Download
dr richard ford rford@fit edu n.
Skip this Video
Loading SlideShow in 5 Seconds..
What is Malcode? PowerPoint Presentation
Download Presentation
What is Malcode?

What is Malcode?

183 Vues Download Presentation
Télécharger la présentation

What is Malcode?

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Dr. Richard Ford rford@fit.edu What is Malcode?

  2. What are we going to talk about? • Fundamental Definitions • What is Malcode? • Malcode Overview • Follows: Szor Ch.1 & 2.

  3. How I Got Involved • Like most researchers, I got hit by a Virus • I disassembled the virus, and began on this wonderful journey of discovery… • Making every possible mistake on the way!

  4. Malicious Code v. MMC • MMC = Malicious Mobile Code • Critical word: Mobile • MMC is designed to move from one machine to another

  5. Type of Malcode • Viruses • Trojan Horses • Worms • Blended threats

  6. Virus • A virus is a malicious program that modifies other host files or boot areas to replicate. In most cases, the host object is modified to contain a complete copy (possibly evolved) of the malicious program code. The newly-infected object is capable of spreading the “infection” further

  7. Trojan • A Trojan, or Trojan Horse, is a non-replicating program masquerading as one type of program with its real intent hidden from the user.

  8. Worm • A worm is a piece of replicating code that uses its own program coding to spread with minimal user intervention. Unlike viruses worms do not “infect” other programs or boot sectors

  9. Blended Threat • Replication + something else bad (like an exploit)

  10. Spyware • A technology that aids in gathering information about a user or content of a machine without that user’s knowledge

  11. Adware • Pretty much Spyware that tells you exactly what it’s going to do… • Always read the EULA…

  12. “Pest” • Colloquial but descriptive • “Any piece of software that the user doesn’t want”

  13. Other Terms… • In The Wild • Dr0pper • “Generation 0”<- this is a zero • Payloads • Rootkit

  14. Naming Viruses? • Interesting problem • Go ahead and read: http://www.virusbtn.com/magazine/archives/pdf/2003/200303.pdf: (p14) That Which We Call Rose.A • What really is in a name? • For the other side, read http://www.virusbtn.com/magazine/archives/200301/caro.xml or Szor Chapter 2, 2.5.

  15. Discussion • What is the goal of virus naming? • Assignment: Read Szor Ch.1 & 2 for Tuesday’s class

  16. “Good” viruses? • Is there any such thing as a good virus? • What do you think about this: http://www.samspublishing.com/articles/printerfriendly.asp?p=337309&rl=1

  17. Next Lesson • Viruses and their environment…