Virus-trojan and salami attacks

24,703 views

Published on

Published in: Business, Technology
7 Comments
6 Likes
Statistics
Notes
No Downloads
Views
Total views
24,703
On SlideShare
0
From Embeds
0
Number of Embeds
260
Actions
Shares
0
Downloads
528
Comments
7
Likes
6
Embeds 0
No embeds

No notes for slide

Virus-trojan and salami attacks

  1. 1. Impact Of ICT On Society Virus (Trojan Horse, Salami Attack) Prepared by: Wan Ahmad Ariifuddin B. Wan Abdullah 4 Server
  2. 2. Trojan horse <ul><li>A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer. </li></ul><ul><li>The term comes from the a Greek story of the Trojan War, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy. </li></ul><ul><li>Trojan horses are broken down in classification based on how they breach systems and the damage they cause. The seven main types of Trojan horses are: </li></ul><ul><li>Remote Access Trojans </li></ul><ul><li>Data Sending Trojans </li></ul><ul><li>Destructive Trojans </li></ul><ul><li>Proxy Trojans </li></ul><ul><li>FTP Trojans </li></ul><ul><li>security software disabler Trojans </li></ul><ul><li>denial-of-service attack (DoS) Trojans </li></ul><ul><li>Remote Access Trojan </li></ul><ul><li>Abbreviated as RATs, a Remote Access Trojan is one of seven major types of Trojan horse designed to provide the attacker with complete control of the victim's system. Attackers usually hide these Trojan horses in games and other small programs that unsuspecting users then execute on their PCs. </li></ul>
  3. 3. <ul><li>Data Sending Trojan </li></ul><ul><li>A type of a Trojan horse that is designed to provide the attacker with sensitive data such as passwords, credit card information, log files, e-mail address or IM contact lists. These Trojans can look for specific pre-defined data (e.g., just credit card information or passwords), or they could install a keylogger and send all recorded keystrokes back to the attacker. </li></ul><ul><li>3. Destructive Trojan </li></ul><ul><li>A type of Trojan horse designed to destroy and delete files, and is more like a virus than any other Trojan. It can often go undetected by antivirus software </li></ul><ul><li>Proxy Trojan </li></ul><ul><li>A type of Trojan horse designed to use the victim's computer as a proxy server. This gives the attacker the opportunity to do everything from your computer, including the possibility of conducting credit card fraud and other illegal activities, or even to use your system to launch malicious attacks against other networks. </li></ul><ul><li>FTP Trojan </li></ul><ul><li>A type of Trojan horse designed to open port 21 (the port for FTP transfer) and lets the attacker connect to your computer using File Transfer Protocol (FTP). </li></ul>
  4. 4. <ul><li>security software disabler Trojan </li></ul><ul><li>A type of Trojan horse designed stop or kill security programs such as an antivirus program or firewall without the user knowing. This Trojan type is normally combined with another type of Trojan as a payload </li></ul><ul><li>DoS attack </li></ul><ul><li>Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like viruses, new DoS attacks are constantly being dreamed up by hackers. </li></ul>
  5. 5. Salami Attacks <ul><li>A salami attack is a programmed attack which is implemented in small (meant to be unnoticeable) increments. Because it is occurring in small increments it is easily concealed. Rounding down interest calculations and placing the difference in your account is an example of a salami attack. </li></ul><ul><li>The Salami Analogy </li></ul><ul><li>Salami Technique in Electronic Banking </li></ul><ul><li>Salami Technique in Information Gathering </li></ul><ul><li>The Salami Analogy </li></ul><ul><li>The origin of the salami attack analogy is two-fold. One perspective depicts taking such thin slices off the end of a salami that there is no noticeable difference in its overall size, [1] [2]. The perpetrator, who did the slicing, then sneaks away with the stolen pieces. From another angle, the perpetrator deceptively acquires a whole salami [5], formed by aggregating tiny scraps; much like real salami is formed from chopped beef, pork, garlic, and other ingredients. Of course, to consider the potential danger of salami attacks, we must assume there is more than deli meat at stake </li></ul>
  6. 6. <ul><li>Salami Technique in Electronic Banking </li></ul><ul><li>The most typical scheme portrayed by a salami attack is that which involves an automated modification to financial systems and their data. For example, the digits representing currency on a bank's computer(s) could be altered so that values to the right of the pennies field ( < 0.01 ) are always rounded down (fair arithmetic routines will calculate in both directions equally). Since all this rounding down produces excess fractions of cents, they must be transferred elsewhere, and, carefully, so that no net loss to the system of accounts becomes apparent, [3] [4]. This is done by merely rearranging the funds into a balance owned by the perpetrator. The final rewards could be very attractive, provided the &quot;slices&quot; are taken 1) at frequent intervals throughout an extended period of time and 2) from a large number of accounts. </li></ul><ul><li>The essence of this mechanism is its resistance to detection. Account owners rarely calculate their balances to the thousandths or ten-thousandths of a cent, and, consequentially remain oblivious. Even if the discrepancies are noticed, most individuals have better things to do (like preserve their pride) than complain about an erroneous digit in some far off decimal place. The following (alleged) scenarios will demonstrate that &quot;slices&quot; need not always be tiny to evade detection. In fact, they can be rather large, as long as unsuspecting and/or ignorant victims are plentiful. </li></ul><ul><li>[2] A modified payroll program increased the federal withholding amounts by a few cents per pay period for hundreds of employees. The excess payments were credited to the perpetrator's withholding account, which, at income-tax time the following year, yielded large refunds from the IRS. </li></ul><ul><li>[2] Over the course of 3 years, at least 47,000 customers were defrauded by a rental-car agency that overestimated (purposely) the vehicles' gas tank capacity. Customers returning the cars without topping off the gas were charged inflated amounts for the missing gasoline (which wasn't really missing). Theft rates ranged from $2 to $15 per customer. </li></ul><ul><li>[2] A Taco Bell drive-up window cash register, modified to internally ring each $2.99 item as 1 cent, allowed the perpetrator to pocket the excess $2.98 each time. </li></ul><ul><li>[2] Fraudulent computer chips in gasoline pumps cheated customers by overstating the amounts pumped. </li></ul>
  7. 7. <ul><li>3. Salami Technique in Information Gathering </li></ul><ul><li>The salami technique can also refer to aggregating small amounts of information from many sources to derive an overall picture of an organization, [3]. For instance, information from a company's web site, advertisements, trash deposits, media reports, incidents viewed first-hand, or stolen documents could be used to build a large database. Eventually the collection might include contact information, telephone numbers, company policies, daily routines, and other sensitive information. The process could be extremely slow and last a period of months or years, but nonetheless would yield an abundance of factual intelligence about potential targets. </li></ul><ul><li>This attack of distributed information gathering also applies to personal privacy. It seems few adverse effects can become of the information we reveal on a regular basis to movie stores, restaurants that deliver, car rental agencies, libraries, online surveys, and etcetera. We can tell individual, unrelated companies one thing such as our name, address, phone number, or age; and still maintaining a reasonable sense of privacy. Now, this privacy vanishes in the event that each company exposes (or is robbed of) these bits and pieces of information. What results is an attacker learning a significant portion of the information that appears on a driver's license, but we can expect much more devastating effects from well planned jobs with proper sources. </li></ul>
  8. 8. Conclusion <ul><li>Trojan horse can be categorized by based on how they breach systems and the damage they cause </li></ul><ul><li>Salami attack is a programmed attack which is implemented in small increments </li></ul><ul><li>Trojan horse and salami attack are types of virus </li></ul>
  9. 9. Bibliography <ul><li>Internet ( www.webopedia.com/TERM/T/Trojan_horse.html ) – 25/5/07 </li></ul><ul><li>( www.support.psi.com/support/spart/virus.html ) - 25/5/07 </li></ul><ul><li>( www.mnin.org/?page=salami&left=off ) - 25/5/07 </li></ul>

×