Viruses and Other Malicious Content

Slides:



Advertisements
Similar presentations
Computer Security Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Chapters 14 and 15 Operating Systems: Internals and Design Principles,
Advertisements

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
Lecture 13 Malicious Software modified from slides of Lawrie Brown.
Cryptography and Network Security Chapter 19 Fourth Edition by William Stallings.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
NS-H /11041 Malicious Software. NS-H /11042 Why bother to secure data? Information has value, it can affect our lives and our livelihood Information.
Chapter 14 Computer Security Threats
Cryptography and Network Security Malicious Software Third Edition by William Stallings Lecturer: Dr. Saleem Alzoubi.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Malicious Software programs exploiting system vulnerabilities known as malicious software or malware program fragments that need a host program e.g. viruses,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Intruders significant issue for networked systems is hostile or unwanted access either via network or local can identify classes of intruders: –masquerader.
Cryptography and Network Security Chapter 21
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 7 – Malicious Software.
Malicious Software Malicious Software Han Zhang & Ruochen Sun.
1 Ola Flygt Växjö University, Sweden Malicious Software.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Data Security and Encryption (CSE348) 1. Lecture # 27 2.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
1 Chapter 19: Malicious Software Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal, U of Kentucky)
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
CSCE 522 Lecture 12 Program Security Malicious Code.
Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.
Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.
Administrative: Objective: –Tutorial on Risks –Phoenix recovery Outline for today.
Chapter 11 Malicious Software
Viruses and Related Threats. 2 Summary  have considered:  various malicious programs  trapdoor, logic bomb, trojan horse, zombie  viruses  worms.
Fourth Edition by William Stallings Adapted form lecture slides by Lawrie Brown.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Name: Perpetual Ifeanyi Onyia Topic: Virus, Worms, & Trojan Horses.
BY FIOLA CARVALHO TE COMP. CONTENTS  Malicious Software-Definition  Malicious Programs Backdoor Logic Bomb Trojan Horse Mobile Code Multiple-Threat.
Viruses a piece of self-replicating code attached to some other code – cf biological virus both propagates itself & carries a payload – carries code to.
Malicious Software.
Chapter 19 – Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature: Awaiting the blow. —On War,
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
Cryptography and Network Security Chapter 19 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
MALICIOUS SOFTWARE Rishu sihotra TE Computer
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.
Virus Infections By: Lindsay Bowser. Introduction b What is a “virus”? b Brief history of viruses b Different types of infections b How they spread b.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Prof. Wenguo Wang Network Information Security Prof. Wenguo Wang Tel College of Computer Science QUFU NORMAL UNIVERSITY.
Detected by, M.Nitin kumar ( ) Sagar kumar sahu ( )
Britanny polca Objectives: * Identify what Malicious code is * Know the categories of Malicious code * Introduce you to the parts of Malicious software.
Company LOGO Malicious SW By Dr. Shadi Masadeh 1.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
MALWARE.
Malicious Software.
Cryptography and Network Security Chapter 19
Cryptography and Network Security
Computer Technology Notes 5
NET 311 Information Security
WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.
MALICIOUS SOFTWARE A.Sivaramakrishnan, AP
Computer Viruses.
Chap 10 Malicious Software.
Chap 10 Malicious Software.
Malicious Program and Protection
Presentation transcript:

Viruses and Other Malicious Content computer viruses have got a lot of publicity one of a family of malicious software effects usually obvious have figured in news reports, fiction, movies (often exaggerated) getting more attention than deserve are a concern though

Malicious Software Stallings Fig 19-1. Taxonomy can be divided into two categories: those that need a host program, and those that are independent; can also differentiate between those software threats that do not replicate and those that do.

Trapdoors secret entry point into a program allows those who know access bypassing usual security procedures have been commonly used by developers a threat when left in production programs allowing exploited by attackers very hard to block in O/S requires good s/w development & update

Logic Bomb one of oldest types of malicious software code embedded in legitimate program activated when specified conditions met eg presence/absence of some file particular date/time particular user when triggered typically damage system modify/delete files/disks

Trojan Horse program with hidden side-effects which is usually superficially attractive eg game, s/w upgrade etc when run performs some additional tasks allows attacker to indirectly gain access they do not have directly often used to propagate a virus/worm or install a backdoor or simply to destroy data

Zombie program which secretly takes over another networked computer then uses it to indirectly launch attacks often used to launch distributed denial of service (DDoS) attacks exploits known flaws in network systems

Viruses a piece of self-replicating code attached to some other code cf biological virus both propagates itself & carries a payload carries code to make copies of itself as well as code to perform some covert task

Virus Operation virus phases: details usually machine/OS specific dormant – waiting on trigger event propagation – replicating to programs/disks triggering – by event to execute payload execution – of payload details usually machine/OS specific exploiting features/weaknesses

Virus Structure program V := {goto main; 1234567; subroutine infect-executable := {loop: file := get-random-executable-file; if (first-line-of-file = 1234567) then goto loop else prepend V to file; } subroutine do-damage := {whatever damage is to be done} subroutine trigger-pulled := {return true if some condition holds} main: main-program := {infect-executable; if trigger-pulled then do-damage; goto next;} next: } Stallings Fig 19-2.

Types of Viruses can classify on basis of how they attack parasitic virus memory-resident virus boot sector virus stealth polymorphic virus macro virus

Macro Virus macro code attached to some data file interpreted by program using file eg Word/Excel macros esp. using auto command & command macros code is now platform independent is a major source of new viral infections blurs distinction between data and program files making task of detection much harder classic trade-off: "ease of use" vs "security"

Email Virus spread using email with attachment containing a macro virus cf Melissa triggered when user opens attachment or worse even when mail viewed by using scripting features in mail agent usually targeted at Microsoft Outlook mail agent & Word/Excel documents

Worms replicating but not infecting program typically spreads over a network cf Morris Internet Worm in 1988 led to creation of CERTs using users distributed privileges or by exploiting system vulnerabilities widely used by hackers to create zombie PC's, subsequently used for further attacks, esp DoS major issue is lack of security of permanently connected systems, esp PC's

Worm Operation worm phases like those of viruses: dormant propagation search for other systems to infect establish connection to target remote system replicate self onto remote system triggering execution

Morris Worm best known classic worm released by Robert Morris in 1988 targeted Unix systems using several propagation techniques simple password cracking of local pw file exploit bug in finger daemon exploit debug trapdoor in sendmail daemon if any attack succeeds then replicated self

Recent Worm Attacks new spate of attacks from mid-2001 Code Red exploited bug in MS IIS to penetrate & spread probes random IPs for systems running IIS had trigger time for denial-of-service attack 2nd wave infected 360000 servers in 14 hours Code Red 2 had backdoor installed to allow remote control Nimda used multiple infection mechanisms email, shares, web client, IIS, Code Red 2 backdoor

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.