Malicious Logic and Defenses. Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented.

Slides:



Advertisements
Similar presentations
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 5.1 Malicious Logic.
Advertisements

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Lecturer: Fadwa Tlaelan
Chapter 3 (Part 1) Network Security
CS526: Information Security Chris Clifton November 25, 2003 Malicious Code.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #9-1 Chapter 19: Malicious Logic What is malicious logic Types of malicious logic.
Malicious Logic What is malicious logic Types of malicious logic Defenses Computer Security: Art and Science © Matt Bishop.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
Computer Viruses. History Malicious software – 1970’s Programs distributed over exchange servers speeds spread of viruses Brain sparks term: Virus.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
Malicious Logic What is malicious logic Defenses
After this session, you should be able to:
Chapter 9 Security Malware Defenses. Malware Can be used for a form of blackmail. Example: Encrypts files on victim disk, then displays message.
1 Computer Viruses (and other “Malicious Programs) Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004.
Created by Dragon Lee May Computer Virus What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Video Following is a video of what can happen if you don’t update your security settings! security.
1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Computer Viruses Preetha Annamalai Niranjan Potnis.
The Utility Programs: The system programs which perform the general system support and maintenance tasks are known as utility programs. Tasks performed.
Understanding and Troubleshooting Your PC. Chapter 12: Maintenance and Troubleshooting Fundamentals2 Chapter Objectives  In this chapter, you will learn:
CSCE 201 Attacks on Desktop Computers: Malicious Code Hardware attacks.
Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.
Fundamentals of The Internet Learning outcomes After this session, you should be able to: Identify the threat of intruders in systems and networks and.
VIRUSES - Janhavi Naik. Overview Structure Classification Categories.
Structure Classifications &
Madison Security Systems. Computer Viruses Types of Viruses  Nuisance Viruses  Data-Destructive Viruses  Espionage Viruses  Hardware-Destructive.
Defense Against the Dark Arts Dan Fleck CS469 Security Engineering Reference: Angelos Stavrou’s ISA564 and Computer Security by Bishop Coming up: Types.
CHAPTER 14 Viruses, Trojan Horses and Worms. INTRODUCTION Viruses, Trojan Horses and worm are malicious programs that can cause damage to information.
1 Higher Computing Topic 8: Supporting Software Updated
Information Technology Software. SYSTEM SOFTWARE.
1 Chap 10 Virus. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on an ever increasing.
CSCE 522 Lecture 12 Program Security Malicious Code.
Viruses, Trojans and Worms The commonest computer threats are viruses. Virus A virus is a computer program which changes the way in which the computer.
Computer viruses are small software programs that are made to spread from one computer to another and to interfere with computer operations. There are.
Chapter 10 Malicious software. Viruses and ” Malicious Programs Computer “ Viruses ” and related programs have the ability to replicate themselves on.
What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys or erases data files.
30.1 Lecture 30 Security II Based on Silberschatz & Galvin’s slides And Stallings’ slides.
For any query mail to or BITS Pilani Lecture # 1.
CIS 442: Chapter 2 Viruses. Malewares Maleware classifications and types Viruses Logical and time bombs Trojan horses and backdoors Worms Spam Spyware.
COMPUTER VIRUS.
Program Security Malicious Code Program Security Malicious Code.
VIRUS.
Computer Systems Viruses. Virus A virus is a program which can destroy or cause damage to data stored on a computer. It’s a program that must be run in.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
W elcome to our Presentation. Presentation Topic Virus.
Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.
1 Computer Virus and Antivirus A presentation by Sumon chakreborty Roll no-91/CSE/ Reg.no of
Malicious Programs (1) Viruses have the ability to replicate themselves Other Malicious programs may be installed by hand on a single machine. They may.
COMPUTER VIRUSES ….! Presented by: BSCS-I Maheen Zofishan Saba Naz Numan Sheikh Javaria Munawar Aisha Fatima.
ANTIVIRUS ANTIVIRUS Author: Somnath G. Kavalase Junior Software developer at PBWebvsion PVT.LTD.
Chapter Objectives In this chapter, you will learn:
Lecture 8. Cyber Security, Ethics and Trust
Chapter 19. Malicious Logic
Chapter 1: Introduction
WHAT IS A VIRUS? A Computer Virus is a computer program that can copy itself and infect a computer A Computer Virus is a computer program that can copy.
Chap 10 Malicious Software.
UNIT 18 Data Security 1.
Chapter 22: Malicious Logic
Chap 10 Malicious Software.
Malicious Program and Protection
Von Neumann’s Automaton and Viruses
Chapter 14: Protection.
Presentation transcript:

Malicious Logic and Defenses

Malicious Logic Trojan Horse – A Trojan horse is a program with an overt (documented or known) effect and covert (undocumented or unknown) effects. – A Propagating Trojan horse is a Trojan horse that creates a copy of itself – Example of Trojan horse is the game animal. – The central idea is that the Trojan horse modifies the compiler to insert itself into specific programs, including future version of the compiler itself.

Malicious Logic Computer Viruses – When Trojan horse can propagate freely and insert a copy of itself into another file, it becomes a computer virus. – A computer virus is a program that insert itself into one or more files and then performs some action. – The first phase in which the virus insert itself into a file is called the insertion phase and the second phase, in which it perform some action, is called the execution phase. – Computer viruses have no covert purpose it only have overt purpose which is to infect and execute

Malicious Logic Types of Computer Viruses – Boot Sector Infectors A boot sector injector is a virus that insert itself into the boot sector of a disk. – Executable Infector An executable infector is a virus that infects executable program. Generally.exe,.com files are infected by this virus. – Multipartite viruses A multipartite virus is one that can infect either boot sector or applications.

Malicious Logic – TSR Viruses A terminate and stay resident (TRS) virus is one that stays active in the memory after application has been terminated. TSR virus can be boot sector or executable infectors. – Stealth Virus Stealth viruses are viruses that conceal the infection of files. – Encrypted viruses An encrypted virus is one that enciphers all the virus code except for a small decryption routine

Malicious Logic – Polymorphic Virus A polymorphic virus is a virus that changes its form each time it inserts itself into another program. – Macro Virus A macro virus is a virus composed of a sequence of instructions that is interpreted, rather than executed directly. This type of virus can execute on any system that can interpret the instruction. It can infect either executable or data files.

Malicious Logic Computer Worms – Computer worm is a program that copies itself from one computer to another computer. Other Forms of Malicious Logic – Rabbits and Bacteria A Bacterium or a rabbit is a program that absorbs all of some class of resource. Creates DOS attacks. – Logic Bombs A logic bombs is a program that performs an action that violates the security policy when some external event occurs.

Defenses Defending against malicious logic takes advantage of several different characteristics of malicious logic to detect or to block, its execution. Sandboxing – Sandboxing are Virtual machines implicitly restrict process right. – Common implementation of this approach is to restrict the program by modifying it. – Special instructions inserted into the object code cause traps whenever an instruction violates the security policy. – The executable dynamically loads libraries, special libraries with the desired restrictions replace the standard libraries.

Defenses Information flow metrics – This approach is to limit the distance a virus can spread. Reducing the rights – The user can reduce her/his associated protection domain when running a suspect program. – It follows the principle of least privilege. Malicious logic altering files Proof-carrying code Notion of trust

Introduction to Virtual Machine Virtual Machine(VM) structure – A VM runs on a virtual monitor. – Monitor virtualizes the resources of the underlying system and presents to each VM the illusion that it and it alone is using the hardware. Virtual machine monitor(VMM) – The VMM runs at the highest level of privilege. – Keeps track of the state of each VM just as an ordinary Operating System keeps track of the state of its processes. – When a privileged instruction is executed, the hardware cause a trap to the VMM. – The monitor services the interrupt and restores the state of the caller.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.