Trap Doors & Logic Bombs William Dotson. Overview Malware Taxonomy Definitions Historical Overview Protection Methods Ethical Issues.

Slides:

Advertisements

Similar presentations

BACK DOORS BY TONY CANO & BEN SCHUETTER BACK DOORS HOME History Harm/Prevention Benefits/illegal use Self Assessment Work Cited.

Advertisements

Computing Issues that Affect Us All lesson 30. This lesson includes the following sections: Computer Crime Computer Viruses Theft Computers and the Environment.

Test process essentials Riitta Viitamäki,

UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.

Lecturer: Fadwa Tlaelan

1 Anti Virus vs virus System i-Specific Anti-Virus Product Ali ameen al said.

Unit 18 Data Security 1.

James Tam Computer Security Concepts covered Malicious computer programs Malicious computer use Security measures.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

BACKDOORS in Software Seminar on Software University of Turku January 2008 Eino Malinen.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Definitions  Virus A small piece of software that attaches itself to a program on the computer. It can cause serious damage to your computer.  Worm.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

UNIT 4 ASSIGNMENT VIRUSES & DESTRUCTIVE PROGRAMS.

Logic Bombs Douglas Smith David Palmisano. What is a Logic Bomb?  A logic bomb is a piece of code intentionally inserted into a software system that.

Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.

IT security By Tilly Gerlack.

 a crime committed on a computer network, esp. the Internet.

CIS 450 – Network Security Chapter 16 – Covering the Tracks.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

Computer security means protecting our computer system and the information they contain against unwanted access, damage, destruction or modification. Security.

INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.

Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.

Year 9 Autumn Assessment Computer system/Information security-Planning, Communicating, Information. By Louis Smith-Lassey 9k 9Y1.

29.1 Lecture 29 Security I Based on the Silberschatz & Galvin’s slides And Stallings’ slides.

Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.

Name: Perpetual Ifeanyi Onyia Topic: Virus, Worms, & Trojan Horses.

For any query mail to or BITS Pilani Lecture # 1.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

What security is about in general? Security is about protection of assets –D. Gollmann, Computer Security, Wiley Prevention –take measures that prevent.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Security CS Introduction to Operating Systems.

James McQuillen. Data protection Act 1998 The main aim of it is to protect people's fundamental rights and freedom to a particular right to privacy of.

BY FIOLA CARVALHO TE COMP. CONTENTS  Malicious Software-Definition  Malicious Programs Backdoor Logic Bomb Trojan Horse Mobile Code Multiple-Threat.

Computer Ethics. Computer Virus  A Virus is a computer program written to alter the way a computer operates, without the permission or knowledge of the.

Malicious Software.

BACKDOORS By: Himie Freeman, Joey Adkins, Kennedy Williams, and Erin Bethke.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.

Understand Malware LESSON Security Fundamentals.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.

Overview of Database Security Introduction Security Problems Security Controls Designing Database Security.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.

DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.

COMPUTER VIRUSES Computer Technology. What is a Computer Virus? A kind of A kind of Malicious software written intentionallyMalicious software written.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Computer Viruses Author: Alyse Allen.

Security Issues in Information Technology

Securing Network Servers

Operating Systems Services provided on internet

COMPUTER VIRUSES Computer Technology.

NET 311 Information Security

Computer Applications Unit B

WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.

12: Security The Security Problem Authentication Program Threats

Computer security Computer security means protecting our computer system and the information they contain againts unwanted access, damage,destruction or.

Chap 10 Malicious Software.

UNIT 18 Data Security 1.

CHAPTER 2: OPERATING SYSTEMS (Part 2) COMPUTER SKILLS.

Viruses and Virus Protection

Chap 10 Malicious Software.

Operating System Concepts

Presentation transcript:

Trap Doors & Logic Bombs William Dotson

Overview Malware Taxonomy Definitions Historical Overview Protection Methods Ethical Issues

Malware Taxonomy Trapdoor Trojan Horse Logic Bomb VirusWormBacteria No Host Needs Host Malware

Trap doors Method of bypassing normal authentication methods Remains hidden to casual inspection Can be a new program to be installed Can modify an existing program Also known as Back Doors

Logic Bombs Piece of code that executes itself when pre- defined conditions are met Logic Bombs that execute on certain days are known as Time Bombs Code performs some payload not expected by the user. Shareware that deactivates itself are not logic bombs.

Backdoor History Made famous in the movie War games 2003, an attempt was made to create a backdoor in the Linux Kernel Early versions of the Sobig Virus in 2003 installed backdoors to send its spam. MyDoom virus in early 2004 created a backdoor on port 3127 to send spam

Backdoor History No one really knows often backdoors are inserted into software Some people speculate it is a prevalent practice in the industry Most backdoors are obvious and clumsy

Backdoor History The attempted Linux backdoor is more sophisticated if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) retval = -EINVAL; Under casual inspection looks like it is just checking two flags, but actually setting the UID to root Required good knowledge of Linux Kernel Only caught because the part of code this line is contained in was modified manually rather than automatically as the section it was in was. Caught during a file integrity check near release

Logic Bomb History Some of the very first viruses had logic bombs Friday the 13 th Virus duplicated itself every Friday of the month and on the 13 th causing slowdown on networks Michelangelo Virus, one of the first viruses to get news coverage, execute itself on March 6 th and tried to damage hard-disks

Logic Bomb History 1985 a programmer at a insurance firm in Texas wrote a logic bomb that modified a data retrieval function to rewrite part of main memory, rename itself, relocate itself, then power down the computer a programmer at General Dynamics was fined $5,000 Dollars that he was going to come back later and charge to remove.

Logic Bomb History Win32.Kriz.3862 virus in 1999 executed itself on Christmas Day and causes serious damage by overwriting massive amounts of data on the hard disk and rewriting the BIOS In 2000, a Deutsche Morgan Grenfell a securities trader who had initially been hired as a programmer was charged with inserting a logic bomb.

Protection Difficult to prevent truly determined hackers Requires thorough commitment to quality assurance, strict separation of programming duties, and strict security practices after deployment.

Protection Continued Segregate operations from programming and testing Have a carefully controlled process from for moving code into production Give only operations staff write-access to production code Lock down production code so that is as close to impossible for unauthorized people to modify programs Assign responsibility for specific production programs to named positions in operations Maintain a list of authorized programmers for authorized quality assurance officer before accepting changes to production Keep records of exactly which modifications were installed when and at whose request Keep audit trails running at all times and have them include a checksum not only be based on the record but the record that comes before it.

Protection Continued Some of these seem more obvious than others Not all of these practices are used Many companies are not willing or are not able to commit the resources needed for quality assurance and extensive security measures.

Hacking in Media Hackers are often glorified by the press and in the media Hackers that get caught are often young and written off as misguided youth Anti-Hacking Laws have been enacted that dramatically increase the penalties for anyone caught

Ethical Questions Should software producers be allowed to include Logic Bombs to ensure final payment? According to the government…no. But how many do? Probably a lot.

Legitimate Logic Bombs Software openly time-limited Problems arise if company stops supporting this product Problems arise if a company goes out of business

Summary Trap Doors can provide access to a system for unauthorized procedures Logic Bombs execute malicious code at certain time Total Security is difficult How unethical are these practices, should they ever be legal?

Resources Protecting against program threats Conway, Richard. 2 Code hacking : a developer's guide to network security A guide to protecting your computer systems from hackers. Logic Bombs. Thwarted Linux backdoor hints at smarter hackers. Backdoor – Wikipedia, the Free Encyclopedia.