Download presentation
Presentation is loading. Please wait.
Published byShreya Jarvis Modified over 10 years ago
1
Adware and Spyware
2
Objectives u Define terms, scope, and motivation u Discuss impact (personal and business) u Review basic technical aspects u Provide basic identification and removal resources u Discuss prevention techniques 2
3
Definitions, Scope, and Motivation 3
4
Definitions u Malware: malicious software – Adware: advertising-oriented – Spyware: information-oriented u Anti-adware and anti-spyware are the tools that fight them 4
5
What and Why? Adware u Advertising u Goal is to sell or promote u Data pushed from them to you u Hopefully you will buy or visit Spyware u Spying u Goal is to gather information u Data pulled from you to them u Hopefully information can be used for sale or power 5
6
Motivation u Money – Firms place ads for selves or clients – Paid by click-through or direct purchase – Identity/data theft u Power – Ruin rival’s reputation – Blackmail, intelligence activities – Gain notoriety and satisfaction 6
7
Relationships u Trojans, viruses, phishing, pharming, rootkits, adware, spyware … so much bad stuff! u Questions: – Can adware be spyware? – Is there a relationship between adware, spyware, and other malware? 7
8
Impact and Effects 8
9
u Loss of computer functionality 9
10
What Is This? 10Source: http://en.wikipedia.org/wiki/Image:Spyware_infestation.png
11
Internet Explorer On XP 11 Entire screen The web page! Source: http://en.wikipedia.org/wiki/Image:Spyware_infestation.png
12
Impact and Effects u Loss of computer functionality u Loss of computer performance u Loss of personally identifiable information 12
13
Impact: Identity Theft u Maricopa County u Continues to grow in frequency u Effects: – Loss of money – Credit problems – Criminal record – Inability to work 13
14
Technical Aspects (How It Works) 14
15
Some Adware Techniques u Pop-ups u Conditional acceptance u Tracking cookies (history) u Tracking images (web, email) 15
16
Some Adware Techniques u Click tracking u Active web technology u Careless use of protective software (or none at all!) 16
17
Some Spyware Techniques u Software downloads u Online games u Keystroke loggers u Pop-ups 17
18
Some Spyware Techniques u Free adware/spyware removal programs u Commercial software u Careless use of protective software (or none at all!) 18
19
Identifying and Removing 19
20
Identifying and Removing u Adware is everywhere 20 www.zedo.com “Zwinky is free with download of toolbar” http://www.youtube.com/v/1jbEZlnl9WQ
21
Identifying and Removing u 67% infected among those surveyed* u Can you keep up? 21 * Source: Enterprise Information Systems Assurance and System Security (Warkentin and Vaughn, ed.), p. 51.
22
Identifying and Removing u Common symptoms* – Pop-ups – Toolbars – Performance problems – More OS/application crashes u Can be symptomless 22 * Source: Enterprise Information Systems Assurance and System Security (Warkentin and Vaughn, ed.), p. 51.
23
Identifying and Removing u Anti-adware tools u Anti-spyware tools u Network packet sniffing 23
24
Removal u Methods: – Manual – “Free” tools – Commercial tools u Can be difficult 24
25
Prevention 25
26
Prevention u What does not prevent it?* – Personal firewalls – Anti-virus programs u The best you can hope for is to discourage it. 26* But they do help prevent spyware and adware that spread that way.
27
Prevention u Safe browsing: – Disable active browser technologies – Limit use of cookies – Limit browsing to reputable sites – Use “high” security settings – Flush cached and personal information 27
28
Prevention u Anti-spyware and anti-adware – No single product or suite handles it all – Investigate tools carefully u Firewall and anti-virus – Up to date – Properly configured u Stay informed! 28
29
Business Aspects 29
30
Business Impact 1. Loss of productivity 2. Increased IT support costs 3. Theft of intellectual property 4. Liability associated with privacy violations 5. Premature information disclosure 6. Loss of credibility … 30Source: Enterprise Information Systems Assurance and System Security (Warkentin and Vaughn, ed.), p. 52.
31
Business Prevention u Security policy – Write it down – Educate everyone – Management buy-in – Audit compliance u Use generally good practices u Stay up to date! 31
32
Conclusions u Adware and spyware come with serious consequences u Identification and removal can be difficult u Prevention is best u User education is key 32
33
Questions? 33
34
Credits u Enterprise Information Systems Assurance and System Security, Warkentin and Vaughn, ed., 2006. u Wikipedia, http://www.wikipedia.org u Original clip art is from the Microsoft Office web site unless otherwise cited 34
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.