Operating System Security

Operating system security is important because if your operating system isn't protected from both inside and outside attacks, the attackers can change, delete, or do other things to your important documents and files.

The need to safeguard every piece of data in a computer system is becoming increasingly important. As a result, it is critical for every operating system (OS) to protect computer systems' information (private information).

To understand how to secure your operating system, you must first understand how the attacker employs some program code and technique to launch attacks on your computer system via viruses, logic bombs, trap doors, Trojan horses, login spoofing, and so on.

This post is divided into the following sections on "operating system security":

Threats

From a safety and protection standpoint, computer systems strive to accomplish the following three general goals:

The following table provides a list of all of the aforementioned goals along with the threads that correspond to them:

Security Goal Threat
Data confidentiality Exposure of data
Data integrity Tempering with data
System availability Denial of service

Now, the following table provides a description of all three objectives, from a safety point of view, that virtually every computer system strives to achieve:

Goal Description
Data integrity Users who are not authorized to make modifications to any data shouldn't be able to do so without the permission of the data's owner. In this scenario, modifying data not only results in the data being changed, but it also results in the data being removed and may result in the addition of some incorrect data. If a computer system cannot guarantee that the data that are stored in it will remain unchanged until and unless the owner of the system decides to change them, then it is not very useful as an information system and should be avoided.
Data confidentiality When there is a need for data confidentiality, confidential information is kept confidential. If the owner of the data has decided that the data should only be made available to specific or certain people and no others, then the system should ensure that the data is not released to people who are not authorized to receive it. In other words, if the owner of the data has decided that the data should only be made available to specific or certain people and no others, then the system should. In addition, the owner ought to have the ability to decide who can see what, and the system ought to be able to ensure that this happens.
System availability No one is able to interfere with the system and render it unusable.

Intruders

In the world of computer security, intruders are people who want to cause trouble for their own amusement or commercial gain.

Basically, intruders are of the following two types:

Now, let's talk briefly about the above two different types of intruders.

Active Intruders

Active intruders are malicious. It is constantly attempting to gain unauthorized access to someone else's system in order to change, modify, or delete data.

Passive Intruders

Passive intruders are less malicious than active ones. It wants to read the files they aren't authorized to read.

Accidental Data Loss

The loss of data or computer data as a result of an accident is referred to as accidental data loss. In most cases, data or information from a computer system is lost as a result of threats posed by malicious intruders. However, valuable information or data can be lost by accident.

Here is a list of some of the most common causes of accidental data loss or data loss from a computer system by accident:

You can store your critical computer data and information on the Internet and retrieve it at any time and from any location.

If you accidentally delete data from your computer, you won't be able to recover it unless the data is saved somewhere other than your computer. As a result, to recover any data, simply upload it to the Internet.

There are many ways to send your data over the Internet, such as creating an email account and storing all of your files and data in it, or creating your own website and storing all of your data on it, etc.

Cryptography Basics

This section will teach you the fundamentals of cryptography as well as how to encrypt files with cryptographic algorithms and code.

You can use cryptography to encrypt any file so that only the authorized person has access to it.

The primary goal of cryptography is to encrypt a file or message (called plaintext) so that only the authorized person knows how to decrypt the message or file.

The secrecy is determined by the parameters of the algorithms, known as keys.

Assume P is a plaintext file, KE is the encryption key, C is the ciphertext, and E is the encryption algorithm, or function.
C = E(P, KE)
is an explanation of encryption.

According to the encryption equation above, the ciphertext is obtained by using the known encryption algorithm, E, as well as plaintext, P, and the secret encryption key, KE, as parameters.

Similarly,
P = D(C, KD)
where D denotes the decryption algorithm and KD denotes the key.

This equation states that in order to recover the plaintext, P, from the encrypted text, that is, the ciphertext, C, and the decryption key, KD, the algorithm D with C and KD as parameters must be run.

Here's an example of how to use cryptography to encrypt and decrypt files in the C and C++ programming languages:

Cryptography is a lengthy and difficult subject to master. Assume you've hidden your secret file somewhere in your computer system. Anyone who finds that file in that secret location can access it, but if the file is encrypted, he or she will not be able to see the contents of the file after accessing it.

Secret-key Cryptography

To understand secret-key cryptography, imagine an encryption algorithm in which each letter is replaced by another letter, such as all As being replaced by Qs, all Bs being replaced by Ws, all Cs being replaced by Es, and so on.

Plaintext  = ABCDEFGHIJKLMNOPQRSTUVWXYZ
Ciphertext = QWERTYUIOPASDFGHJKLZXCVBNM

Here, the encryption key is QWERTYUIOPASDFGHJKLZXCVBNM

Now, for the above key, the plaintext fresherearth would be transformed (from the above encryption key) into the ciphertext EGRTLEKQEATK.

The decryption key tells how to get back from ciphertext to plaintext, the original text, normal text, or unencrypted text.

Therefore, in the example above, KXVMCNOPHQRSZYIJADLEGWBUFT is the decryption key because an A in ciphertext is a K in plaintext, a B in ciphertext is an X in plaintext, etc.

Many cryptographic systems have the property that, given the encryption key, it is easy to find the decryption key and vice versa. Such cryptographic systems are called "secret-key cryptography."

Secret-key cryptography can also be called symmetric-key cryptography.

Public-key Cryptography

A cryptographic system that uses a secret key requires both the sender and the receiver to have possession of a shared secret key in order for the system to function properly. A significant limitation of this system is that individuals may need to physically interact with one another in order for one person to hand it off to another.

The use of public-key cryptography is necessary, as a result, in order to circumvent this problem.

Given a carefully selected encryption key, it is next to impossible to figure out the corresponding decryption key in a public-key cryptographic system. This is because different keys are used for encryption and decryption in a public-key system, and because it is almost impossible to figure out which key corresponds to which encryption key.

As a consequence of this, the encryption key can be made public under these conditions, and the private decryption key is the only one that can be protected from public view.

Digital Signatures

In today's world, it is essential to sign a document using a digital device. Digital signatures make it possible to sign electronic mail messages and other digital documents in a way that prevents the sender from denying responsibility for the content of the message at a later time.

Putting the document through a one-way hashing algorithm, which is extremely difficult to create on your own, is a method that is used frequently and generally.

The hashing function generates a result that is always the same length, regardless of the size of the original document.

The hashing functions with the most widespread use are MD5 and SHA. Here, MD5 stands for message digest, and SHA stands for secure hash algorithm. MD5 generates a result that is 16 bytes, while SHA generates a result that is 20 bytes.

Trojan Horse

A Trojan horse is a type of insider attack in which an otherwise harmless computer program contains code that causes it to perform an unexpected or undesirable function.

This unexpected or undesirable function could include modifying, deleting, or encrypting the user's files, copying them to a location where the cracker can retrieve them later, or even sending them via electronic mail (e-mail) or file transfer protocol to another cracker or a temporary safe hiding place (FTP).

To run the Trojan horse on anyone's computer system, the person who created the trojan horse to attack other people's computers must first execute a program containing the trojan horse.

To execute the Trojan horse carrying program, one method is to distribute it over the Internet as a free, exciting new popular game, an amazing viewer, all-in-one software, or something else that will attract people's attention and encourage them to download the Trojan horse carrying program.

So that the user can run the software once it has been downloaded to his or her computer system.

When that program is run, the Trojan horse procedure is invoked, which can do anything, such as delete files, modify files, retrieve important information, and so on.

Login Spoofing

Login spoofing is a popular method of stealing or hacking anyone's login ID and password. Consider the following example to better understand login spoofing.

John and Dave are two of my friends. John is a knowledgeable computer programmer, whereas Dave is an average computer user with some knowledge of computer systems and the Internet. John now wishes to obtain Dave's Facebook login ID and password. To hack Dave's Facebook account, John writes some code to create a web page (the Facebook login page) that looks exactly like the Facebook login page.

Now, John wants to show the fake Facebook login page to Dave's desktop, mobile device, or laptop so that when Dave enters his Facebook login id and password on that fake Facebook login page, his login id and password are saved in John's personal database, and John can show Dave an error message after logging in and ask him to close the window or redirect him to the original Facebook login page. By redirecting Dave to the original Facebook login page, I dispelled any doubts he had.

After being redirected to the original Facebook login page, Dave enters his login id and password again, and this time his account will be opened on his computer or mobile screen, where John has his Facebook login id and password. This is known as "login spoofing."

When John leaves his computer room, he can send the fake Facebook login page to Dave's computer or mobile screen via a fake email or directly open the link to the fake Facebook login page on Dave's computer screen.

Logic Bombs

Login bombing is another method of gaining access to someone's personal information. In these days, login bombs are an insider attack on a computer system. This device is a piece of code written by a company's programmers and hidden within the production operating system (OS).

It does nothing as long as the programmer enters its daily password. However, if the programmer is abruptly fired and physically removed from the premises without notice, the logic bomb is not fed its daily password and thus goes off the next day.

Logic bomb checked the payroll in the vast majority of cases.

Antivirus

Antivirus software is a type of application that scans your computer for and attempts to eliminate any viruses that it finds.

Antivirus software is the antithesis of a virus, functioning in a manner analogous to that of a friend helping a foe.

Antivirus software is your ally in this scenario, while viruses are your adversary. A virus is your adversary because it can do anything that you don't want done to your computer system, such as stealing your important files and information, deleting your files and information, changing the configuration of your system, and so on. Antivirus software, on the other hand, cannot cause harm to your computer system and is therefore your ally.

When a computer is scanned with an antivirus program, it looks for and eliminates any viruses that may be present within the system.

As soon as an antivirus program has been installed on a computer system, the very first thing that it does is scan each and every executable file that is present on the disc of that computer system, looking for any of the viruses that are contained in the database of known viruses that is contained within that antivirus program.

In the event that a virus is discovered, the antivirus program will allow you to remove it.

How to Avoid from Viruses ?

It is imperative that you refrain from engaging in certain undesirable behaviours that could be detrimental to your computer system if you wish to shield it from adverse effects.

The following are the top four virus infection prevention tips:

If you use your computer system in accordance with the aforementioned directions each and every time, you will significantly reduce the likelihood that any malicious software will infect your device.

It is now possible for viruses to infect your computer system if you use a USB drive, such as a memory card, a flash drive, or a pen drive. Before engaging in any activities or exchanging information from your computer with the connected devices, you should first ensure that your computer is protected by an antivirus program and then scan each and every device that connects to it.

Internet Worm

On November 2, 1988, a computer programmer named Robert Tappan Morris released a worm program into the Internet, resulting in the first large-scale Internet computer security violation.

Morris' action brought down thousands of computers in universities, government laboratories, and corporations around the world before they were tracked down and removed.

Morris discovered two bugs in Berkeley UNIX at the time that allowed unauthorized access to computer machines all over the Internet.

Morris worked alone and created a "worm," a self-replicating computer program that exploited these errors and replicated itself in seconds on every computer it could gain access to. He spent days working on the worm program just to hide its tracking.

Operating System Quiz


« Previous Topic Next Topic »