1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004.

Slides:

Advertisements

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.1 Malicious Logic.

Advertisements

Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

CS526: Information Security Chris Clifton November 25, 2003 Malicious Code.

Unit 18 Data Security 1.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #9-1 Chapter 19: Malicious Logic What is malicious logic Types of malicious logic.

Fall 2008CS 334: Computer SecuritySlide #1 Malicious Logic Trojan Horses Viruses Worms.

________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Malicious Logic What is malicious logic Defenses

1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

Created by Dragon Lee May Computer Virus What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys.

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Business computer application University of Palestine College of Business Instructor: Mr. Ahmed Abumosameh.

Video Following is a video of what can happen if you don’t update your security settings! security.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Business computer application University of Palestine College of Business Instructor: Mr. Ahmed Abumosameh.

VIRUSES and DESTRUCTIVE PROGRAMS

The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.

Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:

CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.

The Code of Life: A Look at Emerging Artificial Life The Virus AGCGTGGCAGC ATCCTACGACT GCACGATCCTC GATCGACGTGA CGTGACGTAGC GGGACTCGATC

D. Beecroft Fremont High School VIRUSES.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

VIRUSES - Janhavi Naik. Overview Structure Classification Categories.

Targeted Break-in, DoS, & Malware attacks (II) (February ) © Abdou Illia – Spring 2015.

Structure Classifications &

1 Higher Computing Topic 8: Supporting Software Updated

1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.

Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.

TERMINATE-AND-STAY-RESIDENT TSR IS A SOFTWARE PROGRAM THAT REMAINS IN MEMORY UNTIL IT IS NEEDED, AND THEN PERFORMS SOME FUNCTION. AN GOOD EXAMPLE OF A.

Everything you wanted to know about Computer Viruses.

Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.

Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.

Name: Perpetual Ifeanyi Onyia Topic: Virus, Worms, & Trojan Horses.

What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys or erases data files.

30.1 Lecture 30 Security II Based on Silberschatz & Galvin’s slides And Stallings’ slides.

For any query mail to or BITS Pilani Lecture # 1.

CIS 442: Chapter 2 Viruses. Malewares Maleware classifications and types Viruses Logical and time bombs Trojan horses and backdoors Worms Spam Spyware.

Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.

Program Security Malicious Code Program Security Malicious Code.

Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.

CONTENTS What is Virus ? Types of computer viruses.

Computer Virus: “A program that can infect other programs by modifying them to include a version of itself” -- Dr Fred Cohen Compare to an office clerk.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.

Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.

Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.

Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.

Presentation on Computer Virus

War between Good and Evil.

Lecture 8. Cyber Security, Ethics and Trust

Chapter 19. Malicious Logic

Trojan Horses Viruses Worms

VIRUSES and DESTRUCTIVE PROGRAMS

Chap 10 Malicious Software.

UNIT 18 Data Security 1.

مرکز فناوری اطلاعات دانشگاه رازی

Chapter 22: Malicious Logic

Chap 10 Malicious Software.

Malicious Program and Protection

Chapter 14: Protection.

Presentation transcript:

1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004

2 Overview Trojan Horses Viruses Other Malicious Logic

3 Trojan Horses Overt effect: intended Covert effect: unexpected Propagating: creates a copy of itself Example: Unix login

4 Computer Viruses Definition: A computer virus is a program that inserts itself into one or more files and then performs some (possibly null) action.

5 Boot Sector Infectors Inserts itself into boot sector of a disk Executes when disk is read Moves real boot sector to another location on disk

6 Executable Infectors Infects executable programs Places its code at beginning of executable segment Example: Jerusalem Virus

7 Jerusalem Virus (1/3) 1.Puts 0E0H into register ax 2.Invokes DOS service interrupt 3.If high 8 bits of ax contain 03H, system is already infected: quits and invokes original program 4.Otherwise, gets ready to trap calls to DOS service interrupt vector

8 Jerusalem Virus (2/3) 5.Check the year 6.If 1987 do nothing 7.Else, if not Friday the 13th sets up to respond to clock interrupts 8.Loads and executes original program 9.Stays in memory waiting for DOS service interrupt

9 Jerusalem Virus (3/3) 10.If Friday the 13th and not Sets flag in memory to be destructive: will delete files instead of infecting them. 12.Once in memory, all call to DOS service interrupt are checked: Infects or deletes as per memory flag Infects or deletes as per memory flag Preserves date and time of modification when infecting Preserves date and time of modification when infecting

10 Multipartite Viruses Can infect whether boot sectors or applications Has 2 parts, one for boot records, one for executable files

11 Terminate and Stay Resident (TSR) Viruses Stays active (resident) in memory after the application has terminated. Example: Jerusalem Virus

12 Stealth Viruses Conceal the infection of files Intercept call to file access routines read requests: disinfect as data is returned read requests: disinfect as data is returned execute requests: infected file is executed execute requests: infected file is executed

13 Encrypted Viruses Enciphers all of the virus code except for a small decryption routine Prevents pattern-matching virus detectors from recognizing virus

14 Polymorphic Viruses Changes its form each time it inserts itself into another program May be used with encryption to change pattern of decryption routine

15 Macro Viruses Sequence of instructions that is interpreted rather than executed directly Example: VB viruses

16 Computer Worms Program that copies itself from one computer to another Usual intent is to propagate without causing additional harm Example: Internet Worm of 1988

17 Rabbits and Bacterium Program that absorbs all of some class of resource May not consume all resources, just all of a particular class

18 Logic Bombs Program that performs an action that violates the security policy when some external event occurs May be linked to termination of an employee