We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byKatherine Walford
Modified over 2 years ago
Slide 11 June 2014© IRM Plc 2001 Eaten by the Worms Eaten by the Worms The perils of network hostile code Dr Neil Barrett Technical Director - IRM Plc 27 th September 2001 – Hong Kong
Slide 21 June 2014© IRM Plc 2001 Introduction Nature and development of Computer Worms Risk elements and damage potential Responses and preparation work Future of worms Conclusion
Slide 31 June 2014© IRM Plc 2001 What is a Computer Worm? A self-replicating program Copies itself from system to system Free-standing and complete Not really a virus But can carry a hostile Payload
Slide 41 June 2014© IRM Plc 2001 Where did Worms come from? Self-replicating programs in early 1984 By mid 1984 had become network mobile First viruses start to be proposed By 1985, self-replicating programs through trust networks Hostile viruses arise And then along came Robert Morris Jnr…
Slide 51 June 2014© IRM Plc 2001 The Morris Worm - 1988 First true Exploit Worm Used a security weakness to force replication –I.e., outside of the trust network Also followed trust network, but interest is in the exploit aspects Used a then new trick called Buffer Overflows
Slide 61 June 2014© IRM Plc 2001 The Morris Worm (2) Buffer overflows first proposed by Morris Snr Now well known, but then very new Allowed worm to be an automated hacker Did nothing deliberately damaging –Indeed, believed to have been loosed accidentally But resulted in system flooding
Slide 71 June 2014© IRM Plc 2001 Worms since Morris Took a few years for subsequent worms More interest in viruses Worms scripted to use emerging exploits –E.g., Word macro, Unicode, etc Slowly became objective focused
Slide 81 June 2014© IRM Plc 2001 Development of Worms Most early worms achieved no objective Damage resulted from flooding or from panic Solitary objective was self-propagation More recent worms grab and copy some information –E.g., PGP information Some military use of focused worms
Slide 91 June 2014© IRM Plc 2001 How do Modern Worms Work? E.g., NIMDA spread from server to server through Web exploits Spread from client to client through executables –I.e., persuasive mail attachments Potential for uncontrollable executables –I.e., Web pages, Outlook preview panel, etc
Slide 101 June 2014© IRM Plc 2001 Risk Elements and Damage Potential Essentially threefold Flooding and related panic behavior –System shutdown and associated costs Or information leakage –Leakage is so far only limited Or a set of destructive payloads –I.e., resetting BIOS and system information
Slide 111 June 2014© IRM Plc 2001 How Great a Risk? Reputation, financial, security risks Damage, disclosure or distrust of stored information Costs of repair or of business loss Reputation risks depend on worm publicity profile –I.e., wide spreading worm carries low reputation risk
Slide 121 June 2014© IRM Plc 2001 Countermeasures Best approach is to know ones exposure Not virus related But hacker related Best option is to have had focused, audit-based penetration testing –Because worms now use well-known hacking tricks –These can be looked for and removed
Slide 131 June 2014© IRM Plc 2001 Countermeasures (2) Constant system monitoring and correction of known existing weaknesses A culture of security awareness –Limits executable tricks An alert system management staff –That are a part of the community No Head in the Sand attitude –Share information and experiences
Slide 141 June 2014© IRM Plc 2001 Future No reason at all to believe that worms will stop! Increasing sophistication –More clever option controls –Multiple exploit selection –Multi-platform and multi-environment Increasing incidence of hostile intent Growth into non-IP environment –Mobile phones? PDA?
Slide 151 June 2014© IRM Plc 2001 Conclusion Best defense comes from knowledge Knowledge comes from testing Correct the faults shown through testing Share information with others Dont expect this problem to go away!
Slide 161 June 2014© IRM Plc 2001 Thank You! Dr Neil Barrett Technical Director – IRM Plc Tel: + 44 (0) 20 7808 6420 Neil.Barrett@IRMPLC.com Richard Stagg Managing Consultant – IRM Asia Level 30 Bank of China Tower Tel: 2251 8291 Richard.Stagg@IRMPLC.com
Viruses a piece of self-replicating code attached to some other code – cf biological virus both propagates itself & carries a payload – carries code to.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
% Security “ ” The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
©Ian Sommerville 2004Software Engineering Case Studies Slide 1 The Internet Worm Compromising the availability and reliability of systems through security.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Administrative: Objective: –Tutorial on Risks –Phoenix recovery Outline for today.
Malicious Software Index Introduction Terminologies Categories Backdoors Logic Bomb Trojan Horse Nimda attack Important questions.
95-752:8-1 Application Security :8-2 Malicious Code Vulnerable Software Hacker toolkits Back/Trapdoors Greedy Programs / Logic bombs Salami Attacks.
COMP6005 An Introduction to Computing Session One: An Introduction to Computing Security Issues.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
By: Matthew Newsome. The Internet was created so the US Department of Defense can share information between each other, which took place in the 1960’s.
PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.
Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Normalization Building Database Relationships. page 21/4/2014 Presentation Normalization Youve been creating tables without giving much thought to them.
Unit 2 - Hardware Computer Security. What is computer security? Measures that are taken to prevent computer systems from malicious attacks, theft, or.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
Web Exploits and the Rise of Cybercriminals Roger Thompson AVG Chief Research Officer.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
1 Figure 1-3: Attack Trends Growing Incident Frequency Incidents reported to the Computer Emergency Response Team/Coordination Center 1997: 2,134.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
Ahmad Radaideh. Abstract Introduction Google Cached Content GOOGLE HACKING Procedures Google Advance Operators Google hacking Result Categories.
1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.
© Ravi Sandhu Introduction to Information Security Ravi Sandhu.
OCTAVE-S on TradeSolution Inc.. Introduction Phase 1: Critical Assets and threats Phase 2: Critical IT Components Phase 3: Changes Required in current.
Data protection This means ensuring that stored data does not get changed, removed or accessed accidentally or by unauthorised people. Data can be corrupted,
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Recent Internet Viruses & Worms By Doppalapudi Raghu.
Servers in the Wild… …and the threats that lurk about. DePaul University Information Security Team TLT Presentation 08 May 2002.
W elcome to our Presentation. Presentation Topic Virus.
MALICIOUS SOFTWARE Rishu sihotra TE Computer
Storage, Communication & Disposal of data & information Threats to data & Information Deliberate, accidental & technical failure.
A Failure to Learn from the Past Presented by Chad Frommeyer CSC 493/593 Professors Charles E. Frank/James Walden.
Computers in Society Week 8: Computer Security and Hacking.
1 What will be the Coming Super Worms and Viruses By Alan S H Lam.
Survey “Intrusion Detection: Systems and Models” “A Stateful Intrusion Detection System for World-Wide Web Servers”
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
For more notes and topics visit: eITnotes.com.
CS 4001Mary Jean Harrold1 Class 25 Computer crime Assign Term paper—due 11/20.
Computer Viruses. Where the name came from This is a phrase coined from biology to describe a piece of software that behaves very much like a real virus.
Computer Security By Duncan Hall. Three protections of information Confidentiality: Ensures that only authorized parties can view the information and.
Understand Malware LESSON Security Fundamentals.
Defense and Detection Strategies Against Internet Worms Usman Sarwar Network Research Group, University Science Malaysia.
11 March 2012 Holger Witte Brookhaven National Laboratory Advanced Accelerator Group A Dipole (without) Grain Oriented Steel.
© 2017 SlidePlayer.com Inc. All rights reserved.