Malicious Program and Protection

Slides:



Advertisements
Similar presentations
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.1 Malicious Logic.
Advertisements

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
CS526: Information Security Chris Clifton November 25, 2003 Malicious Code.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #9-1 Chapter 19: Malicious Logic What is malicious logic Types of malicious logic.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
1. 2 What is security? Computer Security deals with the prevention and detection of, and the reaction to, unauthorized actions by users of a computer.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:
CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.
D. Beecroft Fremont High School VIRUSES.
 a crime committed on a computer network, esp. the Internet.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
VIRUSES - Janhavi Naik. Overview Structure Classification Categories.
Structure Classifications &
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
1 What is a computer virus? Computer program Replicating Problematic "Event" Types Detection and prevention.
1 Higher Computing Topic 8: Supporting Software Updated
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
10/11/2015 Computer virus By Al-janabi Rana J 1. 10/11/2015 A computer virus is a computer program that can copy itself and infect a computer without.
Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.
Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
Recent Internet Viruses & Worms By Doppalapudi Raghu.
COMPUTER VIRUS.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.
Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.
Topic 5: Basic Security.
CONTENTS What is Virus ? Types of computer viruses.
VIRUS.
n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.
Chapter 19 – Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature: Awaiting the blow. —On War,
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
Computer virus Done: Aaesha Mohammed ID: H
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.
Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.
ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD.
VIRUSES & ANTI- VIRU-SES. WHAT IS A COMPUTER VIRUS? A computer virus is a small software program that spreads from one computer to another computer and.
Computer safety Filip Hruby.
Computer Viruses Author: Alyse Allen.
Chapter Objectives In this chapter, you will learn:
Malicious Software.
Lecture 8. Cyber Security, Ethics and Trust
COMPUTER VIRUSES Computer Technology.
SEMINAR ON PC SECURITY FROM VIRUSES
Viruses and Other Malicious Content
computer virus infection & symptoms
Viruses, Malicious Code, & Other Nasty Stuff
WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.
Computer Viruses.
Chap 10 Malicious Software.
Chapter 22: Malicious Logic
Chap 10 Malicious Software.
Presentation transcript:

Malicious Program and Protection For bim 6th Sem (www.sheetal.com.np)

Malicious Program: Definition “Hardware, software, or firmware capable of performing an unauthorized function on an information system.” Usually violates security policy of a system Malicious logic is also known as malicious code or malware Types of malicious logic?

Types: Trojan Horses (remember movie TROY) Computer Virus Boot Sector Infector Executable Infector Multipartite Viruses TSR Viruses Stealth Virus Encrypted Virus Polymorphic Virus Macro Viruses Computer Worms Rabbits and Bacteria Logic Bombs

Types

Trojan Horse Definition: A Trojan horse is a program with an overt (known or documented) effect and covert (unknown or undocumented ) effect Overt effect: What user sees. Games, animation Cover effect: What happen in background Appears to be useful program but contain many malicious logic inside A propagating Trojan horse (aka replicating trojan horse) is a Trojan horse that creates a copy of itself

Virus a program that can infect other programs by modifying them to include a, possibly evolved, version of itself (Fred Cohen, 1983) Is a program that insert itself into one or more files and then perform some action Self replicating code, parasitic

Virus : General pseudocode beginvirus: if spread-condition then begin for some set of target files do begin if target is not infected then begin determine where to place virus instructions copy instructions from beginvirus to endvirus into target alter target to execute added instructions end; perform some action(s) goto beginning of infected program endvirus:

Virus types in brief Boot sector infector: Executable infector: That insert itself into the boot sector of disk Executable infector: That infects executable program Multipartite Virus Infect both boot sector or application TSR viruses A terminate and stay resident virus is one that stays active in memory after the application (for eg: disk mounting) has terminated

Virus type in brief Stealth virus: Encrypted Virus Polymorphic virus Virus that conceals the infection of file [ Eg: Virus intercept system call. If call is to obtain attribute, returns original attribute, if call is to execute then execute infected file.] Encrypted Virus Virus that encipher all of the virus code except for a small decryption routine Polymorphic virus Virus that changes it form each time it insert into another program Macro viruses Composed of sequence of instruction that is interpreted rather and executed

Worms Is a program that copies itself from one computer to another What is difference than virus?

Virus vs Worms Computer Virus Computer Worm How does it infect a computer system? It inserts itself into a file or executable program. It exploits a weakness in an application or operating system by replicating itself. How can it spread? It has to rely on users transferring infected files/programs to other computer systems. It can use a network to replicate itself to other computer systems without user intervention. Does it infect files? Yes, it deletes or modifies files. Sometimes a virus also changes the location of files. Usually not. Worms usually only monopolize the CPU and memory. whose speed is more? virus is slower than worm. worm is faster than virus. E.g.The code red worm affected 3 lack PCs in just 14 Hrs. Definition The virus is the program code that attaches itself to application program and when application program run it runs along with it. The worm is code that replicate itself in order to consume resources to bring it down.

Rabbits and Bacteria A bacterium or rabbit is a program that absorbs all of some class of resources While true do mkdir X chdir X done

Logic Bomb Is a program that performs an action that violates the security policy when some external event occurs

Defenses Sandboxing Reducing Right Information Flow Metrics Malicious Logic Altering Files Use cryptographic checksum Checksum is stored in system itself Proof of code Author generate Proof Carrying Code Consumer validates it Trust of notion

County by Malware Infection

Antivirus Software is a class of program that will prevent, detect and remediate malware infections on individual computing devices and IT systems. Though labeled antivirus, modern antivirus is capable of preventing all sort of makware

Features of Antivirus Antivirus, antiworm, antirootkit, ……… Protection against browser exploit Scanning On access, scheduled, on demand Added protection Email scan, Instant-message scan, USB scan, Auto clean Updates

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.