By: Sharad Sharma, Somya Verma, and Taranjit Pabla.

Slides:

Advertisements

Similar presentations

Defense and Detection Strategies Against Internet Worms Usman Sarwar Network Research Group, University Science Malaysia.

Advertisements

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

1 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses Networking fundamentals Network architecture Network components.

1 Computer Security: Protect your PC and Protect Yourself.

 Discovered in June/July 2010  Targeted Siemens software and equipment running Microsoft Windows  First malware for SCADA systems to spy and subvert.

eScan Total Security Suite with Cloud Security

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Tyler’s Malware Jeopardy $100 VirusWormSpyware Trojan Horses Ransomware /Rootkits $200 $300 $400 $500 $400 $300 $200 $100 $500 $400 $300 $200 $100 $500.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Network and Internet Security SYSTEM SECURITY. Virus Countermeasures Antivirus approach ◦Ideal solution: Prevention ◦Not allowing the virus to infect.

A sophisticated Malware Arpit Singh CPSC 420

Hacker Zombie Computer Reflectors Target.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

Mr. Mark Welton.  The five game changing viruses  Security best practices that deal with the problems.

Internet Security facilities for secure communication.

Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

Spyware, Viruses and Malware What the fuss is all about.

Honeypot and Intrusion Detection System

Virus and Antivirus Team members: - Muzaffar Malik - Kiran Karki.

1 How to 0wn the Internet in Your Spare Time Authors: Stuart Staniford, Vern Paxson, Nicholas Weaver Publication: Usenix Security Symposium, 2002 Presenter:

Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.

Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.

Administrative: Objective: –Tutorial on Risks –Phoenix recovery Outline for today.

MALWARE : STUXNET CPSC 420 : COMPUTER SECURITY PRINCIPLES Somya Verma Sharad Sharma Somya Verma Sharad Sharma.

FORESEC Academy FORESEC Academy Security Essentials (III)

Lessons from Stuxnet Matthew McNeill. Quick Overview Discovered in July 2011 Sophisticated worm - many zero-day exploits, Siemens programmable logic controller.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

C OMPUTER V IRUSES Julia White. W HAT ARE COMPUTER VIRUSES ? Computer viruses are small software programs that are designed to spread from one computer.

Recent Internet Viruses & Worms By Doppalapudi Raghu.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

Computer Viruses and Worms By: Monika Gupta Monika Gupta.

Dealing with Malware By: Brandon Payne Image source: TechTips.com.

Module 11: Designing Security for Network Perimeters.

Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.

Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.

Slammer Worm By : Varsha Gupta.P 08QR1A1216.

2/11/ Dela Cruz.  Trojan Horses  Worms  Viruses  Piggyback software  Attachments with viruses 2/11/2016 Dela Cruz 2.

VIRUSES AND SECURITY  In an information-driven world, individuals and organization must manage and protect against risks such as viruses, which are spread.

NETWORK SECURITY Definitions and Preventions Toby Wilson.

Computer virus Done: Aaesha Mohammed ID: H

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

NEXT GENERATION ATTACKS & EXPLOIT MITIGATIONS TECHNIQUES ID No: 1071 Name: Karthik GK ID: College: Sathyabama university.

COMPUTER SYSTEM FUNDAMENTAL Genetic Computer School COMPUTER AND INTERNET SECURITY LESSON 9.

PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Working at a Small-to-Medium Business or ISP – Chapter 8

Propagation, behavior, and countermeasures

Object Oriented Programming and Software Engineering CIS016-2

Introduction to Internet Worm

Presentation transcript:

By: Sharad Sharma, Somya Verma, and Taranjit Pabla

What are worms?  Exploits Security of policy flaws in widely used services.  Vender programs  Operating Systems  Infects environment.

Worms vs. Viruses  Worms are a subset of Viruses  Differ in method of attachment  Viruses attach to files for propagation  Worms propagate without attachment  Viruses require user error.  Worms use known exploits to propagate.

History of Computer Worms  Christmas Tree Exec Worm  Rendered international computer networks unusable.  1987  Morris Worm  Created by Robert T. Morris  1988  Fined $10,000 and sentenced to 3 years probation

History of Computer Worms (continued)  Melissa  1999  Created by David L. Smith  I Love You  2000  Same mechanism as the Christmas Tree Exec Worm  Slapper Worm  2002  Exploited a problem in OpenSSL to run remote shells on other computers using certain versions of Apache

History of Computer Worms (continued)  Other notable worms  1260 polymorphic worm  1990  First member of the chameleon family  Bubbleboy  1999  Worm.ExploreZip  1999

Worm Propagation  Port scans over the network and Internet  Look for open TCP ports to use as an attack vector.  Use compromised machine to probe others or produce mass mailings.

Worm Propagation (continued)  Some worms know how to look for vulnerabilities on systems with certain programs and configurations.

Mitigation and Defense.  Use a firewall  Software or Hardware  Anti-virus and Anti-spyware programs  Monitor number of scans on the network  Never open an attachment found in an unsolicited .

Mitigation and Defense (continued).  Access Control List  Monitor and restrict access to network.  Packet Filtering  Firewall technique, monitors packets for compliance of user defined rules.  Null routing  Filters packets and ignores any packets matching a certain criteria acting as a limited firewall.  Useful in DDOS attacks.

Mitigation and Defense (continued).  TCP Wrappers  Method of Access Control List Security  Provides many layers of validity tests.  Constant vigilance  Education  Be proactive.

Modern Worms - Stuxnet  Truly identified in July 2010  Target oriented and supposedly aimed at the Iranian Nuclear Reactor in Bushehr and enrichment facility of Natanz.  Aimed specifically for industrial setups, mainly drives which operate over 600Hz.  Real form of Cyber Warfare

Modern Worms – Stuxnet (Continued)  Uses more than a single language.  Capable of updating itself and P2P communication.  Encrypted using FIPS Standards.  Digital signatures used to slow down detection.  Used all 4 zero day vulnerabilities of Windows.  First know rootkit for SCADA systems.

Protection From Stuxnet  Follow Siemens Guidelines.  Shutdown Internet to avoid Stuxnet updates.  Disallow the use of foreign USB drives.  Use updated SCADA versions and Microsoft patches.