Chapter 9 Security 9.7 - 9.8 Malware Defenses. Malware Can be used for a form of blackmail. Example: Encrypts files on victim disk, then displays message.

Slides:



Advertisements
Similar presentations
Thank you to IT Training at Indiana University Computer Malware.
Advertisements

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
Students: Jacek Czeszewski and Marcos Verdini Rosa Professor: José Manuel Magalhães Cruz.
3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.
1 Security Chapter The security environment 9.2 Basics of cryptography 9.3 User authentication 9.4 Attacks from inside the system 9.5 Attacks from.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Buffer Overflow Attacks Figure (a) Situation when the main program is running. (b) After the procedure A has been called. (c) Buffer overflow shown.
Chapter 5 System Software.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Chapter Nine Maintaining a Computer Part III: Malware.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Tanenbaum 8.3 See references
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Week 5 IBS 520 Computer and Online Security. Cybercrime Online or Internet- based illegal acts What is a computer security risk? Computer crime Any illegal.
With Microsoft Windows 7© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Windows 7.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
By, Anish Shanmugasundaram Yashwanth Sainath Jammi.
Hands-On Microsoft Windows Server 2008
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Protecting Your Computer & Your Information
1 Spyware, Adware, and Browser Hijacking. ECE Agenda What is Spyware? What is Adware? What is Browser Hijacking? Security concerns and risks Prevention,
Introducing, Installing, and Upgrading Windows 7 Lesson 7.
DBS Form 6 As Computer Applications Project Spy ware By L6D Wong Chiu Hung.
Virus and Antivirus Team members: - Muzaffar Malik - Kiran Karki.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
CHAPTER 7: PRIVACY, CRIME, AND SECURITY. Privacy in Cyberspace  Privacy: an individual’s ability to restrict or eliminate the collection, use and sale.
Administrative: Objective: –Tutorial on Risks –Phoenix recovery Outline for today.
Security. cs431-cotter2 Figure 9-1. Security goals and threats. Threats Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Security Malware and Defenses Tanenbaum & Bo, Modern Operating Systems:4th ed., (c) 2013 Prentice-Hall, Inc. All rights reserved.
For any query mail to or BITS Pilani Lecture # 1.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.
Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
CONTENTS What is Virus ? Types of computer viruses.
 Stealth viruses Use certain techniques to avoid detection.  Macro Viruses Infects the macros within a document or template.  Polymorphic viruses Encrypt.
Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.
CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
W elcome to our Presentation. Presentation Topic Virus.
Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
Lecture 5 Rootkits Hoglund/Butler (Chapters 1-3).
Candidates should be able to:  describe the purpose and use of common utility programs for:  computer security (antivirus, spyware protection and firewalls)
Malware Fighting Spyware, Viruses, and Malware Ch 1 -3.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Adware and Browser Hijacker – Symptoms and Preventions /killmalware /u/2/b/ /alexwaston14/viru s-removal/ /channel/UC90JNmv0 nAvomcLim5bUmnA.
CS703 - Advanced Operating Systems By Mr. Farhan Zaidi.
Computer Security Keeping you and your computer safe in the digital world.
Chapter 9 Security 9.1 The security environment
Managing Windows Security
MODERN OPERATING SYSTEMS Third Edition ANDREW S
Chap 10 Malicious Software.
CHAPTER 2: OPERATING SYSTEMS (Part 2) COMPUTER SKILLS.
Chap 10 Malicious Software.
Malicious Program and Protection
Presentation transcript:

Chapter 9 Security Malware Defenses

Malware Can be used for a form of blackmail. Example: Encrypts files on victim disk, then displays message … Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved Greetings from General Encryption To purchase a decryption key for your hard disk, please send $100 in small unmarked bills to Box 2154, Panama City, Panama. Thank you. We appreciate your business.

Types of Viruses Companion virus Executable program virus Parasitic virus Memory-resident virus Boot sector virus Device driver virus Macro virus Source code virus Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure A recursive procedure that finds executable files on a UNIX system. Executable Program Viruses (1) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure A recursive procedure that finds executable files on a UNIX system. Executable Program Viruses (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) An executable program. (b) With a virus at the front. (c) With a virus at the end. (d) With a virus spread over free space within the program. Parasitic Viruses Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) After the virus has captured all the interrupt and trap vectors. (b) After the operating system has retaken the printer interrupt vector. (c) After the virus has noticed the loss of the printer interrupt vector and recaptured it. Boot Sector Viruses Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Spyware (1) Description: Surreptitiously loaded onto a PC without the owner’s knowledge Runs in the background doing things behind the owner’s back Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Spyware (2) Characteristics: Hides, victim cannot easily find Collects data about the user Communicates the collected information back to its distant master Tries to survive determined attempts to remove it Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

How Spyware Spreads Possible ways: Same as malware, Trojan horse Drive-by download, visit an infected web site Web pages tries to run an.exe file Unsuspecting user installs an infected toolbar Malicious activeX controls get installed Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Actions Taken by Spyware Change the browser’s home page. Modify the browser’s list of favorite (bookmarked) pages. Add new toolbars to the browser. Change the user’s default media player. Change the user’s default search engine. Add new icons to the Windows desktop. Replace banner ads on Web pages with those the spyware picks. Put ads in the standard Windows dialog boxes Generate a continuous and unstoppable stream of pop-up ads. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Types of Rootkits (1) Firmware rootkits Hypervisor rootkits Kernel rootkits Library rootkits Application rootkits Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure Five places a rootkit can hide. Types of Rootkits (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure A simplified view of a hardware firewall protecting a LAN with three computers. Firewalls Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) A program. (b) An infected program. (c) A compressed infected program. (d) An encrypted virus. (e) A compressed virus with encrypted compression code. Virus Scanners (1) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure Examples of a polymorphic virus. Virus Scanners (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Antivirus and Anti-Antivirus Techniques Virus scanners Integrity checkers Behavioral checkers Virus avoidance Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure How code signing works. Code Signing Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure The operation of a jail. Jailing Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) A program. (b) System call graph for (a). Model-Based Intrusion Detection Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure (a) Memory divided into 16-MB sandboxes. (b) One way of checking an instruction for validity. Sandboxing Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure Applets can be interpreted by a Web browser. Interpretation Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Java Security (1) JVM byte code verifier checks if the applet obeys certain rules: Does the applet attempt to forge pointers? Does it violate access restrictions on private-class members? Does it try to use a variable of one type as another type? Does it generate stack overflows? underflows? Does it illegally convert variables of one type to another? Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Figure Some examples of protection that can be specified with JDK 1.2. Java Security (2) Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.