Presentation is loading. Please wait.

Presentation is loading. Please wait.

DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 7. Ingeniería inversa de software malicioso.

Published byClarence Pearson Modified over 8 years ago

Similar presentations

Presentation on theme: "DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 7. Ingeniería inversa de software malicioso."— Presentation transcript:

1 DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 7. Ingeniería inversa de software malicioso

2 Ingeniería inversa de software malicioso 1. Tipo de software malicioso 2. Usos del software malicioso 3. Vulnerabilidades del software malicioso

3 Malicious software or malware Any program that works againts the interests of the system’s user or owner Company CEO: Software for reporting all kinds of usage statistics and web- browsing habits  malware Reversing is the strongest weapon against creators of malware Antivirus researchers  Analyze the lastest malicious programs  Determine just how dangerous they are  Lear their weaknesses so that effective antivirus programs can be developed

4 Malicious software or malware

5

6

7 Tipos de software malicioso

8 Viruses Worms Trojan Horses Backdoors Mobile Code Adware/Spyware

9 Tipos de software malicioso Viruses Self-replicating programs that usually have a malicious intent Effects  Delete valuable information  Freeze the computer  Display annoying messages Typically attach themselves to executable program files Slowly duplicate themselves into many executable files on the infected system

10 Tipos de software malicioso worms Similar to a virus A self-replicating malicious program Replication process  Propagation: Internet, email  Does not require direct human interaction  Takes advantage of certain operating system or vulnerabilities

11 Tipos de sofware malicioso trojan horses General idea: an innocent artifact openly delivered throught the front door Artifacts used  Bening program  Video clip  Image Examples  “A Great Picture.jpg.exe”

12 Tipos de software malicioso backdoors Creates access channel that the attacker can use for connecting, controlling, spying, or otherwise interacting with the victim’s system

13 Tipos de software malicioso Mobile Code A class of benign programs Are executed on a large number of system without being installed by end users Some are design to create a more active Web-browsing experience Actions: download and launch a programa on the end user’s system Mobile code: Java scripts, Java applets

14 Tipos de software malicioso Adware/Spyware Adware  Programs that force unsolicited advertising on end users  Gathers various statistics  Distracting, annoying, reduction of performance and robustness

15 Tipos de software malicioso Sticky Software Not offer an uninstall program It is possible to install registry keys that instruct Windows to always launch the malware as soon as the system is started

16 Tipos de software malicioso Futuro sofware malicioso Information-stealing (kleptographic) worms Programs that could potentially spread like any other worm Locate valuable data on an infected system and steal it Use: public key and private key Attackers could actually blackmail their victims

17 Usos del software malicioso

18 Gains some kind of financial reward by spreading the programs Certain psychological urges or by childish desires to beat the system Backdoor access Denial-of-Service (DoS) Attacks Vandalism Resource Theft Information Theft

19 Vulnerabilidades del software malicioso

20 It runs on untrusted platforms Therefore, it is vulnerable to reversing Once the code is decrypted, the code and behaviour can be analyzed Identification of malicious programs: use unique signatures The antivirus program maintains a database of virus signatures Unique identification for every known malware program Polymorphism thwarts signature-based identification programs by randomly encoding or encrypting the program code

21 Vulnerabilidades del software malicioso weakness 1. Scanning for virus signatures in memory (searching unencrypted form) 2. The decryption code is static Metamorphism Next logial step after polymorphism Instead of encrypting the program’s body and making slight alterations in the decryption engine, it is possible to alter the entire program each tiem it is replicated Each version of the malware can look radically different from any other versions Use of a powerful code analysis engine: metamorphic engine

22 Vulnerabilidades del software malicioso algunas de las alteraciones aplicadas automáticamente a un programa Instruction and Register Selection Instruction Ordering Reversing conditions Instead of a using a statement that checks whether two operands are equal, check whether they are unequal Garbage insertion Function order

23 Bibliografía Reversing: Secrets of Reverse Engineering  Eldad Eilam  Wiley Publishing, Inc.  2005

24 Fin

Download ppt "DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 7. Ingeniería inversa de software malicioso."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.

September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Computer Viruses.

Computer Viruses.
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.

What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.
No.24 Prerawat Denvutivorkarn M.2/2. Definition: antivirus is protective software designed to defend your computer against malicious software. Malicious.

No.24 Prerawat Denvutivorkarn M.2/2. Definition: "antivirus" is protective software designed to defend your computer against malicious software. Malicious.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Similar presentations

Ads by Google