CS 492/592: Malware http://thefengs.com/wuchang/courses/cs492.

Slides:

Advertisements

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Advertisements

Thank you to IT Training at Indiana University Computer Malware.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Computer Viruses.

Threats To A Computer Network

CS Nathan Digangi.  Secret, undocumented routine embedded within a useful program  Execution of the program results in execution of secret code.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Chapter Nine Maintaining a Computer Part III: Malware.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Issues Raised by ICT.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Security for Seniors SeniorNet Help Desk

Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.

Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

Unit 2 - Hardware Computer Security.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

COMP 2903 A27 – Why Spyware Poses Multiple Threats to Security Danny Silver JSOCS, Acadia University.

Viruses & Destructive Programs

ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.

Lecture 2 Title: Computer Software By: Mr Hashem Alaidaros MIS 101.

Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.

Here is a list of viruses Adware- or advertising-supported software-, is any software package which automatically plays, displays, or downloads advertisements.

Types of Electronic Infection

Return to the PC Security web page Lesson 5: Dealing with Malware.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

CS 510 : Malicious Code and Forensics. About the course Syllabus at

CS 492/592: Malware. Motivation Q: How can I tell if the software I'm running is malicious?

Malicious Software.

Computer Skills and Applications Computer Security.

BACKDOORS By: Himie Freeman, Joey Adkins, Kennedy Williams, and Erin Bethke.

By : Rishika,Autumn and Melissa Computer and other malware tch?y=c34QwtY40g.

Understand Malware LESSON Security Fundamentals.

Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.

Be Safe Online. Agree, Disagree, Maybe if…  Worksheet Activity  Discussion.

Cybersecurity Test Review Introduction to Digital Technology.

Malware Fighting Spyware, Viruses, and Malware Ch 1 -3.

Any criminal action perpetrated primarily through the use of a computer.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Information Systems Design and Development Security Risks Computing Science.

Internet Safety Topic 2 Malware Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other dangerous software exists, such.

DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.

MUHAMMAD GHAZI AIMAN BIN MOHD AIDI. DEFINITION  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly.

CIW Lesson 8 Part B. Malicious Software application that installs hidden services on systems term for software whose specific intent is to harm computer.

Viruses A computer program that can replicate itself and is spread from one computer to another Can be spread by networks, the internet, or removable mediums.

Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.

Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.

SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.

Travis DeBona COSC  What is Malicious Code  Types of Malicious Code  Who’s Behind It  How To Secure My Computer.

Trend Micro Support for Installing the Latest Version Security 2016.

CS 495 Lecture 1: Introduction to Software Reverse Engineering

Botnets A collection of compromised machines

Mark Ryan Professor of Computer Security 25 November 2009

Joseph J. Malone Security for Seniors Joseph J. Malone

What they are and how to protect against them

Lab assignments Follow each lab walkthrough in textbook

An Introduction to Phishing and Viruses

MALWARE Autumn Mattis.

3.6 Fundamentals of cyber security

Various Types of Malware

Botnets A collection of compromised machines

NET 311 Information Security

Computer Applications Unit B

CS 492/592: Malware (Reverse Engineering)

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

HOW DO I KEEP MY COMPUTER SAFE?

Presentation transcript:

CS 492/592: Malware http://thefengs.com/wuchang/courses/cs492

Syllabus

Motivation How can I tell what the software I'm running is doing? A useful skill to have

Example #1: FBI Playpen 8/2014

Example #2: Stuxnet

Example #3: Shellshock

What is malware? Set of instructions that run on your computer and make your system do something that an attacker wants it to do

Why is it so prevalent? Unprecedented connectivity Vulnerable users Homogenous software and hardware Focus on time to market Mature malicious software industry Data and instruction mixing (see next)

Data vs. code Data is information that your CPU acts on Code tells your CPU to take action (danger!)‏ To a computer, what’s the difference between code and data? …. Not much * Data & code are intermixed these days ELF, .exe, .html, .doc …. Adds flexibility (.doc), features (.html), and efficiency (.js)

Types of malware Viruses and worms Botnets Backdoors Self-replicating code that infects other systems manually or automatically Botnets Software that puts your computer under the remote control of an adversary to send spam or attack other systems Backdoors Code that bypasses normal security controls to provide continued, unauthorized access to an adversary Trojans, launchers Code that appears legitimate, but performs an unauthorized action

Types of malware Rootkits Information theft Ransomware Tools to hide the presence of an adversary Information theft Collects credentials (e.g. keystroke loggers) Steal files (credit card data exfiltration) Gather information on you, your habits, web sites you visit (e.g. spyware) Monitor activity (webcams) Ransomware Code that renders your computer or data inaccessable until payment received

Types of malware Resource or identity theft Scareware Adware Store illicit files (copyrighted material) Stepping stone to launder activity (frame you for a crime)‏ Scareware Code that tricks users into buying products they do not need Adware Code that tricks users into clicking illegitimate advertisements Drive-by downloads Code automatically downloaded via the web

This course Learn tools and techniques to analyze what malicious software does

Ethics Explore only on your own systems or places you have permission to Do not break or break into other people's machines

But first… Course assumes an understanding of how software executes on a system Pre-requisites for the course Mastery of topics in CS 201 and CS 333 If you can not pass this exam, you will not be able to continue

Entrance exam Short test to ensure you have what you need to succeed in the course If you can not pass this exam, I will contact you with a recommendation that you find an alternate course Open slots in course will be offered to those on the waitlist who are best prepared for the course (based on exam results) 20 minutes

VM for course See handout Vanilla Windows XP VM image located on MCECS file server /stash/cs492/492_WinXP_x86.ova All software from book installed Contact support@cat.pdx.edu if you are not in the “vagrant” group

Installed software on your VM Install WinXP 32-bit instance with VirtualBox Guest Additions CD Install cygwin with sharutils, binutils, zip/unzip, and nc Install WinRAR or cygwin p7zip Install Sysinternals tools (Process Explorer, Process Monitor) (technet.microsoft.com) Install PEView (wjradburn.com) Install Resource Hacker (angusj.com) Install Dependency Walker (dependencywalker.com) Install IDA Pro 5.0 Freeware (hex-rays.com) Install Wireshark (wireshark.org) Install Apate DNS (mandiant.com) Install OllyDbg 1.10 (ollydbg.de) and its Phant0m plug-in (woodmann.com) Install WinHex (winhex.com) Install PEiD (softpedia.com) <= CAUTION, it is a zip file not an installer Install UPX (upx.sourceforge.net) Install Regshot (code.google.com/p/regshot/) Install labs from textbook (practicalmalwareanalysis.com) Encrypted zipfile (password: malware) Will set off Windows defender alarms Make two copies, a working one and a read-only one