1 / 20

Spyware & It’s Remedies CS 526 Research Project Spring 2008

Spyware & It’s Remedies CS 526 Research Project Spring 2008. Presented By - Ankur Chattopadhyay Erica Kirkbride University Of Colorado At Colorado Springs. Overview. What is Spyware? Why do we care? (The Overall Issues) What do we do about it? (The Anti-Spyware Remedies)

adonica
Télécharger la présentation

Spyware & It’s Remedies CS 526 Research Project Spring 2008

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spyware & It’s RemediesCS 526 Research ProjectSpring 2008 Presented By - Ankur Chattopadhyay Erica Kirkbride University Of Colorado At Colorado Springs

  2. Overview • What is Spyware? • Why do we care? (The Overall Issues) • What do we do about it? (The Anti-Spyware Remedies) • The Spyware Tests Conducted: Experiments & Results • Conclusion

  3. So what is Spyware? There are many types of components: • Adware • Dialers • Joke Programs • Hack Tools • Remote Access Programs • Spy Programs

  4. Adware • Mainly pop-up programs that gather important information about computer usage through internet browser • Employed by people trying to make money from directed spam and advertisement • Example is: Adware.WinFavorites • Checks your favorites and sends pop ups that are related

  5. Dialer • Typical program that takes over a computer modem and dials to locations without a user’s consent • Usually meant to increase the user’s phone bill • Places itself as high speed connection’s replace dial up • Example: XXXDial • Dials international location to deliver pornographic content to a person’s computer

  6. Joke Programs • Usually meant as a distraction or nuisance to interrupt work • Usually not malicious or harmful • Made by people that just want to show how they can get in a system if they wanted to • Example: Joke.Win32.DesktopPuzzle • Turns your desktop into a slider puzzle

  7. Hack Tools • 2 Kinds • Keystroke Loggers • Distributed denial of service attacks • Very Malicious • Used to steal personal information, bank accounts or passwords • Also can help to take over a computer to be used to attack another computer

  8. Hack Tools • Those that use them are trying to do identity theft or use computer resources to attack other networks (this is a service many hackers pay for) • Example: Haxdoor.o • Opens port 1661 on the computer and allows full access to others later can use it • Example: KeySpy • Keystroke logger that records all keystrokes and emails it to an email

  9. Remote Access Programs • Back Door Programs • Makes it easier for access to be gained at future times when it is needed • Can be used to have other programs like hack tools installed • Example: MindControl • Opens port 23 to allow full control over a computer

  10. Spy Programs • Can scan and monitor system illegally • Used to assist in identity theft • Also can be a keystroke logger that transmits its information whenever a secure webpage is accessed • Example: Realtime-Spy • Implicit scanner & keystroke logger that records personal passwords and transmits to a remote account

  11. The Real Bad Guys • Spy Programs • Hack Tools • Remote Access Programs • Allow easier access to the infected computer at a later date • Used to take over an infected computer and use its resources for their own purposes

  12. Spyware Threats/Issues • Increasing variants & becoming very prevalent • Way to make cheap and easy money • Targeting all internet users; using your resources & making money from you • If you are not cautious, then you may get exploited • Some spyware can really harm you and infect your computer very badly

  13. What To Do? (Remedies) • Use spyware removal software (AntiSpyware) • Edit the registry • Find and remove the spyware program • Reformat the hard drive (extreme case) • Back-up & restore • Prevention • Never go online (impractical solution) • Firewalls • Employ spyware detection programs

  14. The Anti-Spyware Tests • Experimental Procedure • Decided to test what spyware removal and prevention tools were the best • Infected a computer with spyware in a controlled environment (test bed) • Conducted multiple test runs to see performance of each tool • Efficiency & effectiveness of a tool based on priority factors • spyware detection capabilities • speed (response time) • space (storage) requirements • system compatibility, cost, availability

  15. The Anti-Spyware Tests Results: • Tool Features Comparison • Found out that none were really full-proof (none can detect all spyware and remove everything) • It is better to use two or more anti-spyware tools in combination, as one will often detect and remove things that others do not

  16. Recommended Anti-Spyware • The best programs were (according to our experiments): • Ad-aware • Pest Patrol • Webroot Spyware Sweeper • Spybot Search and Destroy • McAfee Anti Spyware (Security Center Package) • Microsoft Anti-Spyware Beta (Windows Defender)

  17. Conclusions • Spyware programs can prove to be quite difficult to remove, even for dedicated anti-spyware scanners; detecting, disabling or deleting the spyware completely is an arduous and next to impossible task • No single anti-spyware scanner tool removes everything; even the best-performing anti-spyware scanner in test runs missed one quarter of the "critical" files and registry entries

  18. Conclusions • This means that the programs were at best 75% effective, in reality • Prevention is always preferable to scanning and removal • Moreover, users should learn to practice safe computing habits, which include avoiding web sites and programs of unknown or dubious provenance and carefully reading End User LicenseAgreements and Privacy Policies

  19. References • Spyware Test: http://www.spywarewarrior.com/ • Spyware Definitions: http://securityresponse.symantec.com/avcenter/refa.html#spyware • Spyware Listings: http://www.spywareguide.com/

  20. Questions???

More Related