This lecture consisted of two parts: the first of which was a presentation by Evander Jo on code obscurity; the latter half of the lecture was a lecture from Dr. Gunes on operating systems security.
In Jo's presentation, the idea (and issue) of security through obscurity was presented. Essentially, obscurity is similar to stenography but different in that does not necessarily aim to hide information within a message, but rather it aims to confuse the interpretation of a message. A highly used tactic from exploit developers is to obfuscate their code upon completion of an exploit for some arbitrary vulnerability. This will defer the analysis of their code (from security professionals) and therefore allow exploit developers breathing room with respect to the discovery and analysis time of their code. However, when trying to apply security through obscurity, the issue comes from the test of time. It is not desirable to place trust on a system's security when it is based off of obfuscation—because it is only a matter of time until someone correctly interprets the obfuscated code.
In the presentation on operating systems security, Dr. Gunes first provided a brief history and discussion on operating systems. Next, it was outline of what an operating system is exactly trying to protect. Such resources included memory and address protection in that different users should be able to access the same system without compromise or intervention from other users within that system. With that, several protection techniques were discussed to allow for sharing of resources but at the same time separation of these same resources. One such technique was the inclusion of base and bound addresses in which users were supplied a base address and top-level address in memory that only they had access to. However, the issue here is with the efficiency of partitioning. That is, some users may require more space than other users. Later on, other present-day operating system techniques were discussed such as segmentation and paging. The lecture concluded with a brief overview of the Intel x86 architecture.
No comments:
Post a Comment