1 / 31

Malicious Software

Malicious Software. All your bytes are belong to me. Omar Hemmali 12-Mar-14. Objectives. Define Malicious Software and some relevant terms Define and explain some of the types of Malicious Software Talk about how we can get Malicious Software

jerold
Télécharger la présentation

Malicious Software

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Malicious Software All your bytes are belong to me. Omar Hemmali 12-Mar-14

  2. Objectives • Define Malicious Software and some relevant terms • Define and explain some of the types of Malicious Software • Talk about how we can get Malicious Software • Talk about ways to prevent transfer of Malicious Software • Talk about Malicious Software Laws • Show a few examples Omar Hemmali - Malicious Software

  3. Malicious Software = Malware • A catch-all term to refer to any software designed to cause undesirable effects or damage to a single computer, server or computer network. • Bug = Malware? • Viruses, Worms, Trojan Horses, Spyware, Adware • High Level, Assembly, Script Omar Hemmali - Malicious Software

  4. Scripting Language • A programming language that mimics user interaction with a computer. • Very easy to use. • More later. Omar Hemmali - Malicious Software

  5. Virus • A segment of code designed to attach to another file, run when the file is executed, and have a mechanism to replicate itself. • Needs a host. • User must spread the virus. Omar Hemmali - Malicious Software

  6. Michelangelo Virus • Discovered April 1991 • Activates on March 6th • Changes MBR • Infects Disks • Intel LANSpool Omar Hemmali - Malicious Software

  7. Worms • Scripts designed to create an undesired effect and replicate. • Worm = Virus? • No host – Self contained • Internet Connectivity greatly help the spread of worms Omar Hemmali - Malicious Software

  8. Benjamin Worm • Spread through File Sharing Programs • User thinks they are getting a movie or song • File is actually the worm with dummy bytes • Creates multiple copies with names of popular files • Takes a lot of hard drive space Omar Hemmali - Malicious Software

  9. Code Red worm • Discovered July 2001 • Infected 300,000+ machines in 14 hours Omar Hemmali - Malicious Software

  10. Code Red worm • Exploited a flaw in Microsoft’s Internet Information Server (IIS) software • Required no user interaction • Only a network connection • Compiled a list of IP addresses and then attacked them Omar Hemmali - Malicious Software

  11. Trojan Horses • Masquerades as a program the user wants or finds interesting • Creates a security hole so that the attacker may gain control later on • Sometimes used as a method of implanting another form of malware Omar Hemmali - Malicious Software

  12. Storm Trojan • Discovered January 17, 2007 • Sent as an email with a fictitious news story as the subject • Contains program with name similar to subject • Joins the Storm botnet structured like a peer-to-peer network • Each node is connected to 30-35 other nodes • Utilizes some of the infected machines to send spam messages containing the Trojan Omar Hemmali - Malicious Software

  13. Spyware • Installed without user knowledge or consent and monitors user activities. • This is used for advertising and monitoring, or to sell to another party. • Considered invasion of privacy • Slows down the computer significantly Omar Hemmali - Malicious Software

  14. Adware • Users consider malicious, legally isn’t. • Present ads catered to users surfing habits • Considered invasion of privacy • User must agree to have adware installed usually bundled with sponsored software. Omar Hemmali - Malicious Software

  15. Malware Prevention • Ounce of prevention is worth a ton of cure • Stay away from illegally shared files • Not worth the hassle of losing valuable data to identity thieves • Not worth the jail time either Omar Hemmali - Malicious Software

  16. Malware Protection • ALWAYS get the latest security updates • Code Red could have been prevented • Keep Anti-Virus / Anti-Spyware running • Keep a software Firewall running Omar Hemmali - Malicious Software

  17. Malware laws • Developing viruses, worms, Trojans, and spyware for distribution is illegal. Period. • Florida Statute §815.06 outlines what constitutes illegal activity Omar Hemmali - Malicious Software

  18. Malware laws • Software cannot destroy, injure, damage, disrupt, deny, or cause to deny service of a computer. 3rd degree felony • Above and damage exceeds $5,000. 2nd degree felony • Above and endangers a human life. 1st degree felony Omar Hemmali - Malicious Software

  19. Examples Omar Hemmali - Malicious Software

  20. Omar Hemmali - Malicious Software

  21. Omar Hemmali - Malicious Software

  22. Omar Hemmali - Malicious Software

  23. Omar Hemmali - Malicious Software

  24. Omar Hemmali - Malicious Software

  25. Omar Hemmali - Malicious Software

  26. Omar Hemmali - Malicious Software

  27. Omar Hemmali - Malicious Software

  28. Summary • Subtle differences between viruses, worms, and Trojans • Spyware and Adware are annoying • Prevention is easier than fixing • Easy to protect yourself Omar Hemmali - Malicious Software

  29. Questions • What is one way to protect yourself from malicious software? • What was one of the viruses/worms/Trojans discussed? Omar Hemmali - Malicious Software

  30. Omar Hemmali - Malicious Software

  31. Sources • Fundamentals of Network SecurityBy Eric Maiwald • http://www.pcworld.com/article/id,103992-page,1/article.html • http://www.msnbc.msn.com/id/20534080/ • http://www.microsoft.com/technet/security/alerts/info/malware.mspx • http://www.caida.org/research/security/code-red/coderedv2_analysis.xml • http://www.cert.org/advisories/CA-1992-02.html • http://www.research.ibm.com/antivirus/SciPapers/White/VB95/vb95.distrib-node7.html#SECTION00041000000000000000 • http://www.webopedia.com/DidYouKnow/Internet/2004/spyware.asp Omar Hemmali - Malicious Software

More Related