NET 311 Information Security

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Computer Security Set of slides 8 Dr Alexei Vernitski.
Thank you to IT Training at Indiana University Computer Malware.
What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
Computer Viruses.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
1 Ola Flygt Växjö University, Sweden Malicious Software.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Unit 2 - Hardware Computer Security.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Network Security Introduction Some of these slides have been modified from slides of Michael I. Shamos COPYRIGHT © 2003 MICHAEL I. SHAMOS.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.
Chapter 8 Safeguarding the Internet. Firewalls Firewalls: hardware & software that are built using routers, servers and other software A point between.
1 Chapter 19: Malicious Software Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal, U of Kentucky)
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
1 Higher Computing Topic 8: Supporting Software Updated
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Denial of Service (DoS) DoS attacks are aggressive attacks on an individual computer or groups of computers with the intent to deny services to intended.
For any query mail to or BITS Pilani Lecture # 1.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
Computer Viruses and Worms By: Monika Gupta Monika Gupta.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Topic 5: Basic Security.
BY FIOLA CARVALHO TE COMP. CONTENTS  Malicious Software-Definition  Malicious Programs Backdoor Logic Bomb Trojan Horse Mobile Code Multiple-Threat.
Malicious Software.
Chapter 19 – Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature: Awaiting the blow. —On War,
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
Understand Malware LESSON Security Fundamentals.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
MALICIOUS SOFTWARE Rishu sihotra TE Computer
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
Computer safety Filip Hruby.
Chapter 40 Internet Security.
Botnets A collection of compromised machines
Malicious Software.
3.6 Fundamentals of cyber security
CYBER SECURITY...
IT Security  .
Instructor Materials Chapter 7 Network Security
Viruses and Other Malicious Content
Botnets A collection of compromised machines
WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.
– Communication Technology in a Changing World
Malware, Phishing and Network Policies
Chap 10 Malicious Software.
ISNE101 Dr. Ken Cosh Week 13.
Security.
Faculty of Science IT Department By Raz Dara MA.
Security.
Chap 10 Malicious Software.
Operating System Concepts
Computer Security By: Muhammed Anwar.
Operating System Concepts
Test 3 review FTP & Cybersecurity
Presentation transcript:

NET 311 Information Security Networks and Communication Department Lecture 7: Malicious Software (Cont.) (Chapter 21)

lecture contents: Malicious Software Trojan horses Worms Backdoors Spammers 19-Sep-18 Networks and Communication Department

Trojan Horse A program that appears to have some useful purpose, but really masks some hidden malicious functionality Usually superficially attractive with hidden side-effects ** eg game, s/w upgrade etc when run performs some additional tasks allows attacker to indirectly gain access they do not have directly Often used to propagate a virus/worm or install a backdoor or simply to destroy data 19-Sep-18 Networks and Communication Department

Trojans Unlike viruses, Trojan horses do not replicate themselves . Unlike viruses, which are just bad tricks, Trojan horses usually attempt to do something useful for their creator The main use of Trojans is to collect information from your computer This is why they are called spyware 19-Sep-18 Networks and Communication Department

Trojans’ behaviour Simple examples of typical behavior of a Trojan include: Attempting to send e-mail messages to its creator. Opening a TCP/IP port on your computer, to allow its creator to connect to your computer. 19-Sep-18 Networks and Communication Department

How Trojans collect information Keystroke trackers (also known as keystroke recorders) – record what the user has typed Fake login screens – they emulate login to find out your password Garbage trackers – they look in the RAM or on the disk for documents which might be encrypted when they are stored in files. - 85% of documents edited yesterday can be found in unused sectors of the hard drive 6

Protection against Trojans Before your computer is infected: * Do not download software from untrusted sources When your computer is infected: * Checking logs * Using sandboxes (what is a sandbox?) * Using firewalls (what is a firewall?) 7

Worms A worm is a self-replicating piece of code that spreads via networks and usually doesn’t require human interaction to propagate. Example: Melissa virus from the previous lecture could be also classified as a worm

Trapdoors/backdoors A backdoor is a secret entry point to a program . It allows attackers to bypass normal security procedures, gaining access on the attacker’s own terms. a threat when left in production programs allowing exploited by attackers requires good s/w development & update (this is the definition given with respect to one separate program) A backdoor, or trapdoor, is a secret entry point into a program that allows someone that is aware of it to gain access without going through the usual security access procedures. Have been used legitimately for many years to debug and test programs, but become a threat when left in production programs, allowing intruders to gain unauthorized access. It is difficult to implement operating system controls for backdoors. Security measures must focus on the program development and software update activities. A BACKDOOR HAS multiple meanings. It can refer to a legitimate point of access embedded in a system or software program for remote administration. Generally this kind of backdoor is undocumented and is used for the maintenance and upkeep of software or a system. Some administrative backdoors are protected with a hardcoded username and password that cannot be changed; though some use credentials that can be altered. Often, the backdoor’s existence is unknown to the system owner and is known only to the software maker. Built-in administrative backdoors create a vulnerability in the software or system that intruders can use to gain access to a system or data. Attackers also can install their own backdoor on a targeted system. Doing so allows them to come and go as they please and gives them remote access to the system. Malware installed on systems for this purpose is often called a remote access Trojan, or a RAT, and can be used to install other malware on the system or exfiltrate data. A programmer may sometimes install a backdoor so that the program can be accessed for troubleshooting and testing.  9

Backdoors (relative to one program)

Trapdoors/backdoors A backdoor is a is a program that allows attackers to bypass normal security controls on a system, gaining access on the attacker’s own terms. (this is the definition given with respect to the whole computer system)

Backdoors (relative to a computer) A program to be infected

Backdoors Remote execution of individual commands Remote command-line access Remote control of the GUI

Code in e-mail messages These are simple techniques which an attacker can use. It is possible to include executable code (e.g. JavaScript) in e-mail messages. This can be used to collect information about the receiver of the message. In more dangerous cases, the code can affect the work of the receiver’s computer

Code in e-mail messages Example: spammers check the validity of e-mail addresses using HTML messages <html> <body> <imgsrc=“www.spam.com/script.php?id=3495"> </body> </html>

How spammers check the validity of e-mail addresses The idea is as follows. the spammer generates a numbered list of e-mail addresses, for example: 1 aaa@essex.ac.uk 2 bbb@essex.ac.uk ………… 3495 asvern@essex.ac.uk The spammer sends a message to each address, which includes the number of this address in the list as an argument of a script 19-Sep-18 Networks and Communication Department

Code in e-mail messages <img src=“www.spam.com/script.php?id=3495">

Code in e-mail messages Spammers can organize a denial-of-service attack using images in messages. Messages are sent to multiple addresses, including a request of information from a server. <img src=“www.good.com/image.jpg"> Distributed denial of service (DDoS) attacks present a significant security threat to corporations, and the threat appears to be growing. DDoS attacks make computer systems inaccessible by flooding servers, networks, or even end user systems with useless traffic so that legitimate users can no longer gain access to those resources. In a typical DDoS attack, a large number of compromised (zombie) hosts are amassed to send useless packets. In recent years, the attack methods and tools have become more sophisticated, effective, and more difficult to trace to the real attackers, while defense technologies have been unable to withstand large-scale attacks. 19-Sep-18 Networks and Communication Department

Code in e-mail messages <img src=“www.good.com/image.jpg">

References Cryptography and Network Security: Principles and practice’, William Stallings Fifth edition, 2011. Lecture slides by Lawrie Brown for “Cryptography and Network Security”, 5/e, by William Stallings, Chapter 21 – “Malicious Software”. Lecture slides by Dr Alexei Vernitski, University of Essex , 2013 19-Sep-18 Networks and Communication Department

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.