Professional Documents
Culture Documents
System Security
Dr. E.Silambarasan
Assistant Professor
Department of CSE - Cyber Security
Indian Institute of Information Technology, Kottayam
Module 1
• Introduction- Background, Distributed Systems, Distributed Systems Security, Common Security
Issues and Technologies
• Host-Level Threats and Vulnerabilities- Background, Malware, Eavesdropping, Job Faults, Resource
Starvation, Privilege Escalation, Injection Attacks.
• Infrastructure-Level Threats and Vulnerabilities- Introduction, Network- Level Threats and
Vulnerabilities, Grid Computing Threats and Vulnerabilities, Storage Threats and Vulnerabilities,
Overview of Infrastructure Threats and Vulnerabilities.
Host-Level Threats and Vulnerabilities
• Vulnerabilities refer to design or operational weaknesses that allow a system to be potentially compromised
by an attacker.
• Vulnerabilities in pieces of trusted software installed on the host that could be exploited.
• A threat reflects the potential or likelihood of an attacker causing damage or compromising the system.
• The threats arise due to either mobile codes (both trusted and untrusted) that are downloaded and executed
Privilege Escalation:
• Privilege escalation is an issue related to an unauthorized user elevating their authorization level on
a host in order to perform tasks that they are not otherwise allowed to perform.
• In most cases, the elevated privilege desired by malicious users is that of root or the user equivalent
of root.
• By elevating privilege to that of root, a malicious user can take absolute control of the host.
• This can have severe impacts, including the host being part of distributed denial-of-service or other
similar attacks, which are difficult to trace.
Host-Level Threats and Vulnerabilities
Privilege Escalation:
• There are two possible types of privilege escalation, namely horizontal privilege escalation and vertical
privilege escalation.
• In the case of horizontal privilege escalation, a malicious user tries to assume the identity of a peer in
the system.
• The objective of the malicious user is not to take complete control of the machine, rather they are trying
to access another user’s private data or conceal their own identity and present themselves to others as
the compromised user.
• Vertical privilege escalation occurs when a malicious user assumes the identity of a system
administrator (root in Linux or Local System account in Windows).
• This allows the malicious user to access all information stored on the host and perform tasks that are
otherwise not permissible.
• Buffer overflows are often the easiest way to achieve privilege escalation.
• Hackers have exploited buffer overflows more than anything else to gain root privileges on a host, as is
apparent from the CERT vulnerability reports
Host-Level Threats and Vulnerabilities
Injection Attacks:
• Injection attacks are attempts by malicious hackers to exploit an application vulnerability that does not
handle user inputs securely.
• Injection attacks generally use an executable code/script to intrude into a host system.
• There are several ways to inject malicious code through user inputs.
• Shell/PHP Injection
• PHP/ASP injection commonly refers to such a code injection vulnerability on applications built over a
server-side scripting engine such as PHP or ASP.
• SQL Injection
• A malicious user uses an insecure application input field to inject a harmful query string or retrieve
unauthorized data.