slide1 n.
Download
Skip this Video
Download Presentation
Security flaws in Windows XP due to Kernel Complexity

Loading in 2 Seconds...

play fullscreen
1 / 13

Security flaws in Windows XP due to Kernel Complexity - PowerPoint PPT Presentation


  • 94 Views
  • Uploaded on

Security flaws in Windows XP due to Kernel Complexity. Presented by: Zubin Lalani Daniel Beech Professor : Mike Burmester. Presentation Outline. Windows Vs Linux Kernel Organization Windows Security Model Security Flaws in Windows Microsoft Future plans for security.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Security flaws in Windows XP due to Kernel Complexity' - reece-molina


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Security flaws in Windows XP due to Kernel Complexity

Presented by:

Zubin Lalani

Daniel Beech

Professor :

Mike Burmester

slide2

Presentation Outline

  • Windows Vs Linux Kernel Organization
  • Windows Security Model
  • Security Flaws in Windows
  • Microsoft Future plans for security
slide3

Windows KernelOrganization

  • Originally designed as stand alone “offline” system
  • Over 3000 + System calls
  • Supports over 4000 distinct system configuration
  • Over 50 million lines of code
  • 600 million Windows copies (figures of July 2004)
  • Windows 2000 supports more than 7,000 devices
slide4

Linux KernelOrganization

  • Less than 255 system calls for linux
  • Linux 2.6 has not more than 4 million phyiscal line of code
  • Approximate 18 million users
  • Lack of distinct hardware support
slide5

KernelOrganization

Kernel-mode organized into

NTOS (kernel-mode services)

–Run-time Library, Scheduling, Executive services, object manager, services for I/O, memory, processes, …

Hal (hardware-adaptation layer)

–Insulates NTOS & drivers from hardware dependencies

–Providers facilities, such as device access, timers, interrupt servicing, clocks, spinlocks

slide7

Windows Security Model …

  • Security Model based on securable objects
  • Based on per-object rights – “Generic read, write and execute”
  • Model Involves following concepts :
    • Security Identifiers
    • Access Tokens
    • Security Descriptors
    • Access Control Lists and Privileges
slide9

FAMOUS FLAWS …

  • Mellissa Virus
  • Forced Microsoft to completely turn off their email system
  • Started to affect in March 1999
  • More than $80 million
  • I Love You Virus
  • Affected May 2000
  • Brought down www.skyinet.net, deleted .mp3 and .jpg files and mails to every contact in microsoft Outlook
  • $1 Billion financial loss in North America alone and more than $2.5 in total
  • Affected more than 600000 computer
slide10

FAMOUS FLAWS

  • Code Red
  • The economic cost more than $2 billion
  • Was so powerful that it forced White House to change its numerical
  • IP address and prompted the Pentagon to takes its website offline
  • Blaster Worm
    • $500 million or more estimate in Financial loss
    • 16 million or more system fell victim
    • Exploited the DCOM(Distributed component object Model) vulnerability
    • Happened in August 2003
slide11

LATEST SECURITY THREATS

  • SPYWARE
  • Not a virus but a complete program
  • Tracks internet habits and nags you with advertisment
  • About 2/3rd personal computers are infected
  • How it works? - Piggybacked software installation,
  • Drive-by download, Browser add-ons, Masquerading
  • as anti-spy ware
slide12

FUTURE PLANS

Include Windows Anti Spy-ware Technology

Improvements in Windows Update Site

“Singularity” prototype OS - said to be Very Secure

slide13

Biblography

  • http://www.acmqueue.org/modules.php?name=Content&pa=showpage&pid=159&page=5
  • http://archives.cnn.com/2001/TECH/internet/08/08/code.red.II/
  • http://computer.howstuffworks.com/virus4.htm
  • http://www.exn.ca/nerds/virus.cfm
  • http://www.legalelite.com/articles/a-kpasich-0500-iloveyoubug.htm
  • http://news.com.com/2100-1001-240304.html?legacy=cnet
  • http://users.dot.net.au/~rick/ms/culp.html
  • http://www.microsoft.com