Presentation is loading. Please wait.

Presentation is loading. Please wait.

From AV to Internetized Security Solution 马杰 Jeffrey Beijing Rising Tech. Co., Ltd. --- The Analysis Report of Malware Technology in China in 2005.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "From AV to Internetized Security Solution 马杰 Jeffrey Beijing Rising Tech. Co., Ltd. --- The Analysis Report of Malware Technology in China in 2005."— Presentation transcript:

1 From AV to Internetized Security Solution 马杰 Jeffrey Beijing Rising Tech. Co., Ltd. --- The Analysis Report of Malware Technology in China in 2005

2 Travel

3 Agenda Background –Overview of the security industry –Overview situation of viruses and spam Changes of viruses –Changes of purpose –Changes if anti-detection Other threats on the internet –Unauthorized software (Rogue software) Summary

4 Internet Statistics Data from: CNNIC

5 Security Industry Revenue Data from: CCID Consulting

6 Product Dispersal Data from: CCID Consulting

7 AV Market Share Distribution Data from: IDC 2005

8 Agenda Background –Overview of the security industry –Overview situation of viruses and spam Changes of viruses –Changes of purpose –Changes if anti-detection Other threats on the internet –Unauthorized software (Rogue software) Summary

9 Virus Statistics 45059 new definitions added to virus database –From Jan. 1 st to Nov. 15 th, 2005 Data from: RISING

10 Most Active Top 10 Data from: RISING

11 Top 10 Worst Spam Countries (Jan. 19 2005) Top 10 Worst Spam CountriesNumber of Current Listed Spam Issues 1 United States 2563 2 China 744 3 South Korea 421 4 Brazil 162 5 Canada 161 6 Taiwan 159 7 Russia 153 8 Japan 117 9 Argentina 105 10 Italy 92 http://www.spamhaus.org

12 Top 10 Worst Spam Countries (Nov. 11 2005) Top 10 Worst Spam CountriesNumber of Current Listed Spam Issues 1 United States 2385 2 China 496 3 South Korea 294 4 Russia 237 5 Taiwan 216 6 Japan 194 7 Canada 155 8 Brazil 134 9 Hong Kong 98 10 United Kingdom 98 http://www.spamhaus.org

13 Agenda Background –Overview of the security industry –Overview situation of viruses Changes of viruses –Changes of purpose –Changes if anti-detection Other threats on the internet –Unauthorized software (Rogue software) Summary

14 Changes of the purpose of virus creation Gain economic benefits –Virtual property –Bank accounts Increase website hits Show off Skills Gain Economic Benefits

15 Viruses have an Economic Purposes Total: 4163 found till Nov. 15th, 2005 Economic Purpose Numbers of viruses Stealing online game passwords2763 Bring more Page Views to websites967 Stealing QQ (or MSN) Passwords427 Stealing online banking passwords6 Data from: RISING

16 Agenda Background –Overview of the security industry –Overview situation of viruses Changes of viruses –Changes of purpose –Changes if anti-detection Other threats on the internet –Unauthorized software (Rogue software) Summary

17 Changes to Anti-Detection The economic benefits by improving anti- detection technology Methods used for anti-detection –Root Kit –Entry Point Obscuring –Source code level morphing

18 Root Kits Hooks Native API Hides Processes – ZwQuerySystemInformation() Hides Files – ZwQueryDirectoryFile() etc… Many Open Source Code www.rootkit.com

19 The Viruses Using Root Kit Technology CategoryAmount Hooking System Ring3 API191 Hooking System Ring0 API53 Patching Kernel81 Viruses using root kit technology found in 2005: 325 Data from: RISING

20 Agenda Background –Overview of the security industry –Overview situation of viruses Changes of viruses –Changes of purpose –Changes if anti-detection Other threats on the internet –Unauthorized software (Rogue software) Summary

21 Other Threats Rogue software –Ad-ware –Spy-ware –Browser hijack and ActiveX controls –Track-ware –Malicious shareware –… Fishing etc…

22 Rogue software 22.72%22.72% 13.87%13.87% 19.53%19.53% 9.74%9.74% Data from: UNB

23 How Rogue Software Avoid Being Deleted? Make themselves automatically launch Install drivers to get a higher privilege Create mutually protecting threads Inject DLLs or threads into another process Rubbish Files

24 To remove or not to remove… It’s hard to make the decision. To remove : –Annoys the users. Not to remove : –Free –Provides some useful features.

25 Agenda Background –Overview of the security industry –Overview situation of viruses Changes of viruses –Changes of purpose –Changes if anti-detection Other threats on the internet –Unauthorized software (Rogue software) Summary

26 The situation of viruses in 2005 Economic purposes significantly lead to the increase of new viruses and virus technologies. Weaknesses of a system is the major reason of virus infection. Network is still the most commonly used media though which viruses spread. IM tools are utilized by viruses to spread over internet. New platforms are becoming the target of viruses –mobile phones –PDAs –and etc… Open source is still the origin of lots of viruses

27 Diary

28 Job

29 File System openomy project

30 earth

31 People Internetized A lot of things around us getting internetized –Job E-mail Web office Instance Message –Life Blog Online Game Online Movie

32 Threats Internetized Attack on internet Gain from internet Threat s

33 Protection Needs to be Internetized! Virus Spam Hack Spy-ware Browser hijack Fishing

34 Protect Users Online Security An internetized security solution provides: –Antivirus –Anti-spam –Firewall –Password protect –Anti browser hijack –Anti fishing

35 The Hardest Part I wish that I could work it out … Thank you! Jeffrey@rising.com.cn

Download ppt "From AV to Internetized Security Solution 马杰 Jeffrey Beijing Rising Tech. Co., Ltd. --- The Analysis Report of Malware Technology in China in 2005."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
The development of Internet A cow was lost in Jan 14th 2003. If you know where it is, please contact with me. My QQ number is 87881405. QQ is one of the.

The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.

IDENTITY THEFT ARE YOU SAFE?. HOW DOES THIS HAPPEN TO ME? Internet “Security “ When using a public computer, never access any vital accounts like banking.
24/7/365 Remote Computer Support. Program Overview.

24/7/365 Remote Computer Support. Program Overview.
Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.

Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.
Quiz Review.

Quiz Review.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Malware Spyware & Viruses Overview  What does it look like?  What is it?  How can you prevent it?  What can you do about it when you get it?

Malware Spyware & Viruses Overview  What does it look like?  What is it?  How can you prevent it?  What can you do about it when you get it?

Similar presentations

Ads by Google