Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trojan Horses/Worms Vadolas Margaritis Bantes George.

Published byMaggie Picton Modified over 9 years ago

Similar presentations

Presentation on theme: "Trojan Horses/Worms Vadolas Margaritis Bantes George."— Presentation transcript:

1 Trojan Horses/Worms Vadolas Margaritis Bantes George

2 Worms In the last years, computer worms have infected hundreds of thousands Internet servers and personal computers in just a few minutes, resulting in financial damages of approximately one billion dollars for business, governments and service providers

3 Worms 2 CodeRed - more than 359,000 internet servers infected in just 14 hours Slammer - 55 million scans per second in just a few minutes

4 Worms The term ‘worm’ came out from a science fiction novel in 1975, named The Shockwave Rider, written by John Brunner Researchers John Shock and Jon Hupp of Xerox PARC, chose the name for one of their papers, which was published in 1982, titled The Worm Programs Since then it has become globally adopted

5 Worms A computer worm is actually a self- replicating computer program It exploits networks to send copies of itself to other hosts, most of the times without the user’s awareness Unlike a virus, a worm doesn’t need to be attached to an existing program

6 Worms Worms most of the times harm networks, like consuming bandwidth instead of viruses which harm personal computers, corrupting or modifying files. Worms often result in Distributed Denial of Service for the hosts of a network

7 Requirements for an effective solution against worms Robustness and resilience in performing security functions in the internet Robustness and resilience in performing security functions in the internet Trust integration and alert-correlation methodologies to achieve mutual cooperation among many sites Trust integration and alert-correlation methodologies to achieve mutual cooperation among many sites Fast anomaly detection and distributed denial- of-service (DDos) defense to achieve awareness to unexpected worm or flooding attacks Fast anomaly detection and distributed denial- of-service (DDos) defense to achieve awareness to unexpected worm or flooding attacks

8 Requirements for an effective solution against worms Fast worm-signature detection and dissemination, to achieve efficiency and scalability Fast worm-signature detection and dissemination, to achieve efficiency and scalability Proper traffic monitoring to track DDos attack- transit routers Proper traffic monitoring to track DDos attack- transit routers

9 Defending against worms Recent research indicates that automatic worm signatures generation using payload (code written to do more than spreading the worm) and address dispersion can provide satisfactory results

10 Defending against worms But most scanning worms are first dispersed over the internet and then start spreading It becomes a difficult task to observe important anomalies and gather enough payload contents at various individual edge networks Information must be synthesized by multiple edge networks for fast and accurate detection of worm signatures

11 NetShield defense system NetShield defense system aims: Restrain the spread of worms Restrain the spread of worms Provide effective defense against Distributed Denial-Of-Service (DDos) attacks

12 NetShield defense system System employs two component sub- systems: a system specialized in worm signatures detection and dissemination, the WormShield system a traffic-monitoring scheme to detect DDos attacks.

13 NetShield defense system The system uses distributed peer-to-peer networks with Distributed Hash Tables Purpose of this design quick and resilient look-up services

14 The NetShield system architecture

15 The WormShield subsystem Designed to identify and restrain unknown worms before they infect more vulnerable hosts Uses a set of geographically distributed monitors located in various administrative domains Monitors are organized in into a structured peer- to-peer overlay network which is based on the Chord algorithm Each of the monitors is positioned on the demilitarized zone (DMZ) of the edge network and it analyzes all packets that pass through it

16 The WormShield subsystem Each monitor uses the Rabin footprint algorithm to compute the packet payloads from the content blocks Local prevalence tables which track number of occurrences in a content block and are updated constantly by information provided from the monitor at the specific block A monitor also keeps the set of source addresses and destination addresses for the content block is observes

17 The WormShield Architecture

18 Other worm defense systems Earlybird and Autograph Incoming packet analysis Payload-content prevalence and address dispersion

19 Other worm defense systems Trend Detection A worm monitoring system and early warning system Based on worm-spreading dynamic models Detects a worm in its early stage Uses a Kalman filter estimation algorithm.

20 Other worm defense systems Columbia Worm Vaccine Microsoft Shield System End-user oriented approach Preventing a host from being infected

21 Trojan Horse Attack Strategy on Quantum privative communication In the privative communication systems attackers try to break the computer systems for their benefits For the protection of those systems cryptography has been employed widely to privet these attack strategies to privet these attack strategies

22 Attacks The attacks can be categorized in three different types of attack strategies, the strategy based on fundamentals three different types of attack strategies, the strategy based on fundamentals drawbacks (SFD), the strategy based on obtained information (SOI), and the drawbacks (SFD), the strategy based on obtained information (SOI), and the strategy based on assistant systems (SAS), one typical example of (SAS) is the Trojan horses attacks. strategy based on assistant systems (SAS), one typical example of (SAS) is the Trojan horses attacks.

23 Attack strategies One of those attack strategies is the Trojan horse when hidden in the system attacker can break the system and obtain important information, this attack is available in the private quantum communication

24 Trojan horses A Trojan horse is a small program that if insert by attacker in one computer program can copy, misuse and destroy data.

25 Trojan horses There are two kinds of Trojan horse, the pre- liked Trojan horse is a robot horse which is praised in the programs of the user, such liked Trojan horse is a robot horse which is praised in the programs of the user, such as computer programs as computer programs And the online Trojan horse that is actually a probing signal which may enter to the confidential system without awareness of legitimate communications and then back- reflect to the attacker And the online Trojan horse that is actually a probing signal which may enter to the confidential system without awareness of legitimate communications and then back- reflect to the attacker to the attacker

26 Trojan horses If a Trojan horse enters in the computer system the attacker may break the cryptosystem If a Trojan horse enters in the computer system the attacker may break the cryptosystem and obtain important information by means to the feedback information of the robot horse and obtain important information by means to the feedback information of the robot horse this called THAS. this called THAS.

27 Protection of the quantum private communication against Trojan horse attack For the protection of the quantum private communication against Trojan horse attack, used a quantum cryptographic key algorithm For the protection of the quantum private communication against Trojan horse attack, used a quantum cryptographic key algorithm with EPR pair(s). with EPR pair(s). The Quantum cryptography is based on the laws of quantum physics using photons to transmit information

28 Protection of the quantum private communication against Trojan horse attack With Quantum cryptography we can create a communication chancel where it is impossible to eavesdrop without disturbing the transmission. to eavesdrop without disturbing the transmission. On this idea is based the quantum key algorithm.On this idea is based the quantum key algorithm.

29 Protection of the quantum private communication against Trojan horse attack In cryptography, a pre-shared key or PSK is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. shared between the two parties using some secure channel before it needs to be used. Those system always use symmetric key cryptographic algorithms.

Download ppt "Trojan Horses/Worms Vadolas Margaritis Bantes George."

Similar presentations

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.

 Population: N=100,000  Scan rate  = 4000/sec, Initially infected: I 0 =10  Monitored IP space 2 20, Monitoring interval:  = 1 second Infected hosts.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.

Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.

S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
Applied Cryptography for Network Security

Applied Cryptography for Network Security
1 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses Networking fundamentals Network architecture Network components.

1 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses Networking fundamentals Network architecture Network components.
Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
CPSC 441 TUTORIAL TA: FANG WANG NETWORK SECURITY.

CPSC 441 TUTORIAL TA: FANG WANG NETWORK SECURITY.

Similar presentations

Ads by Google