?name=Content&pa=showpage&pid=159&page=5
  • http://archives.cnn.com/2001/TECH/internet/08/08/code.red.II/
  • http://computer.howstuffworks.com/virus4.htm
  • http://www.exn.ca/nerds/virus.cfm
  • http://www.legalelite.com/articles/a-kpasich-0500-iloveyoubug.htm
  • http://news.com.com/2100-1001-240304.html?legacy=cnet
  • http://users.dot.net.au/~rick/ms/culp.html
  • http://www.microsoft.com
ad