Terminology Worm –A computer program that duplicates itself over computer networks. Virus –A computer program that inspects it’s environment and copies.

Slides:



Advertisements
Similar presentations
Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
CSE331: Introduction to Networks and Security Lecture 32 Fall 2002.
Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 Anti Virus vs virus System i-Specific Anti-Virus Product Ali ameen al said.
95-752:8-1 Application Security :8-2 Malicious Code Vulnerable Software Hacker toolkits Back/Trapdoors Greedy Programs / Logic bombs Salami Attacks.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Malicious Software programs exploiting system vulnerabilities known as malicious software or malware program fragments that need a host program e.g. viruses,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Computer viruses By: Shannon Simonian. What is a computer virus?  -Shares traits of a biological virus in people.  -Computer viruses pass from computer.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Computer Viruses By Patsy Speer What is a Virus? Malicious programs that cause damage to your computer, files and information They slow down the internet.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 7 – Malicious Software.
1 Ola Flygt Växjö University, Sweden Malicious Software.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
1. 2 What is security? Computer Security deals with the prevention and detection of, and the reaction to, unauthorized actions by users of a computer.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
Life in a Dangerous World: Developing effective strategies against Virus, Worms and Other Threats Marshall Breeding Vanderbilt University
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:
D. Beecroft Fremont High School VIRUSES.
CMSC 414 Computer (and Network) Security Lecture 14 Jonathan Katz.
Virus and Antivirus Team members: - Muzaffar Malik - Kiran Karki.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
1 Higher Computing Topic 8: Supporting Software Updated
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.
Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.
Virus Detection Mechanisms Final Year Project by Chaitanya kumar CH K.S. Karthik.
Administrative: Objective: –Tutorial on Risks –Phoenix recovery Outline for today.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
信息处理技术 Technology of Information Processing 潘晟旻 Instructor: Pan Shengmin 潘晟旻 Computer Center. Kun Ming University of Science & Technology.
Viruses : Notorious Pests James Barnes II Worms and Viruses Worms and Viruses | Solutions | Worms and Viruses | Myth | Prevention | Final WordSolutions.
Recent Internet Viruses & Worms By Doppalapudi Raghu.
COMPUTER VIRUS.
Copyright © 2007 Heathkit Company, Inc. All Rights Reserved PC Fundamentals Presentation 25 – Virus Detection and Prevention.
Computer Viruses and Worms By: Monika Gupta Monika Gupta.
INTERNET SAFETY FOR KIDS
©Ian Sommerville 2004Software Engineering Case Studies Slide 1 The Internet Worm Compromising the availability and reliability of systems through security.
Programmed Threats Richard Newman. What is a Programmed Threat? Potential source of harm from computer code May be in form of - Executable program - Executable.
Viruses a piece of self-replicating code attached to some other code – cf biological virus both propagates itself & carries a payload – carries code to.
CONTENTS What is Virus ? Types of computer viruses.
Computer Virus: “A program that can infect other programs by modifying them to include a version of itself” -- Dr Fred Cohen Compare to an office clerk.
n Just as a human virus is passed from person from person, a computer virus is passed from computer to computer. n A virus can be attached to any file.
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
 Stealth viruses Use certain techniques to avoid detection.  Macro Viruses Infects the macros within a document or template.  Polymorphic viruses Encrypt.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
W elcome to our Presentation. Presentation Topic Virus.
Computer virus Done: Aaesha Mohammed ID: H
MALICIOUS SOFTWARE Rishu sihotra TE Computer
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Virus Infections By: Lindsay Bowser. Introduction b What is a “virus”? b Brief history of viruses b Different types of infections b How they spread b.
Detected by, M.Nitin kumar ( ) Sagar kumar sahu ( )
SYSTEM SECURITY & ANTIVIRUS Chapter - 4 1Dr. BALAMURUGAN MUTHURAMAN.
Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.
VIRUSES & ANTI- VIRU-SES. WHAT IS A COMPUTER VIRUS? A computer virus is a small software program that spreads from one computer to another computer and.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
The Internet Worm Compromising the availability and reliability of systems through security failure.
Viruses and Other Malicious Content
Chap 10 Malicious Software.
Chap 10 Malicious Software.
Presentation transcript:

Terminology Worm –A computer program that duplicates itself over computer networks. Virus –A computer program that inspects it’s environment and copies itself into other programs. Trojan Horse –A useful computer program that has been compromised with extra code to do non desired stuff

The First Virus Created in 1983 (5 years before one was released into the internet) Created by Len Adelman (founder of RSA) The virus was implanted into the UNIX vd command –The virus was tested 5 times in a controlled lab –In each case, all system rights were granted in under an hour. –Later tested on VMS, VM/370, and Tops-20 with the same results

Short Sighted System Administrators Early designers of viruses were Len Adelman, Fred Cohen, Tom Duff, and Doug McIlroy –They were called White-Hat scientists –They encountered resistance to virus research. –Fred Cohen, 1987 “Once the results of the experiments were announced, administrators decided that no further computer security experiments would be permitted on their system. The ban included the planned addition of traces which would track potential viruses and password augmentation experiments which could potentially have improved security to a great extent. This fear reaction is typical, rather than try to solve technical problems technically, inappropriate and inadequate policy solutions are often chosen”

Short Sighted System Administrators More Fred Cohen “After several months of negotiation and administrative changes, it was decided that the experiments would not be permitted. The Security officer at the facility was in constant opposition to security experiments, and would not even read any proposals. This was particularly interesting in light of the fact that it was offered to allow system programmers and security officers to observe and oversee all aspects of all experiments. In addition, system administrators were unwilling to allow sanitized versions of log tapes to be used to perform offline analysis of potential threat of viruses, and were unwilling to have additional traces added to their systems by their programmers to help detect viral attacks. Although there is no apparent threat poses by these activities, and they require little time, money, and effort, administrators were unwilling to allow investigations.”

As a Result… Robert Morris launched the first internet worm on November 2 nd, 1988 It invaded ~6,000 computers within hours (10% of the internet at the time) Instructions were posted on how to stop the worm, but the computer the instructions were posted on was disabled by the worm before anyone read the instructions. Estimated damage ranged from $10,000 to $97 million ( shows how hard cyber crime are to estimate)

How it worked Buggy Code –Exploited a buffer overflow problem in the finger daemon. –And a hole in the UNIX sendmail daemon When sendmail was run in debug mode, sendmail would execute commands the worm sent it At that time most programs ran in “debug” mode to generate traces of execution Clueless Users –The worm used a dictionary of just 432 words to crack passwords –And it tested the password file against the dictionary in a random order.

Why it worked Many sites were running old versions of the fingerd daemon –The buffer overflow was know about and fixed BEFORE the worm attack –Shows the importance of upgrading software Sendmail’s vulnerability –Large, buggy, and networked Poor passwords –Users picked guessable passwords. –Many used their user id as their password

Results of the worm Formation of CERT –CERT is the “center of Internet security expertise” –Run by Carnegie Mellon University – Heightened awareness of computer system vulnerabilities

Types of Viruses/Worms Macro Virus –Usually infects Microsoft Office and Outlook Express –Cross platform. The Microsoft products give a base platform to run in. –Usually passed by trading documents –viruses themselves out using the address book in outlook –Automatically activated by being named the same as macros Office/Outlook runs automatically when opening or closing a document (AutoOpen, AutoClose).

Types of Viruses/Worms Boot sector –Effects the boot sector of the hard drive –Usually spread by trading programs –Most can’t spread via the net Polymorphic –Changes itself every time it is copied to avoid detection. –Virus signatures don’t work on these viruses because the signature changes each time. –May even use encryption to hide itself.

Types of Viruses/Worms Multipartite –Infects both the boot sector and files –Spreads via the network infecting files which in turn infects the boot sector. Stealth –Inserts code between the end application and the kernel. –Gives results to the application that the application would expect. –May remove itself from the media while the system is running, to avoid virus detection, then copies itself back to the media when the system is shut down.

Types of Viruses/Worms Retro –Tries to attack anti virus software directly. –Usually tries is to change the “signature” file to avoid detection Armored –They make themselves difficult to get a “signature” from. –They are tightly wound around an executable so that it is hard to tell the executable from the virus Companion –Attaches to an executable and copies the executable to the same name but with a different extension. Phage –A Virus that modifies another program to “morph” the good program to become a virus.

Anti Viral Software A database of “signatures” are kept on the local machines. All data coming into or out of the computer is scanned and compared bit by bit to the “signatures” Problem –Reactive – only discovers viruses/worms after the fact –Dumb – any minor change in the virus signature makes the anti-virus program useless –No substitute for good security practices. –Active scanning only probes known ports

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.