DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 7. Ingeniería inversa de software malicioso.

Slides:

Advertisements

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Advertisements

Thank you to IT Training at Indiana University Computer Malware.

September,2012 Managing Files and Folders 4/23/2015 Compiled By:- Solomon W. Demissie 1.

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

Computer Viruses.

What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Computer Security and Penetration Testing

Internet Safety for Students Malicious Programs By: Mr. Bradshaw Scott City R-1 Schools.

No.24 Prerawat Denvutivorkarn M.2/2. Definition: "antivirus" is protective software designed to defend your computer against malicious software. Malicious.

Chapter Nine Maintaining a Computer Part III: Malware.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Video Following is a video of what can happen if you don’t update your security settings! security.

1 Chapter 9 - Protecting Digital Data, Devices Computer virus types Protecting computers from viruses Hackers Firewalls Passwords (skip) Malware, Spyware.

Lecture 4: Software Tonga Institute of Higher Education IT 141: Information Systems.

Adware, Spyware, and Malware Anand Dedhia Bharath Raj ECE 4112 Project 28 April 2005.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

Unit 2 - Hardware Computer Security.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Administrator Protect against Malware by: Brittany Slisher and Gary Asciutto.

 a crime committed on a computer network, esp. the Internet.

Virus and Antivirus Team members: - Muzaffar Malik - Kiran Karki.

1.2 Security. Computer security is a branch of technology known as information security, it is applied to computers and networks. It is used to protect.

CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.

1 Higher Computing Topic 8: Supporting Software Updated

1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.

10/11/2015 Computer virus By Al-janabi Rana J 1. 10/11/2015 A computer virus is a computer program that can copy itself and infect a computer without.

CRIME - A crime is a wrongdoing classified by the state or Congress as a felony or misdemeanor. A crime is an offence against a public law. This word,

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously.

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.

Here is a list of viruses Adware- or advertising-supported software-, is any software package which automatically plays, displays, or downloads advertisements.

Types of Electronic Infection

Return to the PC Security web page Lesson 5: Dealing with Malware.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Copyright © 2006, Idea Group Inc. 1 Chapter IV Malware and Antivirus Deployment for Enterprise Security By: Raj Sharman,K. Pramod Krishna, H. Raghov Rao.

Topic 5: Basic Security.

 Keeps data and equipment functioning  Lack of security can expose confidential information and reduce network resources  Can degrade.

n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.

 Stealth viruses Use certain techniques to avoid detection.  Macro Viruses Infects the macros within a document or template.  Polymorphic viruses Encrypt.

Computer virus Speaker : 蔡尚倫.  Introduction  Infection target  Infection techniques Outline.

Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.

Business Technology Applications What is Malware.

Understand Malware LESSON Security Fundamentals.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Internet Safety Topic 2 Malware Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other dangerous software exists, such.

DEVICE MANAGEMENT AND SECURITY NTM 1700/1702. LEARNING OUTCOMES 1. Students will manipulate multiple platforms and troubleshoot problems when they arise.

MUHAMMAD GHAZI AIMAN BIN MOHD AIDI. DEFINITION  A computer virus is a malware program that, when executed, replicates by inserting copies of itself (possibly.

CIW Lesson 8 Part B. Malicious Software application that installs hidden services on systems term for software whose specific intent is to harm computer.

Running Windows Securely and Efficiently By Gary Esworthy.

PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.

Week-14 (Lecture-1) Malicious software and antivirus: 1. Malware A user can be tricked or forced into downloading malware comes in many forms, Ex. viruses,

Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.

Protecting Computers From Viruses and Similarly Programmed Threats Ryan Gray COSC 316.

SAMET KARTAL No one wants to share own information with unknown person. Sometimes while sharing something with someone people wants to keep.

Prepared for: Dr. Mokhairi Mokhtar Prepared by: Ana Syafiqah Binti Zahari Hazira Hamiza

VIRUSES & ANTI- VIRU-SES. WHAT IS A COMPUTER VIRUS? A computer virus is a small software program that spreads from one computer to another computer and.

Chap 10 Malicious Software.

Chap 10 Malicious Software.

Presentation transcript:

DR. MIGUEL ÁNGEL OROS HERNÁNDEZ 7. Ingeniería inversa de software malicioso

Ingeniería inversa de software malicioso 1. Tipo de software malicioso 2. Usos del software malicioso 3. Vulnerabilidades del software malicioso

Malicious software or malware Any program that works againts the interests of the system’s user or owner Company CEO: Software for reporting all kinds of usage statistics and web- browsing habits  malware Reversing is the strongest weapon against creators of malware Antivirus researchers  Analyze the lastest malicious programs  Determine just how dangerous they are  Lear their weaknesses so that effective antivirus programs can be developed

Malicious software or malware

Tipos de software malicioso

Viruses Worms Trojan Horses Backdoors Mobile Code Adware/Spyware

Tipos de software malicioso Viruses Self-replicating programs that usually have a malicious intent Effects  Delete valuable information  Freeze the computer  Display annoying messages Typically attach themselves to executable program files Slowly duplicate themselves into many executable files on the infected system

Tipos de software malicioso worms Similar to a virus A self-replicating malicious program Replication process  Propagation: Internet,  Does not require direct human interaction  Takes advantage of certain operating system or vulnerabilities

Tipos de sofware malicioso trojan horses General idea: an innocent artifact openly delivered throught the front door Artifacts used  Bening program  Video clip  Image Examples  “A Great Picture.jpg.exe”

Tipos de software malicioso backdoors Creates access channel that the attacker can use for connecting, controlling, spying, or otherwise interacting with the victim’s system

Tipos de software malicioso Mobile Code A class of benign programs Are executed on a large number of system without being installed by end users Some are design to create a more active Web-browsing experience Actions: download and launch a programa on the end user’s system Mobile code: Java scripts, Java applets

Tipos de software malicioso Adware/Spyware Adware  Programs that force unsolicited advertising on end users  Gathers various statistics  Distracting, annoying, reduction of performance and robustness

Tipos de software malicioso Sticky Software Not offer an uninstall program It is possible to install registry keys that instruct Windows to always launch the malware as soon as the system is started

Tipos de software malicioso Futuro sofware malicioso Information-stealing (kleptographic) worms Programs that could potentially spread like any other worm Locate valuable data on an infected system and steal it Use: public key and private key Attackers could actually blackmail their victims

Usos del software malicioso

Gains some kind of financial reward by spreading the programs Certain psychological urges or by childish desires to beat the system Backdoor access Denial-of-Service (DoS) Attacks Vandalism Resource Theft Information Theft

Vulnerabilidades del software malicioso

It runs on untrusted platforms Therefore, it is vulnerable to reversing Once the code is decrypted, the code and behaviour can be analyzed Identification of malicious programs: use unique signatures The antivirus program maintains a database of virus signatures Unique identification for every known malware program Polymorphism thwarts signature-based identification programs by randomly encoding or encrypting the program code

Vulnerabilidades del software malicioso weakness 1. Scanning for virus signatures in memory (searching unencrypted form) 2. The decryption code is static Metamorphism Next logial step after polymorphism Instead of encrypting the program’s body and making slight alterations in the decryption engine, it is possible to alter the entire program each tiem it is replicated Each version of the malware can look radically different from any other versions Use of a powerful code analysis engine: metamorphic engine

Vulnerabilidades del software malicioso algunas de las alteraciones aplicadas automáticamente a un programa Instruction and Register Selection Instruction Ordering Reversing conditions Instead of a using a statement that checks whether two operands are equal, check whether they are unequal Garbage insertion Function order

Bibliografía Reversing: Secrets of Reverse Engineering  Eldad Eilam  Wiley Publishing, Inc.  2005

Fin