1 / 27

Malware, Spyware, and Viruses

Malware, Spyware, and Viruses. By: Anthony Bosnak. Overview. Malware How Antivirus Programs Work Future Threats. Malware. General misconception among people Malware = “malicious software” Malware is any kind of unwanted software that is installed without your consent on your computer.

wynter-cannon
Télécharger la présentation

Malware, Spyware, and Viruses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Malware, Spyware, and Viruses By: Anthony Bosnak

  2. Overview • Malware • How Antivirus Programs Work • Future Threats

  3. Malware • General misconception among people • Malware = “malicious software” • Malware is any kind of unwanted software that is installed without your consent on your computer. • Viruses, worms, Trojan horses, bombs, spyware, adware are subgroups of malware.

  4. Viruses • A virus tries to infect a carrier, which in turn relies on the carrier to spread the virus around. • A computer virus is a program that can replicate itself and spread from one computer to another.

  5. Viruses cont. • Direct infection: virus can infect files every time a user opens that specific infected program, document or file. • Fast Infection: is when a virus infects any file that is accessed by the program that is infected. • Slow infection: is when the virus infects any new or modified program, file or document. • Great way to trick a antivirus program!

  6. Viruses cont. • Sparse Infection: is the process of randomly infecting files, etc. on the computer. • RAM-resident infection: is when the infection buries itself in your computer’s random access memory. • Video:Hippi Virus + Cascade Virus

  7. Bombs • ANSI Bombs: MS-DOS days • More of a joke malware, than anything else. • Change code in ANSI.SYS file, which calls a driver that displays colors and graphics. • One feature is keyboard macros. So the bomb would remap common keys the user would press. • Most of the ANSI bombs would be disguised as a batch file to be run in the MS-DOS menu.

  8. Example Code • ESC[99; “format c:”;13p • ESC[66; “format c:”13p • This code remaps the letter C and c. Every time the user presses C or c it tries to reformat the hard drive. The only problem with this is the computer asks, “Do you really want to reformat drive C: (Y/N)?” Most users then press N or n for No. So the hacker remaps the Y and N keys. • ESC[110; 121;13p • ESC[78;89;13p • When the user now presses the N or n key it will actually make the user press Y or y; and vice versa.

  9. Bombs cont. • Logic Bombs: is programming code that is designed to execute or explode when a certain condition is reached. • Most the time it goes off when a certain time is reached or a program fails to execute. But it these bombs wait for a triggered event to happen. • Most common use of this is in the financial/business world. • Most IT employees call this the disgruntled employee syndrome.

  10. Trojans • Trojan horse: is a program or software designed to look like a useful or legitimate file. • Once the program is installed and opened it steals information or deletes data. • Trojan horses compared to other types of malware is that it usually runs only once and then is done functioning.

  11. Trojans cont. • Some create back-door effects • Another distribution of Trojans is by infecting a server that hosts websites. • Downfall of Trojans: very reliant on the user. • Video Example: NeturalZlob Trojan

  12. Worms • Worms and viruses get interchanged commonly in the media. • In reality a worm is more dangerous than a virus. • User Propagation vs. Self Propagation • Worm is designed to replicate itself and disperse throughout the user’s network. • Email Worms and Internet Worms are the two most common worm.

  13. Email Worm • Email worm goes into a user’s contact/address book and chooses every user in that contact list. • It then copies itself and puts itself into an attachment; then the user will open the attachment and the process will start over again! • Video Example: I LOVE YOU WORM

  14. Internet Worms • A internet worm is designed to be conspicuous to the user. • The worms scans the computer for open internet ports that the worm can download itself into the computer. • Once inside the computer the worms scans the internet to infect more computers.

  15. Adware and Spyware • Adware is a type of malware designed to display advertisements in the user’s software. • They can be designed to be harmless or harmful; the adware gathers information on what the user searches the World Wide Web for. • With this gathered information it displays ads corresponding to information collected.

  16. Adware and Spyware cont. • Spyware is like adware it spies on the user to see what information it can collect off the user’s computer to display pop ads on the user’s computer. • Spyware unlike adware likes to use memory from programs running in the background of the computer to keep close watch on the user. • This most often clogs up the computer causing the program or computer to slow down and become un-fuctional.

  17. Antivirus Programs • Antivirus programs are designed to detect malware trying to enter the user’s system. • There are several ways a antivirus program can track malware entering the computer. • Software can use: • Signature based detection • Heuristics • Cloud Antivirus • Network Firewall

  18. Signature-Based Detection • Most common way a antivirus finds malware on a computer • Database of virus signatures • Constant Updates • Not 100% foolproof

  19. Heuristics • Detection of malware is done by monitoring files and how certain programs try to reform the files on the system. • When a modification takes place the antivirus alerts the user and tries to elevate the problem.

  20. Cloud Antivirus • New form of antivirus program • The virus scanning is done from a remote location(not on the computer). • Why this is so popular is because it relieves the physical computer resources. • Constant functionality (Nonstop scanning) • Security Issues

  21. Network Firewall • Operating systems way of protecting the user from unknown programs. • Not technically a antivirus program • Monitors the TCP/IP ports programs tries to access.

  22. Future Threats • Almost everything is hooked up to the internet in some sort of form. • Recent events have widened the eyes of many security experts. • The ability to gain access to high security organizations, infrastructures or mainframes has frightened many people. • Could one click of the mouse start World War III?

  23. Cyberspace • Attack on Estonia • Attacked parliament, ministries, banks, newspapers, and other websites were attacked by Denial of Service Attacks. • Major infrastructures attacked • Stuxnet Virus • Japan’s Defense Contractors • Zeus Malware • Obama almost started a Cyberware in Libya.

  24. How can we protect ourselves • Use an antivirus program and keep it up to date! • Yes they only protect from know malicious code out there, but it’s still something!

  25. Operating System’s Security • Keep your Operating System up to date! • Windows is one of the most hacked OS on the market. • The updates are mostly focused on security patches

  26. Become An Informed User! • Become aware of what you are doing on the internet! • Don’t click on pop up ads! • Keep up to date on current issues happening on the web!

  27. References • Wang, Wallace. (2006). StealThis Computer Book 4.0: What They Won’t Tell You About the Internet. San Francisco, CA: William Pollock. • Panda Cloud Antivirus. (n.d.) Retrieved October 29, 2011 from Wikipedia: http://www.en.wikipedia.org/wiki/Panda_Cloud_Antivirus • Fowler, Daniel. (2008). Importance of Cybersecurity Increases as Attacks Get More Dangerous. In Richard Joseph Stein (Ed.), Internet Safety (pp. 5-7). New York, NY: H.W. Wilson Company. • Viega, John. (2009). The Myths of Security: What the computer Security Industry Doesn’t Want you to Know. Sebastopol, CA: O’Reilly Media, Inc. • http://www.alanbonnici.com

More Related