Operating System Security
Operating system security is important because if your operating system isn't protected from both inside and outside attacks, the attackers can change, delete, or do other things to your important documents and files.
The need to safeguard every piece of data in a computer system is becoming increasingly important. As a result, it is critical for every operating system (OS) to protect computer systems' information (private information).
To understand how to secure your operating system, you must first understand how the attacker employs some program code and technique to launch attacks on your computer system via viruses, logic bombs, trap doors, Trojan horses, login spoofing, and so on.
This post is divided into the following sections on "operating system security":
- Accidental Data Loss
- Basics of Cryptography
- Secret-Key Cryptography
- Public-Key Cryptography
- Digital Signature
- User Authentication
- Trojan Horse
- Login Spoofing
- Logic Bomb
- Trap Door
- Computer Virus
- Computer Antivirus
- Internet Worm
From a safety and protection standpoint, computer systems strive to accomplish the following three general goals:
- Data confidentiality
- Data integrity
- System availability
The following table provides a list of all of the aforementioned goals along with the threads that correspond to them:
|Data confidentiality||Exposure of data|
|Data integrity||Tempering with data|
|System availability||Denial of service|
Now, the following table provides a description of all three objectives, from a safety point of view, that virtually every computer system strives to achieve:
|Data integrity||Users who are not authorized to make modifications to any data shouldn't be able to do so without the permission of the data's owner. In this scenario, modifying data not only results in the data being changed, but it also results in the data being removed and may result in the addition of some incorrect data. If a computer system cannot guarantee that the data that are stored in it will remain unchanged until and unless the owner of the system decides to change them, then it is not very useful as an information system and should be avoided.|
|Data confidentiality||When there is a need for data confidentiality, confidential information is kept confidential. If the owner of the data has decided that the data should only be made available to specific or certain people and no others, then the system should ensure that the data is not released to people who are not authorized to receive it. In other words, if the owner of the data has decided that the data should only be made available to specific or certain people and no others, then the system should. In addition, the owner ought to have the ability to decide who can see what, and the system ought to be able to ensure that this happens.|
|System availability||No one is able to interfere with the system and render it unusable.|
In the world of computer security, intruders are people who want to cause trouble for their own amusement or commercial gain.
Basically, intruders are of the following two types:
Now, let's talk briefly about the above two different types of intruders.
Active intruders are malicious. It is constantly attempting to gain unauthorized access to someone else's system in order to change, modify, or delete data.
Passive intruders are less malicious than active ones. It wants to read the files they aren't authorized to read.
Accidental Data Loss
The loss of data or computer data as a result of an accident is referred to as accidental data loss. In most cases, data or information from a computer system is lost as a result of threats posed by malicious intruders. However, valuable information or data can be lost by accident.
Here is a list of some of the most common causes of accidental data loss or data loss from a computer system by accident:
- Natural causes such as floods, earthquakes, and fires, among others.
- Errors in hardware and software, such as program bugs, unreadable discs, CPU errors or malfunctions, and so on.
- Self-inflicted errors such as selecting the incorrect tape, incorrect data entry, a lost disc, or telecommunication errors
You can store your critical computer data and information on the Internet and retrieve it at any time and from any location.
If you accidentally delete data from your computer, you won't be able to recover it unless the data is saved somewhere other than your computer. As a result, to recover any data, simply upload it to the Internet.
There are many ways to send your data over the Internet, such as creating an email account and storing all of your files and data in it, or creating your own website and storing all of your data on it, etc.
This section will teach you the fundamentals of cryptography as well as how to encrypt files with cryptographic algorithms and code.
You can use cryptography to encrypt any file so that only the authorized person has access to it.
The primary goal of cryptography is to encrypt a file or message (called plaintext) so that only the authorized person knows how to decrypt the message or file.
The secrecy is determined by the parameters of the algorithms, known as keys.
Assume P is a plaintext file, KE is the encryption key, C is the ciphertext, and E is the encryption algorithm, or function.
C = E(P, KE)
is an explanation of encryption.
According to the encryption equation above, the ciphertext is obtained by using the known encryption algorithm, E, as well as plaintext, P, and the secret encryption key, KE, as parameters.
P = D(C, KD)
where D denotes the decryption algorithm and KD denotes the key.
This equation states that in order to recover the plaintext, P, from the encrypted text, that is, the ciphertext, C, and the decryption key, KD, the algorithm D with C and KD as parameters must be run.
Here's an example of how to use cryptography to encrypt and decrypt files in the C and C++ programming languages:
Cryptography is a lengthy and difficult subject to master. Assume you've hidden your secret file somewhere in your computer system. Anyone who finds that file in that secret location can access it, but if the file is encrypted, he or she will not be able to see the contents of the file after accessing it.
To understand secret-key cryptography, imagine an encryption algorithm in which each letter is replaced by another letter, such as all As being replaced by Qs, all Bs being replaced by Ws, all Cs being replaced by Es, and so on.
Plaintext = ABCDEFGHIJKLMNOPQRSTUVWXYZ Ciphertext = QWERTYUIOPASDFGHJKLZXCVBNM
Here, the encryption key is QWERTYUIOPASDFGHJKLZXCVBNM
Now, for the above key, the plaintext CODESCRACKER would be transformed (from the above encryption key) into the ciphertext EGRTLEKQEATK.
The decryption key tells how to get back from ciphertext to plaintext, the original text, normal text, or unencrypted text.
Therefore, in the example above, KXVMCNOPHQRSZYIJADLEGWBUFT is the decryption key because an A in ciphertext is a K in plaintext, a B in ciphertext is an X in plaintext, etc.
Many cryptographic systems have the property that, given the encryption key, it is easy to find the decryption key and vice versa. Such cryptographic systems are called "secret-key cryptography."
Secret-key cryptography can also be called symmetric-key cryptography.
A cryptographic system that uses a secret key requires both the sender and the receiver to have possession of a shared secret key in order for the system to function properly. A significant limitation of this system is that individuals may need to physically interact with one another in order for one person to hand it off to another.
The use of public-key cryptography is necessary, as a result, in order to circumvent this problem.
Given a carefully selected encryption key, it is next to impossible to figure out the corresponding decryption key in a public-key cryptographic system. This is because different keys are used for encryption and decryption in a public-key system, and because it is almost impossible to figure out which key corresponds to which encryption key.
As a consequence of this, the encryption key can be made public under these conditions, and the private decryption key is the only one that can be protected from public view.
In today's world, it is essential to sign a document using a digital device. Digital signatures make it possible to sign electronic mail messages and other digital documents in a way that prevents the sender from denying responsibility for the content of the message at a later time.
Putting the document through a one-way hashing algorithm, which is extremely difficult to create on your own, is a method that is used frequently and generally.
The hashing function generates a result that is always the same length, regardless of the size of the original document.
The hashing functions with the most widespread use are MD5 and SHA. Here, MD5 stands for message digest, and SHA stands for secure hash algorithm. MD5 generates a result that is 16 bytes, while SHA generates a result that is 20 bytes.
A Trojan horse is a type of insider attack in which an otherwise harmless computer program contains code that causes it to perform an unexpected or undesirable function.
This unexpected or undesirable function could include modifying, deleting, or encrypting the user's files, copying them to a location where the cracker can retrieve them later, or even sending them via electronic mail (e-mail) or file transfer protocol to another cracker or a temporary safe hiding place (FTP).
To run the Trojan horse on anyone's computer system, the person who created the trojan horse to attack other people's computers must first execute a program containing the trojan horse.
To execute the Trojan horse carrying program, one method is to distribute it over the Internet as a free, exciting new popular game, an amazing viewer, all-in-one software, or something else that will attract people's attention and encourage them to download the Trojan horse carrying program.
So that the user can run the software once it has been downloaded to his or her computer system.
When that program is run, the Trojan horse procedure is invoked, which can do anything, such as delete files, modify files, retrieve important information, and so on.
Login spoofing is a popular method of stealing or hacking anyone's login ID and password. Consider the following example to better understand login spoofing.
John and Dave are two of my friends. John is a knowledgeable computer programmer, whereas Dave is an average computer user with some knowledge of computer systems and the Internet. John now wishes to obtain Dave's Facebook login ID and password. To hack Dave's Facebook account, John writes some code to create a web page (the Facebook login page) that looks exactly like the Facebook login page.
Now, John wants to show the fake Facebook login page to Dave's desktop, mobile device, or laptop so that when Dave enters his Facebook login id and password on that fake Facebook login page, his login id and password are saved in John's personal database, and John can show Dave an error message after logging in and ask him to close the window or redirect him to the original Facebook login page. By redirecting Dave to the original Facebook login page, I dispelled any doubts he had.
After being redirected to the original Facebook login page, Dave enters his login id and password again, and this time his account will be opened on his computer or mobile screen, where John has his Facebook login id and password. This is known as "login spoofing."
When John leaves his computer room, he can send the fake Facebook login page to Dave's computer or mobile screen via a fake email or directly open the link to the fake Facebook login page on Dave's computer screen.
Login bombing is another method of gaining access to someone's personal information. In these days, login bombs are an insider attack on a computer system. This device is a piece of code written by a company's programmers and hidden within the production operating system (OS).
It does nothing as long as the programmer enters its daily password. However, if the programmer is abruptly fired and physically removed from the premises without notice, the logic bomb is not fed its daily password and thus goes off the next day.
Logic bomb checked the payroll in the vast majority of cases.
Antivirus software is a type of application that scans your computer for and attempts to eliminate any viruses that it finds.
Antivirus software is the antithesis of a virus, functioning in a manner analogous to that of a friend helping a foe.
Antivirus software is your ally in this scenario, while viruses are your adversary. A virus is your adversary because it can do anything that you don't want done to your computer system, such as stealing your important files and information, deleting your files and information, changing the configuration of your system, and so on. Antivirus software, on the other hand, cannot cause harm to your computer system and is therefore your ally.
When a computer is scanned with an antivirus program, it looks for and eliminates any viruses that may be present within the system.
As soon as an antivirus program has been installed on a computer system, the very first thing that it does is scan each and every executable file that is present on the disc of that computer system, looking for any of the viruses that are contained in the database of known viruses that is contained within that antivirus program.
In the event that a virus is discovered, the antivirus program will allow you to remove it.
How to Avoid from Viruses ?
It is imperative that you refrain from engaging in certain undesirable behaviours that could be detrimental to your computer system if you wish to shield it from adverse effects.
The following are the top four virus infection prevention tips:
- Select an operating system (OS) that provides a high level of security by having a solid kernel-user mode boundary, separate login passwords for each and every user, and a separate password for the administrator of the system. Choose an OS that offers these features.
- Only install computer software that has been securely packaged and purchased from a reputable and legitimate computer software manufacturer.
- Do not open any email attachments that you did not ask for or that you are unsure of.
- Use the pre-installed security software, such as "Windows Defender" and "Windows Firewall," if we're talking about a Windows-based operating system. Use this software as effectively as possible to protect your system from attackers.
If you use your computer system in accordance with the aforementioned directions each and every time, you will significantly reduce the likelihood that any malicious software will infect your device.
It is now possible for viruses to infect your computer system if you use a USB drive, such as a memory card, a flash drive, or a pen drive. Before engaging in any activities or exchanging information from your computer with the connected devices, you should first ensure that your computer is protected by an antivirus program and then scan each and every device that connects to it.
On November 2, 1988, a computer programmer named Robert Tappan Morris released a worm program into the Internet, resulting in the first large-scale Internet computer security violation.
Morris' action brought down thousands of computers in universities, government laboratories, and corporations around the world before they were tracked down and removed.
Morris discovered two bugs in Berkeley UNIX at the time that allowed unauthorized access to computer machines all over the Internet.
Morris worked alone and created a "worm," a self-replicating computer program that exploited these errors and replicated itself in seconds on every computer it could gain access to. He spent days working on the worm program just to hide its tracking.
« Previous Topic Next Topic »
Follow/Like Us on Facebook
Subscribe Us on YouTube