Presentation is loading. Please wait.

Presentation is loading. Please wait.

SpyWare! Chuck Short CS522 – Fall 2006 Semester Project Presentation Professor: Dr. C. Edward Chow.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SpyWare! Chuck Short CS522 – Fall 2006 Semester Project Presentation Professor: Dr. C. Edward Chow."— Presentation transcript:

1 SpyWare! Chuck Short CS522 – Fall 2006 Semester Project Presentation Professor: Dr. C. Edward Chow

2 Agenda Define SpyWare Define SpyWare Discuss methods used for spying Discuss methods used for spying Focus on passive tracking methods Focus on passive tracking methods Demonstrate one passive method Demonstrate one passive method Discuss prevention Discuss prevention Conclusions Conclusions

3 SpyWare Definition SpyWare is a general term used to describe software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent first. SpyWare is a general term used to describe software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent first. http://www.microsoft.com/athome/security/spyware/spywarewhat.m spx

4 SpyWare Categories Advertising (Passive) Advertising (Passive) –Capture browsing history –Capture buying habits Surveillance (Active) Surveillance (Active) –Key loggers –System Monitors

5 SpyWare Statistics 90% of all internet connected machines are infected 90% of all internet connected machines are infected ~28 SpyWare traces on each machine ~28 SpyWare traces on each machine 1/3 infected with surveillance SpyWare 1/3 infected with surveillance SpyWare 80% of infections were cookies 80% of infections were cookies

6 Passive Tracking Methods Web Beacons Web Beacons Cookies deposits Cookies deposits

7 Web Beacons Also know as Also know as –Web Bugs –Clear GIFs Allows destination to log page hits Allows destination to log page hits Can be used in conjunction with cookies Can be used in conjunction with cookies

8 Cookie Fields ParameterDescription Name The name of the cookie. Value The value of the cookie. Expire The time the cookie expires. This is a Unix timestamp so is in number of seconds since the epoch. In other words, you'll most likely set this with the time() function plus the number of seconds before you want it to expire. Path The path on the server in which the cookie will be available. Domain The domain in which the cookie is available Secure When set to TRUE, the cookie will only be set if a secure connection exists. The default is FALSE. httponly When TRUE the cookie will be made accessible only through the HTTP protocol. Not supported on all browsers

9 Web Beacon w/Cookie Example: spywareWebBeaconCookieDeposit.html <html><head> Web Beacon Cookie Deposit Example Web Beacon Cookie Deposit Example </head><body> Web Beacon Cookie Deposit Example: Web Beacon Cookie Deposit Example: </body></html>

10 Server Code serverWebBeacon.php <?php if (!(isset($_COOKIE["SpyCookie"]))){ setcookie("SpyCookie", "ISpyOnYou", time()+3600); setcookie("SpyCookie", "ISpyOnYou", time()+3600);}?><html> PHP Test PHP Test <?php $filename = 'cookieCapture.txt'; $today = date("D M j G:i:s T Y"); $Content = "SpyCookie". " : ". "$_COOKIE[SpyCookie]". " : ". "$today\r\n"; if($handle = fopen($filename, 'a')){ fwrite($handle, $Content); fwrite($handle, $Content); fclose($handle); fclose($handle);}?> </html>

11 Cookie Capture File [cdshort@windom public_html]$ cat cookieCapture.txt SpyCookie : ISpyOnYou : Fri Dec 1 18:30:17 MST 2006 SpyCookie : ISpyOnYou : Fri Dec 1 18:30:38 MST 2006 [cdshort@windom public_html]$

12

13 Packet Capture

14 Conclusions Browser settings can prevent cookie deposit Browser settings can prevent cookie deposit Be careful what you download Be careful what you download –Don’t open the door willingly The use of cookies is fundamental The use of cookies is fundamental –The information provided is minimal

15 Questions?

16 References http://www.php.net/manual/en/function.setcookie.php http://www.php.net/manual/en/function.setcookie.php http://cs.uccs.edu/~cs301/php/php.html http://cs.uccs.edu/~cs301/php/php.html Tzu-Yen Wang, Shi-Jinn Horng, Ming-Yang Su, Chin-Hsiung Wu,Peng-Chu Wang and Wei-Zen Su. A Surveillance Spyware Detection System Based on Data Mining Methods. 2006 IEEE Congress on Evolutionary Computation. Tzu-Yen Wang, Shi-Jinn Horng, Ming-Yang Su, Chin-Hsiung Wu,Peng-Chu Wang and Wei-Zen Su. A Surveillance Spyware Detection System Based on Data Mining Methods. 2006 IEEE Congress on Evolutionary Computation. http://www.allaboutcookies.org/web-beacons/ http://www.allaboutcookies.org/web-beacons/ Wes Ames, Understanding Spyware: Risk and Response, 2004 IEEE IT Pro Wes Ames, Understanding Spyware: Risk and Response, 2004 IEEE IT Pro http://www.microsoft.com/athome/security/spyware/spywarewhat.m spx http://www.microsoft.com/athome/security/spyware/spywarewhat.m spx http://www.earthlink.net/about/press/pr_spyAudit/ http://www.earthlink.net/about/press/pr_spyAudit/

Download ppt "SpyWare! Chuck Short CS522 – Fall 2006 Semester Project Presentation Professor: Dr. C. Edward Chow."

Similar presentations

The Internet and the Web

The Internet and the Web
CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.

CookiesPHPMay-2007 : [‹#›] Maintaining State in PHP Part I - Cookies.
Adware and Spyware. Objectives u Define terms, scope, and motivation u Discuss impact (personal and business) u Review basic technical aspects u Provide.

Adware and Spyware. Objectives u Define terms, scope, and motivation u Discuss impact (personal and business) u Review basic technical aspects u Provide.
Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
SPYWARE  Do you know where your personal information is?

SPYWARE  Do you know where your personal information is?
 Meaning of spyware Spyware is a program that can be installed on computers, and which collects small pieces of information about users without their.

 Meaning of spyware Spyware is a program that can be installed on computers, and which collects small pieces of information about users without their.
Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.

Lab 3 Cookie Stealing using XSS Kara James, Chelsea Collins, Trevor Norwood, David Johnson.
The Internet & The World Wide Web Notes

The Internet & The World Wide Web Notes
1 Web Development Life Cycle  Ensures project consistency and completeness –Planning –Analysis –Design and Development –Testing –Implementation and Maintenance.

1 Web Development Life Cycle  Ensures project consistency and completeness –Planning –Analysis –Design and Development –Testing –Implementation and Maintenance.
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.

Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
HTML Comprehensive Concepts and Techniques Intro Project Introduction to HTML.

HTML Comprehensive Concepts and Techniques Intro Project Introduction to HTML.
Spyware! Tia. What Is Spyware? With so many types of popular software being spread around the Internet, it is important to be aware of what spyware is.

Spyware! Tia. What Is Spyware? With so many types of popular software being spread around the Internet, it is important to be aware of what spyware is.
Data Security.

Data Security.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.
Chapter 12 Cookies and Sessions Part 2. Setting Cookie Parameters setcookie(name, value, expiration, path, host, secure, httponly) epoch – midnight on.

Chapter 12 Cookies and Sessions Part 2. Setting Cookie Parameters setcookie(name, value, expiration, path, host, secure, httponly) epoch – midnight on.
Syllabus outcomes 5.2.1 Describes and applies problem-solving processes when creating solutions. 5.2.2 Designs, produces and evaluates appropriate solutions.

Syllabus outcomes Describes and applies problem-solving processes when creating solutions Designs, produces and evaluates appropriate solutions.
1 Spyware, Adware, and Browser Hijacking. ECE 41122 Agenda What is Spyware? What is Adware? What is Browser Hijacking? Security concerns and risks Prevention,

1 Spyware, Adware, and Browser Hijacking. ECE Agenda What is Spyware? What is Adware? What is Browser Hijacking? Security concerns and risks Prevention,
1 John Magee 9 November 2012 CS120 Lecture 17a: Publishing Web pages.

1 John Magee 9 November 2012 CS120 Lecture 17a: Publishing Web pages.
CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

CP476 Internet Computing Lecture 5 : HTTP, WWW and URL 1 Lecture 5. WWW, HTTP and URL Objective: to review the concepts of WWW to understand how HTTP works.

Similar presentations

Ads by Google