1 / 23

Fundamentals of Information Systems Security Chapter 11 Malicious Code and Activity

Fundamentals of Information Systems Security Chapter 11 Malicious Code and Activity. Learning Objective. Explain the means attackers use to compromise systems and networks and defenses used by organizations. Key Concepts.

camila
Télécharger la présentation

Fundamentals of Information Systems Security Chapter 11 Malicious Code and Activity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Fundamentals of Information Systems Security Chapter 11 Malicious Code and Activity

  2. Learning Objective • Explain the means attackers use to compromise systems and networks and defenses used by organizations.

  3. Key Concepts • Impact of malicious code and malware on public- and private-sector organizations • Profiling attackers and hackers • Phases of a computer attack • Security awareness training to harden User domain and teach correct use of IT assets

  4. DISCOVER: CONCEPTS

  5. What Is Malicious Code/Malware?

  6. History of Malware • 1971: “Creeper virus” spreads to Advanced Research Projects Agency Network (ARPANET). Other experimental viruses emerge throughout the 1970s with varying exposure. • 1981: “Elk cloner” becomes the first computer virus to appear in the wild or outside of a computer lab. • 1982: The first worm is jointly developed at Xerox’s Palo Alto Research Center. Used for distributed calculations, a logic error caused uncontrollable replication that crippled computers.

  7. Forms of Malware • Viruses, worms, Trojans, backdoors, rootkits, and others • Active content and botnets aremodern examples • Phishing and pharmingattacks represent modern threats

  8. Lifecycle of a Virus

  9. How a File Infector Virus Works

  10. How a Macro Virus Works

  11. How a Stealth Virus Works

  12. How a Slow Virus Works

  13. How a Multipartite Virus Works

  14. How a Retro Virus Works

  15. How a Worm Works

  16. How a SYN Flood Attack Works

  17. How a Smurf Attack Works

  18. Discussion Points • Motivations for attacks • Types of attackers • Goals of attackers

  19. DISCOVER: RATIONALE

  20. Discussion Point • Discuss the impact of malicious code and malware on businesses and organizations.

  21. Defending Against Network Attacks • Set up protective mechanisms at every domain and layer. • Establish checkpoints at every network layer and domain category and monitor regularly. • Use intrusion detection system/intrusion prevention system (IDS/IPS) and firewall control lists to filter network-driven attacks. • Sandbox application-level attacks and scan with antivirus or anti-malware products. • Back up data regularly.

  22. End-User Awareness Training • It helps prevent incidentsand reduce risk. • End-users are weakest link insecurity chain. • Security is a specialmindset. • Consistent applicationrequires good habits.

  23. Summary • Malware encompasses a variety of malicious code. • Methods for attack progress and new trends emerge as technology improves. • Motivations explain why criminals commit acts; motivations vary but personalities generally recur. • Computer and network attacks occur in phases. • Security awareness training can reduce incidents of attacks.

More Related