1 / 22

Spyware Case Study

Spyware Case Study. Prepared By: Omar Alzubi Supervised By: Dr. Lo’ai Tawalbeh Intrusion Detection and Hackers Exploits-NYIT (Summer '06). Marketscore hit many US Universities. MKSC hit many US Universities in Dec-2004

wray
Télécharger la présentation

Spyware Case Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spyware Case Study Prepared By: Omar Alzubi Supervised By: Dr. Lo’ai Tawalbeh Intrusion Detection and Hackers Exploits-NYIT (Summer '06)

  2. Marketscore hit many US Universities • MKSC hit many US Universities in Dec-2004 • Director of computer security at Boston College, “the software was bundled with iMesh peer-to-peer software.”

  3. Background off Marketscore Inc.. • As in the MarketScore Privacy Statement • originally called Netsetter • a service of ComScore Networks (www.comscore.com), an online behavior tracking company • assisting ComScore Networks in providing information on Internet trends and usage activity.

  4. What the set-up process do … • Marketscore FAQ http://www.marketscore.com/faq.aspx • What does the set-up process do? • During the registration process and in the process of adding your computers to the Marketscore Network, your computers and browsers are configured to route your Household's Internet communication automatically through the Marketscore Network and we assign a unique ID so we can accurately and anonymously track your Internet use.

  5. Installation • Install by ActiveXUser need to confirm to trust the software.

  6. What is installed (I)

  7. What is installed (II) • TCPIP network kernel driver • Windows Socket 2.0 Non- IFS Service Provider Support Environment • All TCPIP network traffics are intercepted at very low level

  8. What is installed?

  9. What is installed (III)

  10. Threat 1 : Web traffic proxied

  11. Threat 2 : SSL encryption broken

  12. Man-in-the-middle attack

  13. What MKSC said on this

  14. What is reported?

  15. Threat 3 : Spyware service running

  16. Threat 4 : Email Redirection?

  17. Threat 5: Adware

  18. Threat 5: Information Trade

  19. Myth of Speed

  20. Summary for MarketScore • 􀂄 Careful packaging of the service • 􀂄 Prepared to deal with legal issues - Has user consent before installation • 􀂄 Designed to tap human weaknesses - Give benefits • Leverage on user ignorance or negligence

More Related