Virus : These are the programs that spread to other software in the system .i.e., program that incorporates copies of itself into other programs.
Two major categories of viruses:
Boot sector virus : infect boot sector of systems.
activate while booting machine
File virus : infects program files.
activates when program is run.
Categories of Viruses
modified & fully
& different code
every time when
virus is copied &
transmitted to a
detect & remove.
tricks make the
the code difficult.
methods used to
design code, so
difficult to repair
has made to
files or to the
false values to
they read files
or data from
shell, instead of
Rabbit : This malicious software replicates itself without limits. Depletes some or all the system’s resources.
Re-attacks the infected systems – difficult recovery.
Exhausts all the system’s resources such as CPU time, memory, disk space.
Depletion of resources thus denying user access to those resources.
Hoaxes : False alerts of spreading viruses.
e.g., sending chain letters.
message seems to be important to recipient, forwards it to other users – becomes a chain.
Exchanging large number of messages (in chain) floods the network resources – bandwidth wastage.
Blocks the systems on network – access denied due to heavy network traffic.
Trojan Horse : This is a malicious program with unexpected additional functionality. It includes harmful features of which the user is not aware.
Perform a different function than what these are advertised to do (some malicious action e.g., steal the passwords).
Neither self-replicating nor self-propagating.
User assistance required for infection.
Infects when user installs and executes infected programs.
Some types of trojan horses include Remote Access Trojans (RAT), KeyLoggers, Password-Stealers (PSW), and logic bombs.
Transmitting medium :
spam or e-mail
a downloaded file
a disk from a trusted source
a legitimate program with the Trojan inside.
Trojan looks for your personal information and sends it to the Trojan writer (hacker). It can also allow the hacker to take full control of your system .
Different types of Trojan Horses :
1. Remote access Trojan takes full control of your
system and passes it to the hacker.
2. The data-sending Trojan sends data back to the hacker by means of e-mail.
e.g., Key-loggers – log and transmit each keystroke.
The destructive Trojan has only one purpose: to destroy and delete files. Unlikely to be detected by anti-virus software.
The denial-of-service (DOS) attack Trojans combines computing power of all computers/systems it infects to launch an attack on another computer system. Floods the system with traffic, hence it crashes.
The proxy Trojans allows a hacker to turn user’s computer into HIS (Host Integration Server) server – to make purchases with stolen credit cards and run other organized criminal enterprises in particular user’s name.
The FTP Trojan opens port 21 (the port for FTP transfer) and lets the attacker connect to your computer using File Transfer Protocol (FTP).
The security software disabler Trojan is designed to stop or kill security programs such as anti-virus software, firewalls, etc., without you knowing it.
Spyware programs explore the files in an information system.
Information forwarded to an address specified in Spyware.
Spyware can also be used for investigation of software users or preparation of an attack.
Trapdoor : Secret undocumented entry point to the program.
An example of such feature is so called back door , which enables intrusion to the target by passing user
A hole in the security of a system deliberately left in place by designers or maintainers.
Trapdoor allows unauthorized access to the system.
Only purpose of a trap door is to "bypass" internal controls. It is up to the attacker to determine how this circumvention of control can be utilized for his benefit.