What is OS Security?

The term operating system (OS) security refers to practices and measures that can
ensure the confidentiality, integrity, and availability (CIA) of operating systems.

The goal of OS security is to protect the OS from various threats, including

malicious software such as worms, trojans and other viruses, misconfigurations,
and remote intrusions.

OS security typically involves the implementation of control techniques that can

protect your assets from unauthorized modification and deletion or theft.

The most common techniques used to protect operating systems include the use of
antivirus software and other endpoint protection measures, regular OS patch
updates, a firewall for monitoring network traffic, and enforcement of secure
access through least privileges and user controls.

What are Common OS Security Threats?

Here are a few of the most common threat vectors that can affect an operating
system.

Malware
Malware is short for malicious software, which encompasses a range of attack
vectors such as viruses, worms, trojans, and rootkits. Malware is injected into a
system without the owner’s consent, or by masquerading as legitimate software,
with the objective of stealing, destroying or corrupting data, or compromising the
device.Malware can also replicate, allowing it to spread further in a corporate
network and beyond.

Denial of Service Attacks

A Denial of Service (DoS) attack is intended to clog a system with fake requests so
it becomes overloaded, and eventually stops serving legitimate requests. Some
DoS attacks, in addition to overwhelming a system’s resources, can cause damage
to the underlying infrastructure.

Modern DoS attacks are waged by a distributed network of thousands or millions

of bots (automated agents)—this is known as distributed denial of service (DDoS),
and can be extremely difficult to mitigate due to its huge scale.

Network Intrusion
Network intrusion occurs when an individual gains access to a system for improper
use. There are several types of network intrusion depending on the type of intruder:

 Careless insiders—authorized users who neglect to follow security policies or best

practices, causing exposure of sensitive assets.
 Malicious insiders—authorized users who misuse their privileges for malicious
indigence.
 Masqueraders—external individuals who pose as legitimate users, exploiting the
account or credentials of an authorized user to gain access to the system.
 Clandestine users—attackers who penetrate the system by gaining supervisory
control and going around access control.
Buffer Overflow
The main function of a buffer is to temporarily store data. Each buffer has a
capacity of data it can hold. During a buffer overflow attack, the buffer or other
temporary data stores are overflowing with data. When the buffer overflows, the
program attempting to write the data may overwrite other memory locations
containing important information.

Threat actors look for buffer overflow vulnerabilities, which they can exploit to
inject scripts that help them hijack the system or crash it.

How Can You Ensure Operating System Security?

Here are a few ways you can improve operating system security in your
organization.

Authentication Measures
Authentication involves matching an identified user with the programs or data they
are allowed to access. All operating systems have controls that can be used to
verify that users who run a particular program are authorized to do so.

You can use the following techniques to authenticate users at the operating system
level:


o Security keys: keys are provided by a key generator, usually in the form of a
physical dongle. The user must insert the key into a slot in the machine to log in.
o Username-password combinations: The user enters a username that is registered
with the OS, along with a matching password.
o Biometric signatures: The user scans a physical attribute, such as a fingerprint or
retina, to identify themselves.

 Multi-factor authentication: Modern authentication systems use multiple methods

to identify a user, combining something the user knows (credentials), something
they own (such as a mobile device), and/or a physical characteristic (biometrics).
Using One-Time Passwords
One-time passwords offer an additional layer of security when combined with
standard authentication measures. Users must enter a unique password generated
each time they log in to the system. A one-time password cannot be reused.
 Examples of one-time passwords include:

 Network passwords: An application sends a one-time password to the users via a

registered email address or mobile phone number. The user must enter this
password to log in to the computer.
 Random numbers: The user receives a card with listing numbers that correspond to
matching letters. The OS requires the user to enter the numbers that match a set of
randomly generated letters.
 Secret keys: The user receives a device that generates secret keys. The user then
enters the secret key into the OS system, which identifies the user credentials
associated with the key.