Beyond Anti-Virus by Dan Keller 1987- Fred Cohen- Computer Scientist “there is no algorithm that can perfectly detect all possible computer viruses”

Slides:

Advertisements

Similar presentations

Thank you to IT Training at Indiana University Computer Malware.

Advertisements

By Hiranmayi Pai Neeraj Jain

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

1 Anti Virus vs virus System i-Specific Anti-Virus Product Ali ameen al said.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

LittleOrange Internet Security an Endpoint Security Appliance.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Course 201 – Administration, Content Inspection and SSL VPN

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

Project By Ben Woodard ISC 110 Professor: Dr. Elaine Wenderholm.

GROUP MEMBERS ALI RAZA EHTASHAM ZAFAR SOHAIB AHMED BILAL HASSAN FAHAD ABDUL AZIZ.

Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

Automated malware classification based on network behavior

CISC Machine Learning for Solving Systems Problems Presented by: Akanksha Kaul Dept of Computer & Information Sciences University of Delaware SBMDS:

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)

Computer Viruses Preetha Annamalai Niranjan Potnis.

Hacker Zombie Computer Reflectors Target.

Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.

Spyware and Viruses Group 6 Magen Price, Candice Fitzgerald, & Brittnee Breze.

WHAT IS VIRUS? NAE GRAND CHALLENGE SECURE CYBERSPACE.

Malware Adware Removal Best Free Malware Virus Protection Best Free Malware Adware Removal Service Best free Anti Spyware Removal Service Best free Trojan.

Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.

 a crime committed on a computer network, esp. the Internet.

1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.

Managing Information in a Global World

PC Security: Antivirus Presentation done by Ming-Li Emily Chang (A2980) Raymond Chok (A2419)

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.

Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.

Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.

Copyright © 2007 AV-Test GmbH The WildList is Dead, Long Live the WildList! Andreas Marx & Frank Dessmann AV-Test GmbH, Magdeburg, Germany

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

System utility pieces of software. Antivirus Antivirus (or anti-virus) software is used to safeguard a computer from malware, including viruses, computer.

Malware Analysis Jaimin Shah & Krunal Patel Vishal Patel & Shreyas Patel Georgia Institute of Technology School of Electrical and Computer Engineering.

Return to the PC Security web page Lesson 5: Dealing with Malware.

Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.

Virus and anti virus. Intro too anti virus Microsoft Anti-Virus (MSAV) was an antivirus program introduced by Microsoft for its MS-DOS operating system.

Dealing with Malware By: Brandon Payne Image source: TechTips.com.

November 19, 2008 CSC 682 Use of Virtualization to Thwart Malware Written by: Ryan Lehan Presented by: Ryan Lehan Directed By: Ryan Lehan Produced By:

LOGOPolyUnpack: Automating the Hidden-Code Extraction of Unpack-Executing Malware Royal, P.; Halpin, M.; Dagon, D.; Edmonds, R.; Wenke Lee; Computer Security.

Antivirus software.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.

Business Technology Applications What is Malware.

Safe’n’Sec complex solutions for home PCs protection.

Computer viruses are programs written by people and they are programed specially to damage the data on our computer by corrupting programs, deleting files,

1 3 Computing System Fundamentals 3.7 Utility Software.

By: Jasmin Smith  ability to control what information one reveals about one’s self over the Internet.

Antivirus Software Troy Behmer. Outline Topics covered: – What is Antivirus software (AVS)? – What are the advantages and disadvantages of AVS? – What.

ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

Protecting Computers From Viruses and Similarly Programmed Threats Ryan Gray COSC 316.

Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.

Get Full Protection on Microsoft Azure with Symantec™ Endpoint Protection 12.1 MICROSOFT AZURE ISV PROFILE: SYMANTEC Symantec™ Endpoint Protection is an.

Easy3s Smart Cop antivirus Total Security for Internet ERA.

VIRUSES & ANTI- VIRU-SES. WHAT IS A COMPUTER VIRUS? A computer virus is a small software program that spreads from one computer to another computer and.

Sophos Intercept X Matt Cooke – Senior Product Marketing Manager.

MALWARE Autumn Mattis.

Techniques, Tools, and Research Issues

Malicious Software There are various sources via whom a malicious software can enter a system most common of which is through internet sites not only this.

About Us Scanster is one of the leading IT security software company. Our Software's are well integrated system that simplify computer security management.

Presentation transcript:

Beyond Anti-Virus by Dan Keller Fred Cohen- Computer Scientist “there is no algorithm that can perfectly detect all possible computer viruses”

What is Anti-Virus (AV) Software? Anti-virus software is used to prevent, detect, and remove malicious software Some examples of malicious software detected by modern AV: BHO’s (Browser Helper Objects) Browser hijackers Ransomware Keyloggers Backdoors Rootkits Trojan Horses Worms Adware Spyware

Statistics AV-TEST- The Independent IT-Security Institute ,613 unique malware samples in their database , , ,490,960 new unique malware samples only for that year! 2015 – approx. 144,000,000 new malware variants

Lastline Labs Study (May ‘13- May ’14) Hundreds of thousands of malware samples VS. 47 AV vendors Results… Day 0 – only 51% of AV scanners detected new malware samples 2 weeks – Detection rates bumped up to 61% 1 Year – 10% of AV scanners still did not detect some malware The 1- percentile of malware least likely to be detected was undetected by the majority of AV scanners for months, and in some cases…never detected ___________________________________________________________ **Its estimated that AV only catches around 45% of cyber attacks (Semantec VP- Brian Dye). He said antivirus “is dead” (May 2014).

Now that you’re depressed…where do we go from here? Anti-Virus methods of detection Signature-based detection: When identifying viruses and other malware, the antivirus engine compares the contents of a file to its database of known malware signatures. Heuristic-based detection: This is generally used together with signature-based detection. It detects malware based on characteristics typically used in known malware code Behavioural-based detection: Instead of characteristics hardcoded in the malware code itself, it is based on the behavioral fingerprint of the malware at run-time. This technique is able to detect malware only after they have starting doing their malicious actions.

…Cont’d Sandbox detection: It’s a behavioral-based detection technique and instead of detecting the behavioral fingerprint at run time, it executes the programs in a virtual environment, logging what actions the program performs. Depending on the actions logged, the antivirus engine can determine if the program is malicious. If not, the program is executed in the real environment. This technique has shown to be very effective, but given its heaviness and slowness, it is rarely used in end-user antivirus solutions.

…Cont’d Data mining techniques: The latest approach applied in malware detection. Data mining and machine learning algorithms are used to try to classify the behavior of a file as either malicious or benign, given a series of file features, that are extracted from the file itself

Other approaches Unified Threat Management- Firewalls, gateway AV, content filtering, load balancing, data leak prevention all rolled up into one system Push your info to the cloud and let them deal with it Go back to paper Go off grid and live in the mountains

Drawbacks Lots of False positives creating ‘the boy who cried wolf.’ Also the false positives can end up deleting or paralyzing existing files that are clean Some more advances systems (Sandboxing) can slow down performance Tough to get out of contracts with existing vendors

Conclusion Anti-virus is not dead. Its just a standard from which we build upon. Anti-virus software is now being bundled up with other security software to form a more comprehensive system. And it’s essentially getting outsourced to other companies to help monitor your system is real-time.