Malware Fundamentals POLITEHNICA University of Bucharest 14 th of January 2015 Ionuţ – Daniel BARBU.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
By Hiranmayi Pai Neeraj Jain
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Unit 6 Digital Literacy Study S3 Obj 2-2
Computer Viruses.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Viruses & Destructive Programs
Chapter Nine Maintaining a Computer Part III: Malware.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.
Tyler’s Malware Jeopardy $100 VirusWormSpyware Trojan Horses Ransomware /Rootkits $200 $300 $400 $500 $400 $300 $200 $100 $500 $400 $300 $200 $100 $500.
Securing Windows 7 Lesson 10. Objectives Understand authentication and authorization Configure password policies Secure Windows 7 using the Action Center.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.
Viruses & Destructive Programs
Spyware, Viruses and Malware What the fuss is all about.
 a crime committed on a computer network, esp. the Internet.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
Computer Threats Cybercrimes are criminal acts conducted through the use of computers by cybercriminals. © 2009 Prentice-Hall, Inc. 1.
1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
1 Higher Computing Topic 8: Supporting Software Updated
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi.
Topic 5: Basic Security.
Malicious Software.
Computer Skills and Applications Computer Security.
Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
Understand Malware LESSON Security Fundamentals.
W elcome to our Presentation. Presentation Topic Virus.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
Candidates should be able to:  describe the purpose and use of common utility programs for:  computer security (antivirus, spyware protection and firewalls)
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
MUHAMMAD GHAZI AIMAN BIN MOHD AIDI. DEFINITION  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly.
COMPUTER VIRUSES Computer Technology. What is a Computer Virus? A kind of A kind of Malicious software written intentionallyMalicious software written.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Evolution of Computer Viruses A Technical Presentation by: Logan Kallop.
Protecting Computers From Viruses and Similarly Programmed Threats Ryan Gray COSC 316.
SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.
Prepared for: Dr. Mokhairi Mokhtar Prepared by: Ana Syafiqah Binti Zahari Hazira Hamiza
Chapter 40 Internet Security.
Three Things About Malware
3.6 Fundamentals of cyber security
COMPUTER VIRUSES Computer Technology.
Computer Applications Unit B
Chap 10 Malicious Software.
Malicious Software Network security Master:Mr jangjou
Chap 10 Malicious Software.
Test 3 review FTP & Cybersecurity
Introduction to Internet Worm
Presentation transcript:

Malware Fundamentals POLITEHNICA University of Bucharest 14 th of January 2015 Ionuţ – Daniel BARBU

Agenda Evolution Security implementations in Operating Systems Historical facts Malware types Source of the information: Wikipedia.org

Source: theusindependent.com Evolution

Operating Systems Designed for security but not for the INTERNET Windows NT Offered the option of multi profiles but not of multi – users Partial memory protection No Access Privileges Concept Windows 9x XP limited accounts Vista User Account Control The first user was administrator by default – Removed 7 BitLocker Drive Encryption and Biometrics Improved Windows Firewall, Microsoft Security Essentials & Windows Defender 8 New authentication methods Newer Versions “Consumer versions of Windows were originally designed for ease-of-use on a single-user PC without a network connection, and did not have security features built in from the outset.”, Wikipedia Windows Patch Tuesday

Malware …is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Regin Reversed in November 2014 Samples date from 2003 Customized SpyingStealthySteal Information Stuxnet Worm discovered in 2010 Attacked industrial programmable logic controllers Ruined 20% of Iran’s nuclear centrifuges Cause harmSabotage CryptoLocker Ransomware Trojan Discovered by Dell SecureWorks Propagated via attachments or botnets Encrypts Money Extortion - Bitcoin

History 1949 – John von Neumann introduces the theory of self replicating programs 1972 – Veith RISAK writes an article describing a fully functional virus for SIEMENS 4004/ Jürgen KRAUS: “ computer programs can behave in a way similar to biological viruses” Early Stages 1971 – Creeper Virus – ARPANET “I’m the creeper, catch me if you can!” The Reaper worm was design to catch it – it did! 1982 – ELK Cloner – first personal computer virus – displayed a poem 1992 – first Windows Virus - WinVir First Computer Viruses Source: ajovomultja.hu

Viruses When infected: Steals hard disk space of CPU time Access private information, corrupts data Keystroke logging “the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without the user's consent.” Motivation: Seek profit Message Conveying Sabotage Denial of Service Anti - virus Open Source Proprietary Often use of complex anti- detection/stealth strategies to evade antivirus software. Keep the same “last modification date”, file size or try to kill detection tasks Read requests intercept, self modification, encrypted viruses, polymorphic vs metamorphic code Methods: Social Engineering Security Vulnerabilities Replication Techniques: Resident (after installation it remains in RAM) vs. non-resident (scans for targets, infects and exits) Macro virus (embedded in macro containing documents) Boot sector When executed, it replicates by inserting copies of self in other programs etc.

Worms Unlike a virus, it does not need to attach itself to an existing program. At least some harm is caused due to bandwidth consumption. The payload is usually designed to delete files, encrypt or send docs via mail. Patching Firewall Many of them are payload free, however even these cause major disruption: Morris Worm 1988 (first distributed worm via Internet from MIT) Backdoors represent a known payload and they usually lead to Zombie computers and further to botnets Packet filters ACL …standalone malware computer program that replicates itself in order to spread to other computers

Trojan Horse Zeus / Zbot Microsoft Windows OS Steal banking information Man-in-the-browser Keystroke logging Distributes also CryptoLocker carries out actions determined by its nature… remote access hack Interesting use: anonymizer proxy! data theft or loss Beasts 2.07 system harm can act as a backdoor Protection: IPS IDS Content Filtering ….is a generally non-self- replicating type of malware program containing malicious code Source: megasecurity.org

Others Backdoor Method of bypassing normal authentication Basic example of backdoor: default password Rootkit Hide existence of certain processes or programs Enables continued privileges to a computer Spyware & Adware Aids in gathering information about a person or organization without their knowledge Automatically renders advertisements in order to generate revenue for its author

Zero - Day Antivirus software signatures are not yet available Behavior signatures Zero – Day Vulnerability & Exploit Sandbox

Thank you! “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology.” Bruce Schneier

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.