Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi.

Published byChristopher Rogers Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi."— Presentation transcript:

1 Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi Bandung

2 Computer systems security is all about the security threats that can compromise an operating system and the data held within Threats: viruses, Trojans, and spyware are 2

3 COMPUTER SYSTEMS SECURITY THREATS 3

4 Malicious Software Malicious software, or malware, is software designed to infiltrate a computer system and possibly damage it without the user’s knowledge or consent – Viruses – Worms – Trojan horses – Spyware – Rootkits – Adware – and other types of undesirable software. 4

5 Viruses A virus is code that runs on a computer without the user’s knowledge; it infects the computer when the code is accessed and executed For viruses to do their dirty work, they first need to be executed by the user in some way – A virus needs some sort of carrier A virus also has reproductive capability and can spread copies of itself throughout the computer if it is first executed by the user By infecting files accessed by other computers, the virus can spread to those other systems as well 5

6 Viruses types – Boot sector - Initially loads into the first sector of the hard drive; when the computer boots, the virus then loads into memory. – Macro - Usually placed in documents and e-mailed to users in the hopes that the user will open the document, thus executing the virus. – Program - Infects executable files 6

7 Viruses types (2) – Polymorphic - Can change every time is it executed in an attempt to avoid antivirus detection. – Stealth - Uses various techniques to go unnoticed by antivirus programs. – Armored - These protect themselves from antivirus programs by tricking the program into thinking that it is located in a different place from where it actually resides Essentially, it has a layer of protection that it can use against the person who tries to analyze it; it will thwart attempts by analysts to examine its code. – Multipartite - A hybrid of boot and program viruses that attacks the boot sector or system files first and then attacks the other 7

8 Worms Worms are much like viruses except they self-replicate whereas a virus does not With worms, the user doesn’t need to access and execute the malware Worms take advantage of backdoors and security holes in operating systems and applications – They look for other systems on the network or through the Internet that are running the same applications and replicate to those other systems 8

9 Trojan Horses 9

10 Trojan horses, or simply Trojans, appear to perform wanted functions but are actually performing malicious functions behind the scenes These are not technically viruses and can easily be downloaded without noticing them 10

11 Remote access Trojans (RATs) are the most common type of Trojan (ex: Back Orifice or NetBus) – their capability to allow an attacker higher administration privileges than the owner When a target computer is controlled by an attacker, it could easily become a robot (or simply a bot), carrying out the plans of the attackers at their command 11

12 Spyware Spyware is a type of malicious software either downloaded unwittingly from a website or installed along with some other third-party software Usually, this malware collects information about the user without the user’s consent. Spyware is also associated with advertising (those pop-ups that just won’t go away!) and could possibly change the computer configuration – Adware usually falls into the realm of spyware because it pops up advertisements based on what it has learned from spying on the user Grayware is another general term that describes applications that are behaving improperly but without serious consequences – It is associated with spyware, adware, and joke programs 12

13 Rootkits A rootkit is a type of software designed to gain administrator-level control over a computer system without being detected – The term is a combination of the words “root” (meaning the root user in a UNIX/Linux system or administrator in a Windows system) and “kit” (meaning software kit) – Usually, the purpose is to perform malicious operations on a target computer at a later date without the knowledge of the administrators or users of that computer 13

14 Rootkits are difficult to detect because they are activated before the operating system has fully booted A rootkit might install hidden files, processes, and hidden user accounts. Because rootkits can be installed in hardware or software, they can intercept data from network connections, keyboards, and so on 14

15 Rootkits can target the BIOS, boot loader, kernel, and more Example: Evil Maid 15

16 Spam Spam is the abuse of electronic messaging systems such as e-mail, broadcast media, instant messaging, and so on Spammers send unsolicited bulk messages indiscriminately, usually without benefit to the actual spammer, because the majority of spam is either deflected or ignored The bulk of network-based viruses are transferred through spam e- mails 16

17 Summary of Malware Threats 17

18 WAYS TO DELIVER MALICIOUS SOFTWARE 18

19 Malware is not sentient (...not yet) and can’t just appear out of thin air it needs to be transported and delivered to a computer or installed on a computer system in some manner 19

20 20

21 Direct physical access 21

22 Via Software, Messaging, and Media 22

23 Active Interception (inception) 23

24 Privilege Escalation the act of exploiting a bug or design flaw in a software or firmware application to gain access to resources that normally would’ve been protected from an application or user 24

25 Backdoors Backdoors are used in computer programs to bypass normal authentication and other security mechanisms in place Originally, backdoors were used by developers as a legitimate way of accessing an application, but soon after they were implemented by attackers who would use backdoors to make changes to operating systems, websites, and network devices Quite often, it is installed via a Trojan horse Example: Back Orifice (completely new application that would act as a backdoor), which enables a user to control a Windows computer from a remote location. 25

26 Logic Bombs Logic bombs are code that has, in some way, been inserted into software to initiate one of many types of malicious functions when specific criteria are met malware malware delivery system 26

27 Botnets and Zombies malware can be distributed throughout the Internet by a group of compromised computers known as a botnet (controlled by a master computer (where the attacker resides)) The individual compromised computers in the botnet are called zombies Leads to distributed denial of service (DDoS) 27

28 Columbo is an American detective mystery television film series, starring Peter Falk as Columbo, a homicide detective with the LAPD (wikipedia) 28

Download ppt "Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi."

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Computer Viruses.

Computer Viruses.
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.

What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.
Viruses & Destructive Programs

Viruses & Destructive Programs
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Similar presentations

Ads by Google