Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 510 : Malicious Code and Forensics. About the course Syllabus at

Published byDouglas Moore Modified over 9 years ago

Similar presentations

Presentation on theme: "CS 510 : Malicious Code and Forensics. About the course Syllabus at"— Presentation transcript:

1 CS 510 : Malicious Code and Forensics

2 About the course Syllabus at http://thefengs.com/wuchang/work/courses/cs410

3 Textbook Required: Malware – Fighting Malicious Code, Ed Skoudis Code, Ed Skoudis ISBN: 0131014056 ISBN: 0131014056

4 Other material (optional)‏ Hacking - The Art of Exploitation, Jon Erickson, ISBN: 1-59327-007-0 The Shellcoder's Handbook - Discovering and exploiting Security Holes, Koziol et al., ISBN: 0-7645- 4468-3 Trojans, Worms, and Spyware: A Computer Security, M. Erbschloe, ISBN0750678488 The Giant Black Book of Computer Viruses, M. Ludwig ISBN: 0929408233

5 Ethics Exploring malware Do it on your own computer, or somewhere you have permission to Don’t run vulnerability scanners on other people’s machines

6 What is Malware? Malware – set of instructions that run on your computer and make your system do something that an attacker wants it to do Delete files to render your computer inoperable Infect other systems (worms, viruses)‏ Monitor activity (webcams, keystroke loggers)‏ Gather information on you, your habits, web sites you visit Provide unauthorized access (trojans, backdoors)‏ Steal files (credit card data)‏ Store illicit files (copyrighted material)‏ Send spam or attack other systems Stepping stone to launder activity (frame you for a crime)‏ Hide activity (rootkits)‏

7 Why make malware? For kicks For profit Commercial-grade malware

8 Unprecedented Connectivity Huge clueless userbase Increasingly generic software Homogeneous architectures Mature toolkits Data/Instruction mix (.. more)‏ Why is it so prevalent?

9 Mixing Data & Code What’s the difference between code and data? Data is information that your CPU acts on Code tells your CPU to take action (danger!)‏ To a computer, what’s the difference between code and data? …. Not much * …. Not much * Data & code are intermixed these days ELF,.exe,.html,.doc ….

10 Mixing Data & Code Developers do it because Cool – Dynamic,interactive environment (eg HTML)‏ Flexible – Extended functionality (eg.doc)‏ Efficient – Flexible software building blocks (eg.js)‏ Market share – Features increase usage

11 Types of malware VirusesWorms Malicious mobile code BackdoorsTrojans Rootkits (user & kernel level)‏

12 Viruses Infects a host file Self-replicates Spreads via secondary storage or network Human interaction usually required Examples Michelangelo, stoned, CIH

13 Worms Spreads across a network Self-replicates Human interaction not usually required Examples Morris Worm, Code Red, SQL Slammer

14 Malicious Mobile Code Lightweight Downloaded and executed locally Human interaction minimal Javascript, VBScript, Java, ActiveX, Flash Examples Cross Site Scripting, Drive-by downloads, Cross-site Request Forging

15 Backdoor Bypasses normal security controls to give an attacker access Can have dual uses (for good and evil)‏ Examples Netcat, VNC, Back Orifice

16 Trojan Horse Disguised as useful file/program Performs malicious purpose such as launching other programs or capturing user information Eg. Setiri, Hydan

17 Rootkits Tools to hide presence of attacker/other malware on system User-level rootkit Replaces utilities on host system Kernel-level rootkit Manipulates operating system directly

18 Others Spyware Monitors a system’s activity and reports it to attacker

19 Others Adware Software to continually display advertisements to users

20 Others Scareware Software that scares users to purchase or install software they do not want or need

21 Others Ransomware Software that attempts to force users to pay hacker money

Download ppt "CS 510 : Malicious Code and Forensics. About the course Syllabus at"

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.

3 Section C: Installing Software and Upgrades  Web Apps  Mobile Apps  Local Applications  Portable Software  Software Upgrades and Updates  Uninstalling.
CS 450 - Nathan Digangi.  Secret, undocumented routine embedded within a useful program  Execution of the program results in execution of secret code.

CS Nathan Digangi.  Secret, undocumented routine embedded within a useful program  Execution of the program results in execution of secret code.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Quiz Review.

Quiz Review.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.

Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.
Internet Vulnerabilities & Criminal Activities Malware 3.2 9/26/2011.

Internet Vulnerabilities & Criminal Activities Malware 3.2 9/26/2011.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.
UNIT 4 ASSIGNMENT VIRUSES & DESTRUCTIVE PROGRAMS.

UNIT 4 ASSIGNMENT VIRUSES & DESTRUCTIVE PROGRAMS.
Malware  Viruses  E-mail Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Similar presentations

Ads by Google