Presentation is loading. Please wait.

Presentation is loading. Please wait.

Malware Fundamentals POLITEHNICA University of Bucharest 14 th of January 2015 Ionuţ – Daniel BARBU.

Published byBethany Gardner Modified over 8 years ago

Similar presentations

Presentation on theme: "Malware Fundamentals POLITEHNICA University of Bucharest 14 th of January 2015 Ionuţ – Daniel BARBU."— Presentation transcript:

1 Malware Fundamentals POLITEHNICA University of Bucharest 14 th of January 2015 Ionuţ – Daniel BARBU

2 Agenda Evolution Security implementations in Operating Systems Historical facts Malware types Source of the information: Wikipedia.org

3 Source: theusindependent.com Evolution

4 Operating Systems Designed for security but not for the INTERNET Windows NT Offered the option of multi profiles but not of multi – users Partial memory protection No Access Privileges Concept Windows 9x XP limited accounts Vista User Account Control The first user was administrator by default – Removed 7 BitLocker Drive Encryption and Biometrics Improved Windows Firewall, Microsoft Security Essentials & Windows Defender 8 New authentication methods Newer Versions “Consumer versions of Windows were originally designed for ease-of-use on a single-user PC without a network connection, and did not have security features built in from the outset.”, Wikipedia Windows Patch Tuesday

5 Malware …is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Regin Reversed in November 2014 Samples date from 2003 Customized SpyingStealthySteal Information Stuxnet Worm discovered in 2010 Attacked industrial programmable logic controllers Ruined 20% of Iran’s nuclear centrifuges Cause harmSabotage CryptoLocker Ransomware Trojan Discovered by Dell SecureWorks Propagated via e-mail attachments or botnets Encrypts Money Extortion - Bitcoin

6 History 1949 – John von Neumann introduces the theory of self replicating programs 1972 – Veith RISAK writes an article describing a fully functional virus for SIEMENS 4004/35 1980 - Jürgen KRAUS: “ computer programs can behave in a way similar to biological viruses” Early Stages 1971 – Creeper Virus – ARPANET “I’m the creeper, catch me if you can!” The Reaper worm was design to catch it – it did! 1982 – ELK Cloner – first personal computer virus – displayed a poem 1992 – first Windows Virus - WinVir First Computer Viruses Source: ajovomultja.hu

7 Viruses When infected: Steals hard disk space of CPU time Access private information, corrupts data Keystroke logging “the defining characteristic of viruses is that they are self-replicating computer programs which install themselves without the user's consent.” Motivation: Seek profit Message Conveying Sabotage Denial of Service Anti - virus Open Source Proprietary Often use of complex anti- detection/stealth strategies to evade antivirus software. Keep the same “last modification date”, file size or try to kill detection tasks Read requests intercept, self modification, encrypted viruses, polymorphic vs metamorphic code Methods: Social Engineering Security Vulnerabilities Replication Techniques: Resident (after installation it remains in RAM) vs. non-resident (scans for targets, infects and exits) Macro virus (embedded in macro containing documents) Boot sector When executed, it replicates by inserting copies of self in other programs etc.

8 Worms Unlike a virus, it does not need to attach itself to an existing program. At least some harm is caused due to bandwidth consumption. The payload is usually designed to delete files, encrypt or send docs via mail. Patching Firewall Many of them are payload free, however even these cause major disruption: Morris Worm 1988 (first distributed worm via Internet from MIT) Backdoors represent a known payload and they usually lead to Zombie computers and further to botnets Packet filters ACL …standalone malware computer program that replicates itself in order to spread to other computers

9 Trojan Horse Zeus / Zbot Microsoft Windows OS Steal banking information Man-in-the-browser Keystroke logging Distributes also CryptoLocker carries out actions determined by its nature… remote access hack Interesting use: anonymizer proxy! data theft or loss Beasts 2.07 system harm can act as a backdoor Protection: IPS IDS Content Filtering ….is a generally non-self- replicating type of malware program containing malicious code Source: megasecurity.org

10 Others Backdoor Method of bypassing normal authentication Basic example of backdoor: default password Rootkit Hide existence of certain processes or programs Enables continued privileges to a computer Spyware & Adware Aids in gathering information about a person or organization without their knowledge Automatically renders advertisements in order to generate revenue for its author

11 Zero - Day Antivirus software signatures are not yet available Behavior signatures Zero – Day Vulnerability & Exploit Sandbox

12 Thank you! “If you think technology can solve your security problems, then you don’t understand the problems and you don’t understand the technology.” Bruce Schneier

Download ppt "Malware Fundamentals POLITEHNICA University of Bucharest 14 th of January 2015 Ionuţ – Daniel BARBU."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.

UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Unit 6 Digital Literacy Study S3 Obj 2-2

Unit 6 Digital Literacy Study S3 Obj 2-2
Computer Viruses.

Computer Viruses.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Copyright © 1995-2009 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Viruses & Destructive Programs

Viruses & Destructive Programs
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Similar presentations

Ads by Google