SpyWare! Chuck Short CS522 – Fall 2006 Semester Project Presentation Professor: Dr. C. Edward Chow.

Slides:

Advertisements

Similar presentations

The Internet and the Web

Advertisements

CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.

Adware and Spyware. Objectives u Define terms, scope, and motivation u Discuss impact (personal and business) u Review basic technical aspects u Provide.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

SPYWARE  Do you know where your personal information is?

 Meaning of spyware Spyware is a program that can be installed on computers, and which collects small pieces of information about users without their.

Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

The Internet & The World Wide Web Notes

1 Web Development Life Cycle  Ensures project consistency and completeness –Planning –Analysis –Design and Development –Testing –Implementation and Maintenance.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

HTML Comprehensive Concepts and Techniques Intro Project Introduction to HTML.

Spyware! Tia. What Is Spyware? With so many types of popular software being spread around the Internet, it is important to be aware of what spyware is.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Chapter 12 Cookies and Sessions Part 2. Setting Cookie Parameters setcookie(name, value, expiration, path, host, secure, httponly) epoch – midnight on.

Syllabus outcomes Describes and applies problem-solving processes when creating solutions Designs, produces and evaluates appropriate solutions.

1 Spyware, Adware, and Browser Hijacking. ECE Agenda What is Spyware? What is Adware? What is Browser Hijacking? Security concerns and risks Prevention,

1 John Magee 9 November 2012 CS120 Lecture 17a: Publishing Web pages.

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

Networks and Security Monday, 10 th Week. Types of Attacks/Security Issues  Viruses  Worms  Macro Virus  Virus  Trojan Horse  Phishing 

Adapted from Computer Concepts, New Perspectives, Thompson Course Technology EDW 647: The Internet Dr. Roger Webster & Dr. Nazli Mollah 24 Cookies: What.

Windows Internet Explorer 9 Chapter 1 Introduction to Internet Explorer.

Chapter 8 The Internet: A Resource for All of Us.

5 Chapter Five Web Servers. 5 Chapter Objectives Learn about the Microsoft Personal Web Server Software Learn how to improve Web site performance Learn.

Honeypot and Intrusion Detection System

CSE 154 LECTURE 12: COOKIES. Including files: include include("filename"); PHP include("header.html"); include("shared-code.php"); PHP inserts the entire.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.

Web Programming Language Week 7 Dr. Ken Cosh Security, Sessions & Cookies.

1 Spyware. ECE 4112-Internetwork Security2 Agenda Cookies Browser hijacking Bundled software Key loggers Spyware prevention and deletion.

Week seven CIT 354 Internet II. 2 Objectives Database_Driven User Authentication Using Cookies Session Basics Summary Homework and Project 2.

CSCE 201 Web Browser Security Fall CSCE Farkas2 Web Evolution Web Evolution Past: Human usage – HTTP – Static Web pages (HTML) Current: Human.

Protecting Students on the School Computer Network Enfield High School.

Return to the PC Security web page Lesson 5: Dealing with Malware.

1 Malware/Spyware Group 26 Jay Kim and Jimmy Patel.

Log files presented to : Sir Adnan presented by: SHAH RUKH.

1 World Wide Web Concepts (Chapter 18) 인공지능연구실. 2 목 차  Elements of the Web  Web Browsers  Keeping Tracking of your Favorite Web sites  Security and.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.

Web Design (1) Terminology. Coding ‘languages’ (1) HTML - Hypertext Markup Language - describes the content of a web page CSS - Cascading Style Sheets.

FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.

PHP Cookies. Cookies are small files that are stored in the visitor's browser. Cookies can be used to identify return visitors, keep a user logged into.

Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION.

SPYWARE Spyware, a new class of malicious programs, is just as dangerous as viruses but generally Is underreported. The issues are no longer those of privacy,

PHP and Sessions. Session – a general definition The GENERAL definition of a session in the “COMPUTER WORLD” is: The interactions (requests and responses)

 A cookie is often used to identify a user. A cookie is a small file that the server embeds on the user's computer. Each time the same computer requests.

Internet addresses By Toni Grey & Rashida Swan HTTP Stands for HyperText Transfer Protocol Is the underlying stateless protocol used by the World Wide.

Sessions and cookies (part 2) MIS 3501, Fall 2015 Brad N Greenwood, PhD Department of MIS Fox School of Business Temple University 11/19/2015.

Introduction Web analysis includes the study of users’ behavior on the web Traffic analysis – Usage analysis Behavior at particular website or across.

Internet Safety Topic 2 Malware Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other dangerous software exists, such.

Erica Larnerd COSC Spyware...  What is it?  What does it do?  How does it get on my computer?  How can I tell if it’s on my computer?  What.

By Alex Mayak.  What is spyware?  History of spyware.  What effect does spyware have on your computer?  What spreads spyware?

Protecting your search privacy A lesson plan created & presented by Maria Bernhey (MLS) Adjunct Information Literacy Instructor

Windows Vista Configuration MCTS : Internet Explorer 7.0.

Tutorial 1 Getting Started with Adobe Dreamweaver CS5.

Windows Vista Configuration MCTS : Network Security.

Blended HTML and CSS Fundamentals 3 rd EDITION Tutorial 2 Creating Links.

Managing Windows Security

CSE 154 Lecture 20: Cookies.

Warm Handshake with Websites, Servers and Web Servers:

19.10 Using Cookies A cookie is a piece of information that’s stored by a server in a text file on a client’s computer to maintain information about.

Sessions and cookies (part 2)

Web Programming Language

14-мавзу. Cookie, сеанс, FTP и технологиялари

What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.

Spyware. By: Katheryn L. Gaston.

HOW DO I KEEP MY COMPUTER SAFE?

CSc 337 Lecture 27: Cookies.

Web Programming Language

Web Servers (IIS and Apache)

CSc 337 Lecture 25: Cookies.

Presentation transcript:

SpyWare! Chuck Short CS522 – Fall 2006 Semester Project Presentation Professor: Dr. C. Edward Chow

Agenda Define SpyWare Define SpyWare Discuss methods used for spying Discuss methods used for spying Focus on passive tracking methods Focus on passive tracking methods Demonstrate one passive method Demonstrate one passive method Discuss prevention Discuss prevention Conclusions Conclusions

SpyWare Definition SpyWare is a general term used to describe software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent first. SpyWare is a general term used to describe software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent first. spx

SpyWare Categories Advertising (Passive) Advertising (Passive) –Capture browsing history –Capture buying habits Surveillance (Active) Surveillance (Active) –Key loggers –System Monitors

SpyWare Statistics 90% of all internet connected machines are infected 90% of all internet connected machines are infected ~28 SpyWare traces on each machine ~28 SpyWare traces on each machine 1/3 infected with surveillance SpyWare 1/3 infected with surveillance SpyWare 80% of infections were cookies 80% of infections were cookies

Passive Tracking Methods Web Beacons Web Beacons Cookies deposits Cookies deposits

Web Beacons Also know as Also know as –Web Bugs –Clear GIFs Allows destination to log page hits Allows destination to log page hits Can be used in conjunction with cookies Can be used in conjunction with cookies

Cookie Fields ParameterDescription Name The name of the cookie. Value The value of the cookie. Expire The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire. Path The path on the server in which the cookie will be available. Domain The domain in which the cookie is available Secure When set to TRUE, the cookie will only be set if a secure connection exists. The default is FALSE. httponly When TRUE the cookie will be made accessible only through the HTTP protocol. Not supported on all browsers

Web Beacon w/Cookie Example: spywareWebBeaconCookieDeposit.html <html><head> Web Beacon Cookie Deposit Example Web Beacon Cookie Deposit Example </head><body> Web Beacon Cookie Deposit Example: Web Beacon Cookie Deposit Example: </body></html>

Server Code serverWebBeacon.php <?php if (!(isset($_COOKIE["SpyCookie"]))){ setcookie("SpyCookie", "ISpyOnYou", time()+3600); setcookie("SpyCookie", "ISpyOnYou", time()+3600);}?><html> PHP Test PHP Test <?php $filename = 'cookieCapture.txt'; $today = date("D M j G:i:s T Y"); $Content = "SpyCookie". " : ". "$_COOKIE[SpyCookie]". " : ". "$today\r\n"; if($handle = fopen($filename, 'a')){ fwrite($handle, $Content); fwrite($handle, $Content); fclose($handle); fclose($handle);}?> </html>

Cookie Capture File public_html]$ cat cookieCapture.txt SpyCookie : ISpyOnYou : Fri Dec 1 18:30:17 MST 2006 SpyCookie : ISpyOnYou : Fri Dec 1 18:30:38 MST 2006 public_html]$

Packet Capture

Conclusions Browser settings can prevent cookie deposit Browser settings can prevent cookie deposit Be careful what you download Be careful what you download –Don’t open the door willingly The use of cookies is fundamental The use of cookies is fundamental –The information provided is minimal

Questions?

References Tzu-Yen Wang, Shi-Jinn Horng, Ming-Yang Su, Chin-Hsiung Wu,Peng-Chu Wang and Wei-Zen Su. A Surveillance Spyware Detection System Based on Data Mining Methods IEEE Congress on Evolutionary Computation. Tzu-Yen Wang, Shi-Jinn Horng, Ming-Yang Su, Chin-Hsiung Wu,Peng-Chu Wang and Wei-Zen Su. A Surveillance Spyware Detection System Based on Data Mining Methods IEEE Congress on Evolutionary Computation. Wes Ames, Understanding Spyware: Risk and Response, 2004 IEEE IT Pro Wes Ames, Understanding Spyware: Risk and Response, 2004 IEEE IT Pro spx spx