1. BY FIOLA CARVALHO 411104 TE COMP

2. CONTENTS  Malicious Software-Definition  Malicious Programs Backdoor Logic Bomb Trojan Horse Mobile Code Multiple-Threat Malware Zombie  Reference  Questions

3. DEFINITION  Malicious software is a software that is intentionally included or inserted in a system for a harmful purpose.  Malicious software, also known as “malware,” is a nuisance, but increasingly, malicious software can damage data, computers, and computer networks. Examples include Trojan horses, vandalware, spyware, hoaxes, some viruses—including macro viruses—and worms.

4. Malicious Programs

5. Backdoor or Trapdoor  It is a secret entry point into a program.  It also allows those who know to access bypassing usual security procedures.  It have been commonly used by developers.  Backdoors become threats when unscrupulous programmers use them to gain unauthorized access.  It is difficult to implement operating system controls for backdoors.  It requires good s/w development & update.

6. Logic Bomb  It is one of oldest types of malicious software.  The logic bomb is code embedded in legitimate program.  It is activated when specified conditions met. E.g. presence/absence of some file particular date/time particular user  When triggered typically damage system, modify/delete files/disks, halt machine, etc.

7. Trojan Horse  It is a program or command procedure with hidden side- effects.  Trojan horse program can be used to accomplish functions indirectly. E.g. game, s/w upgrade etc.  It allows attacker to indirectly gain access that they do not have directly.  It is often used to propagate a virus/worm or install a backdoor or simply to destroy data.  Another common motivation for the Trojan horse is data destruction. The program appears to be performing a useful function (e.g., a calculator program), but it may also be quietly deleting the user’s files.

8. Mobile Code  It refers to program/script/macro that runs unchanged to heterogeneous collection of platforms.  It also applies to situations involving a large homogeneous collection (E.g. Microsoft Windows).  It is transmitted from remote system to local system & then executed on local system.  It often acts to inject virus, worm, or Trojan horse.  In other cases, mobile code takes advantage of vulnerabilities to perform own exploits such as unauthorized data access, root compromise.

9. Multiple-Threat Malware  Malware may operate in multiple ways.  Multipartite virus infects in multiple ways. E.g. multiple file types  Blended attack uses multiple methods of infection or transmission, to maximize the speed of contagion and severity of attack.  It may include multiple types of malware E.g. Nimda has worm, virus, mobile code

10. Zombie  It is the program which secretly takes over another networked computer.  It uses indirectly to launch attacks.  It is often used to launch distributed denial of service (DDOS) attacks.  Develops known faults in network systems.

11. REFERENCE Operating Systems by William Stallings ( Page no 647-651)

12. QUESTIONS  MAY 2011 What are different types of malicious software? How they are classified? Explain any two. ( 7 )

13. THANK YOU