CRYPTOVIROLOGY by Ramu Muthuraman Cpsc 620. Overview  Introduction  Justification of Cryptovirology?  Key Terms  Cryptoviral Extortion Attack  Gpcode.ag.

Slides:



Advertisements
Similar presentations
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Advertisements

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Computer and Network Security. Introduction Internet security –Consumers entering highly confidential information –Number of security attacks increasing.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Business Data Communications, Fourth Edition Chapter 10: Network Security.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
03 December 2003 Public Key Infrastructure and Authentication Mark Norman DCOCE Oxford University Computing Services.
University of Calgary – CPSC 441.  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against.
Lecture 4 Cryptographic Tools (cont) modified from slides of Lawrie Brown.
 2001 Prentice Hall, Inc. All rights reserved. Chapter 7 – Computer and Network Security Outline 7.1Introduction 7.2Ancient Ciphers to Modern Cryptosystems.
Software. stands for electronic mail. software enables you to send an electronic message to another person anywhere in the world. The message.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
Chapter 8 Information Security 1.
Video Following is a video of what can happen if you don’t update your security settings! security.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
OCR Nationals – Unit 1 AO2 (Part 2) – s. Overview of AO2 (Part 2) To select and use tools and facilities to download files/information and to send.
BUSINESS B1 Information Security.
Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 
By Mohammed kiche. Viruses A computer virus is a malware program that when executed replicates by inserting copies of itself modified into other computer.
Computer Security coursework 2 Dr Alexei Vernitski.
Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.
Chapter 13 Understanding E-Security. 2 OBJECTIVES What are security concerns (examples)? What are two types of threats (client/server) Virus – Computer.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Chapter 17 Security. Information Systems Cryptography Key Exchange Protocols Password Combinatorics Other Security Issues 12-2.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Types of Electronic Infection
Trojan Virus By Forbes and Mark. What is a Trojan virus Trojans are malicious programs that perform actions that have not been authorised by the user.
Network Security Management Dr. Robert Chi Chair and Professor, IS department Chief editor, Journal of Electronic Commerce Research.
 Focus on various part of the operating system can achieve the security and protection according to the organization’s requirement.  External and internal.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Software Security Seminar - 1 Chapter 10. Using Algorithms 조미성 Applied Cryptography.
Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.
CPSC 441 TUTORIAL – APRIL 4, 2012 TA: MARYAM ELAHI NETWORK SECURITY.
Invitation to Computer Science 5 th Edition Chapter 8 Information Security.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
Computer threats, Attacks and Assets upasana pandit T.E comp.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
Candidates should be able to:  describe the purpose and use of common utility programs for:  computer security (antivirus, spyware protection and firewalls)
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
MUHAMMAD GHAZI AIMAN BIN MOHD AIDI. DEFINITION  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly.
Week-14 (Lecture-1) Malicious software and antivirus: 1. Malware A user can be tricked or forced into downloading malware comes in many forms, Ex. viruses,
Information Systems Design and Development Security Precautions Computing Science.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.
Computer Security By Rubel Biswas. Introduction History Terms & Definitions Symmetric and Asymmetric Attacks on Cryptosystems Outline.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
ENCRYPTION, SSL, CERTIFICATES RACHEL AKISADA & MELANIE KINGSLEY.
Unit 3 Section 6.4: Internet Security
Security Issues in Information Technology
Chapter 40 Internet Security.
Computer Security Revision Week
Ransomware By Jeremy Risinger.
Various Types of Malware
Visit for more Learning Resources
Encryption, Cryptography, and Steganography:
Chapter # 3 COMPUTER AND INTERNET CRIME
Presentation transcript:

CRYPTOVIROLOGY by Ramu Muthuraman Cpsc 620

Overview  Introduction  Justification of Cryptovirology?  Key Terms  Cryptoviral Extortion Attack  Gpcode.ag “ransom” Trojan  Denial Password Snatching  Conclusions  References

Introduction  Cryptovirology is the study of application of cryptography to design malicious software.  It is an area that employs public key cryptography to mount attacks on computer systems, showing that cryptography has also "negative" usage.  The combination of virus science and cryptography created Cryptovirology

Justification of Cryptovirology?  It takes a thief to catch a thief.  It is a pro rata anticipation of what people will do when they get inside a computer and not about how to get inside a computer.  It helps in making the system more secure.

Key terms  Cryptovirus It is defined as a computer virus that contains and uses a public key.  Polymorphic virus A virus that contains and uses a symmetric key for the purposes of encrypting and decrypting its own code.

Cryptoviral Extortion  It is a denial of resource attack. It is a three-round protocol that is carried by an attacker against a victim.  The virus encrypts host data with this random symmetric key The virus then encrypts the resulting string using the public key of the virus author (e.g., using RSA-OAEP). The encrypted plaintext is then held ransom. The virus notifies the victim that the attack has occurred

Contd..  If the victim complies by paying the ransom and transmitting the asymmetric cipher text to the virus author then the virus author decrypts the cipher text using the private key. This reveals the symmetric key a that was used in the attack  The virus author sends the symmetric key to the victim. These are then used to decrypt the data that was held ransom.

Gpcode.ag “ransom” Trojan  Gpcode.ag spread initially through spam as containing an attachment.  It encrypted about 80 types of files and then it deletes itself to prevent it from getting detected.  Users would be asked an ransom demand when they tried to open a file and it tokes a lot of computation time to find out the private key by brute force.

Denial Password Snatching  An attacker writes a Trojan that snatches password and puts the Trojan into a virus. The payload of a virus then installs the Trojan.  The Crypto Trojan uses the public key to encrypt the login password pairs and stores it in a hidden password file with a data format of a circular linked list. It always overwrites the asymmetric cipher text, so that the size of password file is always same.

Cont..  Every time some one puts a Flash drive, the Trojan unconditionally writes the encrypted password file to the last few sectors and marks them as unused  Only that particular person who wrote the Trojan will be able to extract the sectors and decrypt the password file.

Conclusions  Cryptography has traditionally been used for defensive purpose but Cryptovirology uses cryptography for attacking rather than defending.  Cryptovirology is a proactive anticipation of the opponent's next move and suggests that certain safeguards should be developed and put into place.

Reference    Malicious Cryptography Exposing Cryptovirology by Dr. Adam Young, Dr. Moti Yung

Questions  Any Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.