Presentation is loading. Please wait.

Presentation is loading. Please wait.

ITMS- 3153 Information Systems Security 1. Malicious Code Malicious code or rogue program is the general name for unanticipated or undesired effects in.

Published byMaximillian Watson Modified over 9 years ago

Similar presentations

Presentation on theme: "ITMS- 3153 Information Systems Security 1. Malicious Code Malicious code or rogue program is the general name for unanticipated or undesired effects in."— Presentation transcript:

1 ITMS- 3153 Information Systems Security 1

2 Malicious Code Malicious code or rogue program is the general name for unanticipated or undesired effects in programs or program parts, caused by an agent intent on damage. Malicious code can do anything any other program can, such as writing a message on a computer screen, stopping a running program, generating a sound, or erasing a stored file. Malicious code runs under the user's authority. Thus, malicious code can touch everything the user can touch, and in the same ways. 2

3 Kinds of Malicious Code Code TypeCharacteristics VirusAttaches itself to program and propagates copies of itself to other programs Trojan horseContains unexpected, additional functionality Logic bombTriggers action when condition occurs Time bombTriggers action when specified time occurs TrapdoorAllows unauthorized access to functionality WormPropagates copies of itself through a network RabbitReplicates itself without limit to exhaust resources 3

4 How Viruses Attach 4 E-Mail Setup File

5 Appended Viruses The user is unaware of the effect of the virus if the original program still does all that it used to. Most viruses attach in this manner. 5

6 Viruses That Surround a Program 6 Virus that runs the original program but has control before and after its execution.

7 Integrated Viruses and Replacements 7 Virus replaces some of its target, integrating itself into the original code of the target.

8 Virus Signatures The virus executes in a particular way, using certain methods to spread. Each of these characteristics yields a telltale pattern, called a signature. The virus's signature is important for creating a program, called a virus scanner, that can detect and, in some cases, remove viruses. 8

9 How Viruses Gain Control 9

10 Homes for Viruses It is hard to detect. It is not easily destroyed or deactivated. It spreads infection widely. It can reinfect its home program or other programs. It is easy to create. It is machine independent and operating system independent 10

11 Virus Effects and Causes 11 Virus EffectHow It is Caused Attach to executable programModify file directory Write to executable program file Attach to data or control fileModify directory Rewrite data Append to data Append data to self Remain in memoryIntercept interrupt by modifying interrupt handler address table Load self in non transient memory area Infect disksIntercept interrupt Intercept operating system call (to format disk, for example) Modify system file Modify ordinary executable program

12 Virus Effects and Causes… Virus EffectHow It is Caused Conceal selfIntercept system calls that would reveal self and falsify result Classify self as "hidden" file Spread infectionInfect boot sector Infect systems program Infect ordinary program Infect data ordinary program reads to control its execution Prevent deactivationActivate before deactivating program and block deactivation Store copy to re infect after deactivation 12

13 Prevention of Virus Infection Use only commercial software acquired from reliable, well-established vendors. Test all new software on an isolated computer. Open attachments only when you know them to be safe. Make a recoverable system image and store it safely. Make and retain backup copies of executable system files. Use virus detectors 13

14 Trapdoors A trapdoor is an undocumented entry point to a module. Developers insert trapdoors during code development, perhaps to test the module. 14

15 Causes of Trapdoors Forget to remove them Intentionally leave them in the program for testing Intentionally leave them in the program for maintenance of the finished program Intentionally leave them in the program as a covert means of access to the component after it becomes an accepted part of a production system 15

16 Covert Channels The communication travels unnoticed, accompanying other, perfectly proper, communications. The general name for these extraordinary paths of communication is covert channels. 16

17 Controls against Program Threats It is of course better to focus on prevention than cure; how do we use controls during software development the specifying, designing, writing, and testing of the program to find and eliminate the sorts of exposures. 17

Download ppt "ITMS- 3153 Information Systems Security 1. Malicious Code Malicious code or rogue program is the general name for unanticipated or undesired effects in."

Similar presentations

Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.

Higher Computing Computer Systems S. McCrossan Higher Grade Computing Studies 8. Supporting Software 1 Software Compatibility Whether you are doing a fresh.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
30/04/2015Tim S Roberts 20081 COIT13152 Operating Systems T1, 2008 Tim S Roberts.

30/04/2015Tim S Roberts COIT13152 Operating Systems T1, 2008 Tim S Roberts.
 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.

 Application software consists of programs designed to make users more productive and/or assist with personal tasks.  Growth of internet simplified.
Lecturer: Fadwa Tlaelan

Lecturer: Fadwa Tlaelan
Chapter 3 (Part 1) Network Security

Chapter 3 (Part 1) Network Security
Network Security Philadelphia UniversitylAhmad Al-Ghoul 2010-20111 Module 5 Program Security  MModified by :Ahmad Al Ghoul  PPhiladelphia University.

Network Security Philadelphia UniversitylAhmad Al-Ghoul Module 5 Program Security  MModified by :Ahmad Al Ghoul  PPhiladelphia University.
Unit 18 Data Security 1.

Unit 18 Data Security 1.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.

Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]

________________ CS3235, Nov 2002 Viruses Adapted from Pfleeger[Chap 5]. A virus is a program [fragment] that can pass on malicious code [usually itself]
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 05 Malicious Software Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
K. Salah1 Malware. 2 Malcode Taxonomy K. Salah3.

K. Salah1 Malware. 2 Malcode Taxonomy K. Salah3.
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Copyright © 1995-2009 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.
Lecture 15 Overview. Kinds of Malicious Codes Virus: a program that attaches copies of itself into other programs. – Propagates and performs some unwanted.

Lecture 15 Overview. Kinds of Malicious Codes Virus: a program that attaches copies of itself into other programs. – Propagates and performs some unwanted.
1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004.

1 Malicious Logic CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 25, 2004.
Created by Dragon Lee May-2003. Computer Virus What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys.

Created by Dragon Lee May Computer Virus What is computer virus? Computer virus refers to a program which damages computer systems and/or destroys.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Similar presentations

Ads by Google