Chapter 22: Malicious Logic

Slides:

Advertisements

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.1 Malicious Logic.

Advertisements

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Chapter 3 (Part 1) Network Security

CS526: Information Security Chris Clifton November 25, 2003 Malicious Code.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #9-1 Chapter 19: Malicious Logic What is malicious logic Types of malicious logic.

Malicious Logic What is malicious logic Types of malicious logic Defenses Computer Security: Art and Science © Matt Bishop.

________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Computer Viruses. History Malicious software – 1970’s Programs distributed over exchange servers speeds spread of viruses Brain sparks term: Virus.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Definitions  Virus A small piece of software that attaches itself to a program on the computer. It can cause serious damage to your computer.  Worm.

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

VIRUSES and DESTRUCTIVE PROGRAMS

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

1 Chapter 19: Malicious Software Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal, U of Kentucky)

Defense Against the Dark Arts Dan Fleck CS469 Security Engineering Reference: Angelos Stavrou’s ISA564 and Computer Security by Bishop Coming up: Types.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.

1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

CSCE 522 Lecture 12 Program Security Malicious Code.

Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.

Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.

30.1 Lecture 30 Security II Based on Silberschatz & Galvin’s slides And Stallings’ slides.

CIS 442: Chapter 2 Viruses. Malewares Maleware classifications and types Viruses Logical and time bombs Trojan horses and backdoors Worms Spam Spyware.

Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.

Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.

COMPUTER SECURITY: INFORMATION AND ACCOUNT By: Jack Denman.

CONTENTS What is Virus ? Types of computer viruses.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.

Chapter 23: Vulnerability Analysis Dr. Wayne Summers Department of Computer Science Columbus State University

NETWORK SECURITY Definitions and Preventions Toby Wilson.

Computer virus Done: Aaesha Mohammed ID: H

Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

Detected by, M.Nitin kumar ( ) Sagar kumar sahu ( )

Chapter 26: Network Security Dr. Wayne Summers Department of Computer Science Columbus State University

Chapter 24: Auditing Dr. Wayne Summers Department of Computer Science Columbus State University

Chapter Objectives In this chapter, you will learn:

Lecture 8. Cyber Security, Ethics and Trust

Chapter 19. Malicious Logic

COMPUTER VIRUSES Computer Technology.

Viruses and Other Malicious Content

Computer Technology Notes 5

VIRUSES and DESTRUCTIVE PROGRAMS

WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.

Computer Viruses.

Chapter 26: Network Security

Chap 10 Malicious Software.

Chapter 17: Confinement Problem

مرکز فناوری اطلاعات دانشگاه رازی

Chapter 23: Vulnerability Analysis

Chapter 28: User Security

Malicious Software Network security Master:Mr jangjou

Chap 10 Malicious Software.

Malicious Program and Protection

Chapter 14: Protection.

Chapter 9 Intruders and Viruses.

Presentation transcript:

Chapter 22: Malicious Logic Dr. Wayne Summers Department of Computer Science Columbus State University Summers_wayne@colstate.edu http://csc.colstate.edu/summers

Malicious Logic Malicious Logic - set of instructions that causes a site’s security policy to be violated Trojan horse – program with an overt effect and a covert effect Computer Virus - program that attaches itself to another program and attacks other software by making copies of itself boot sector infector executable infector multipartite Terminate and stay resident (TSR) Stealth Polymorphic Macro

Other Forms of Malicious Logic Computer Worm – program that copies itself from one computer (typically via the network) to another. Rabbit (bacterium) - program that absorbs all of some class of resource Logic bomb – A program that is activated or triggered after or during a certain event

Defenses Malicious Logic can be both data and instructions Malicious Logic can access and affect objects with a user’s protected domain by assuming the user’s rights Limit the distance a virus can spread by defining a flow distance metric Reduce the user’s protection domain when running suspected programs (principle of least privilege) Use “watchdog” (guardian) program to check if access to a file is permitted

Defenses Use sandbox (virtual machine) to restrict process rights Inhibit users in different protection domains from sharing programs & data (integrity policy) Place protected programs at lowest possible level of a multilevel security policy to keep them from writing down Sign a file with a CRC to detect changes Look for signatures of malicious programs Use heuristic filters to block malicious programs (intrusion detection)