SlideShare a Scribd company logo

Final malacious softwares

Download as PPTX, PDF
Mirza Adnan Baig
Mirza Adnan Baig

This document discusses different types of malicious software including viruses, trojan horses, worms, and spyware. It provides details on how each type spreads and the harm they can cause. Viruses spread by infecting other files or programs and can corrupt data or disrupt systems. Trojan horses disguise harmful programs as legitimate ones. Worms replicate across networks and can delete files or disrupt systems. The document outlines strategies for prevention, detection, and removal of malicious software.

Technology
1 of 44
Presented By: Mirza Adnan Baig Naheed Afzal Aamir Husnain
 Software deliberately designed to harm computer systems.  Malicious software program causes undesired actions in information systems.  Spreads from one system to another through: 1. E-mail (through attachments) 2. Infected floppy disks 3. Downloading / Exchanging of corrupted files 4. Embedded into computer games
Malicious Software Viruses Trapdoor WormsSpywareTrojan HorseHoaxesRabbit Time Bomb Logic BombBoot Viruses File Viruses
These are the programs that spread to other software in the system .i.e., program that incorporates copies of itself into other programs. Two major categories of viruses: 1. Boot sector virus : infect boot sector of systems. become resident. activate while booting machine 2. File virus : infects program files. activates when program is run.
 Dormant phase - the virus is idle  Propagation phase - the virus places an identical copy of itself into other programs  Triggering phase – the virus is activated to perform the function for which it was intended  Execution phase – the function is performed Henric Johnson 6
Polymorphic Virus  Produces modified & fully operational code.  Produces new & different code every time when virus is copied & transmitted to a new host.  Difficult to detect & remove. Stealth Virus  Programming tricks make the tracing and understanding the code difficult.  Complex programming methods used to design code, so difficult to repair infected file. Armored Virus  Hides modifications it has made to files or to the disk.  Reports false values to programs as they read files or data from storage media. Companion Virus  Creates new program instead of modifying existing program.  Contains all virus code.  Executed by shell, instead of original program.
Identifying Viruses :  A virus is a unique program.  It as a unique object code.  The pattern of object code and where it is inserted provides a signature to the virus program.  This virus signature can be used by virus scanners to identify and detect a particular virus.  Some viruses try to hide or alter their signature:  Random patterns in meaningless places.  Self modifying code – metamorphic, polymorphic viruses.  Encrypt the code, change the key frequently.
Effect of Virus attack on computer system  Virus may affect user’s data in memory – overwriting.  Virus may affect user’s program – overwriting.  Virus may also overwrite system’s data or programs – corrupting it – disrupts normal operation of system.  “Smashing the Stack” – Buffer overflow due to execution of program directed to virus code.
 prevention - ideal solution but difficult  realistically need: ◦ detection ◦ identification ◦ removal  if detect but can’t identify or remove, must discard and replace infected program
 virus & antivirus tech have both evolved  early viruses simple code, easily removed  as become more complex, so must the countermeasures  generations first - signature scanners second - heuristics third - identify actions fourth - combination packages
 runs executable files through GD scanner: CPU emulator to interpret instructions virus scanner to check known virus signatures emulation control module to manage process  lets virus decrypt itself in interpreter  periodically scan for virus signatures  issue is long to interpret and scan tradeoff chance of detection vs time delay
 Rabbit : This malicious software replicates itself without limits. Depletes some or all the system’s resources.  Re-attacks the infected systems – difficult recovery.  Exhausts all the system’s resources such as CPU time, memory, disk space.  Depletion of resources thus denying user access to those resources.
 Hoaxes : False alerts of spreading viruses.  e.g., sending chain letters.  message seems to be important to recipient, forwards it to other users – becomes a chain.  Exchanging large number of messages (in chain) floods the network resources – bandwidth wastage.  Blocks the systems on network – access denied due to heavy network traffic.
 A Trojan horse (or Trojan) is a malware program that appears to perform some useful task, but which also does something with negative consequences (e.g., launches a keylogger).  Trojan horses can be installed as part of the payload of other malware but are often installed by a user or administrator, either deliberately or accidentally. 6/13/2014Malware 16
 Time Bomb  Logic Bomb
 A "time bomb" is simply a Trojan horse set to trigger at a particular time/date.
 one of oldest types of malicious software  code embedded in legitimate program  activated when specified conditions met ◦ eg presence/absence of some file ◦ particular date/time ◦ particular user  when triggered typically damage system ◦ modify/delete files/disks, halt machine, etc
 Trojans currently have largest infection potential ◦ Often exploit browser vulnerabilities ◦ Typically used to download other malware in multi-stage attacks 6/13/2014Malware 20 Source: Symantec Internet Security Threat Report, April 2009
1. Remote access Trojan takes full control of your system and passes it to the hacker. 2. The data-sending Trojan sends data back to the hacker by means of e-mail. e.g., Key-loggers – log and transmit each keystroke.
3. The destructive Trojan has only one purpose: to destroy and delete files. Unlikely to be detected by anti-virus software. 4. The denial-of-service (DOS) attack Trojans combines computing power of all computers/systems it infects to launch an attack on another computer system. Floods the system with traffic, hence it crashes. 5. The proxy Trojans allows a hacker to turn user’s computer into HIS (Host Integration Server) server – to make purchases with stolen credit cards and run other organized criminal enterprises in particular user’s name.
6. The FTP Trojan opens port 21 (the port for FTP transfer) and lets the attacker connect to your computer using File Transfer Protocol (FTP). 7. The security software disabler Trojan is designed to stop or kill security programs such as anti-virus software, firewalls, etc., without you knowing it.
 Transmitting medium : 1. spam or e-mail 2. a downloaded file 3. a disk from a trusted source 4. a legitimate program with the Trojan inside.  Trojan looks for your personal information and sends it to the Trojan writer (hacker). It can also allow the hacker to take full control of your system.
 For example, you download what appears to be a movie or music file, but when you click on it, you unleash a dangerous program that erases your disk, sends your credit card numbers and passwords to a stranger, or lets that stranger hack your computer to commit illegal Denial of service attacks .
1. Clean Re-installation: Back up your entire hard disk, format the disk, re-install the operating system and all your applications from original CDs.
2. Anti-Virus Software: Anti-virus software is always going to be playing catch up with active virus on the system. Make sure your computer has an anti virus program on it and update it regularly. If you have an auto- update option included in your anti-virus program you should turn it on; that way if you forget to update your software you can still be protected from threats Anti-Trojan Programs: These programs are the most effective against Trojan horse attacks, because they specialize in Trojans instead of general viruses.
NEVER download blindly from people or sites which you aren't 100% sure about Even if the file comes from a friend, you still must be sure what the file is before opening it NEVER use features in your programs that automatically get or preview files Never blindly type commands that others tell you to type, or go to web addresses mentioned by strangers, or run pre-fabricated programs or scripts
A simple example of a trojan horse would be a program named “waterfalls.scr" claiming to be a free waterfall screensaver which, when run, instead would allow access to the user's computer remotely. AIDS(trojanhorse) AIDS, also known as Aids Info Disk or PC Cyborg Trojan, is a trojan horse that replaces the AUTOEXEC.BAT file, which would then be used by AIDS to count the number times the computer has booted. Once this boot count reaches 90, AIDS hides directories and encrypts the names of all files on drive C: (rendering the system unusable).
 Spyware :  Spyware programs explore the files in an information system.  Information forwarded to an address specified in Spyware.  Spyware can also be used for investigation of software users or preparation of an attack.
 Trapdoor :  Secret undocumented entry point to the program.  An example of such feature is so called back door, which enables intrusion to the target by passing user authentication methods.  A hole in the security of a system deliberately left in place by designers or maintainers.  Trapdoor allows unauthorized access to the system.  Only purpose of a trap door is to "bypass" internal controls. It is up to the attacker to determine how this circumvention of control can be utilized for his benefit.
Types of Trapdoor Undetectable Trapdoor Virtually undetectable. Hardware Trapdoor Security-related hardware flaws.
 Worms :  program that spreads copies of itself through a network.  Does irrecoverable damage to the computer system.  Stand-alone program, spreads only through network.  Also performs various malicious activities other than spreading itself to different systems e.g., deleting files.
1. Deleting files and other malicious actions on systems. 2. Communicate information back to attacker e.g., passwords, other proprietary information. 3. Disrupt normal operation of system, thus denial of service attack (DoS) – due to re- infecting infected system. 4. Worms may carry viruses with them.
Means of spreading Infection by Worms :  Infects one system, gain access to trusted host lists on infected system and spread to other hosts.  Another method of infection is penetrating a system by guessing passwords.  By exploiting widely known security holes, in case, password guessing and trusted host accessing fails. e.g., A well-known example of a worm is the ILOVEYOU worm, which invaded millions of computers through e-mail in 2000.
 Code Red ◦ July 2001 exploiting MS IIS bug ◦ probes random IP address, does DDoS attack  Code Red II variant includes backdoor  SQL Slammer ◦ early 2003, attacks MS SQL Server  Mydoom ◦ mass-mailing e-mail worm that appeared in 2004 ◦ installed remote access backdoor in infected systems  Warezov family of worms ◦ scan for e-mail addresses, send in attachment
 multiplatform  multi-exploit  ultrafast spreading  polymorphic  metamorphic  transport vehicles  zero-day exploit
 first appeared on mobile phones in 2004 target smartphone which can install s/w  they communicate via Bluetooth or MMS  to disable phone, delete data on phone, or send premium-priced messages  CommWarrior, launched in 2005 replicates using Bluetooth to nearby phones and via MMS using address-book numbers
 overlaps with anti-virus techniques  once worm on system A/V can detect  worms also cause significant net activity  worm defense approaches include: signature-based worm scan filtering filter-based worm containment payload-classification-based worm containment threshold random walk scan detection rate limiting and rate halting
Conclusion: Preventing infection by malicious software :  Use only trusted software, not pirated software.  Test all new software on isolated computer system.  Regularly take backup of the programs.  Use anti-virus software to detect and remove viruses.  Update virus database frequently to get new virus signatures.  Install firewall software, which hampers or prevents the functionality of worms and Trojan horses.  Make sure that the e-mail attachments are secure.  Do not keep a floppy disk in the drive when starting a program, unless sure that it does not include malicious software, else virus will be copied in the boot sector.
 Webopedia.com. Trojan Horse. Retrieved Nov 8, 2003 from website: http://www.webopedia.com/TERM/T/Trojan_horse.html  Staffordshire University, Information & Security Team (Jun 8, 2002). Information Systems Security Guidelines. Retrieved Nov 10, 2003 from website: http://www.staffs.ac.uk/services/information_technology/regs/security7.shtm  M.E.Kabay, Norwich University, VT (2002). Malicious Software. Retrieved Nov 9, 2003 from website: http://www2.norwich.edu/mkabay/cyberwatch/09malware.htm  Computer Emergency Response Team (CERT), Information Security (Jul 2, 2002). Malicious Software – general. Retrieved Nov 10, 2003 from website: http://www.ficora.fi/englanti/tietoturva/haittaohj.htm

Recommended

Lecture 12 malicious software
Lecture 12 malicious software Lecture 12 malicious software
Lecture 12 malicious software
rajakhurram
 
Malicious software
Malicious softwareMalicious software
Malicious softwaremsdeepika
 
Malicious software
Malicious softwareMalicious software
Malicious softwarerajakhurram
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identification
sandeep shergill
 
Computer virus 18
Computer virus 18Computer virus 18
Computer virus 18Muhammad Ramzan
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remedies
Manish Kumar
 
Malicious software
Malicious softwareMalicious software
Malicious software
Dr.Florence Dayana
 

Recommended

Lecture 12 malicious software
Lecture 12 malicious software Lecture 12 malicious software
Lecture 12 malicious software
rajakhurram
 
Malicious software
Malicious softwareMalicious software
Malicious softwaremsdeepika
 
Malicious software
Malicious softwareMalicious software
Malicious softwarerajakhurram
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identification
sandeep shergill
 
Computer virus 18
Computer virus 18Computer virus 18
Computer virus 18Muhammad Ramzan
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
Types of malicious software and remedies
Types of malicious software and remediesTypes of malicious software and remedies
Types of malicious software and remedies
Manish Kumar
 
Malicious software
Malicious softwareMalicious software
Malicious software
Dr.Florence Dayana
 
Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
G Prachi
 
Introductions To Malwares
Introductions To MalwaresIntroductions To Malwares
Introductions To Malwares
Cyber Vignan
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
Education
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
Program security
Program securityProgram security
Program security
G Prachi
 
Lecture malicious software
Lecture malicious softwareLecture malicious software
Lecture malicious softwarerajakhurram
 
Mitppt
MitpptMitppt
MitpptAarti Prakash
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis ahmad abdelhafeez
 
Virus and antivirus final ppt
Virus and antivirus final pptVirus and antivirus final ppt
Virus and antivirus final ppt
aritradutta22
 
Ch19
Ch19Ch19
Ch19
saurabhmittal79
 
Computer Virus
Computer VirusComputer Virus
Computer VirusDebraj Chatterjee
 
Software security
Software securitySoftware security
Software security
jes_d
 
Compter virus and its solution
Compter virus and its solutionCompter virus and its solution
Compter virus and its solutionManoj Dongare
 
Logic bomb virus
Logic bomb virusLogic bomb virus
Logic bomb virus
ssuser1eca7d
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
Amjad Bhutto
 
Malwares and ways to detect and prevent them
Malwares and ways to detect and prevent themMalwares and ways to detect and prevent them
Malwares and ways to detect and prevent themkrunal gandhi
 
Malicious Software and Virus
Malicious Software and Virus Malicious Software and Virus
Malicious Software and Virus
Tasif Tanzim
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File Inclusion
Imperva
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and Threats
MarketingArrowECS_CZ
 
Malware
MalwareMalware
Malware
Harshdeep Singh
 
Ict - Computer Ethics
Ict - Computer EthicsIct - Computer Ethics
Ict - Computer Ethicsaleeya91
 
Computer Ethics Presentation
Computer Ethics PresentationComputer Ethics Presentation
Computer Ethics Presentationkatespeach
 

More Related Content

What's hot

Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
G Prachi
 
Introductions To Malwares
Introductions To MalwaresIntroductions To Malwares
Introductions To Malwares
Cyber Vignan
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
Education
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
Program security
Program securityProgram security
Program security
G Prachi
 
Lecture malicious software
Lecture malicious softwareLecture malicious software
Lecture malicious softwarerajakhurram
 
Virus and antivirus final ppt
Virus and antivirus final pptVirus and antivirus final ppt
Virus and antivirus final ppt
aritradutta22
 
Ch19
Ch19Ch19
Ch19
saurabhmittal79
 
Software security
Software securitySoftware security
Software security
jes_d
 
Compter virus and its solution
Compter virus and its solutionCompter virus and its solution
Compter virus and its solutionManoj Dongare
 
Logic bomb virus
Logic bomb virusLogic bomb virus
Logic bomb virus
ssuser1eca7d
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
Amjad Bhutto
 
Malwares and ways to detect and prevent them
Malwares and ways to detect and prevent themMalwares and ways to detect and prevent them
Malwares and ways to detect and prevent themkrunal gandhi
 
Malicious Software and Virus
Malicious Software and Virus Malicious Software and Virus
Malicious Software and Virus
Tasif Tanzim
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File Inclusion
Imperva
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and Threats
MarketingArrowECS_CZ
 
Malware
MalwareMalware
Malware
Harshdeep Singh
 

What's hot (20)

Malicious software and software security
Malicious software and software securityMalicious software and software security
Malicious software and software security
 
Introductions To Malwares
Introductions To MalwaresIntroductions To Malwares
Introductions To Malwares
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5
 
Program security
Program securityProgram security
Program security
 
Lecture malicious software
Lecture malicious softwareLecture malicious software
Lecture malicious software
 
Mitppt
MitpptMitppt
Mitppt
 
Malewareanalysis
Malewareanalysis Malewareanalysis
Malewareanalysis
 
Virus and antivirus final ppt
Virus and antivirus final pptVirus and antivirus final ppt
Virus and antivirus final ppt
 
Ch19
Ch19Ch19
Ch19
 
Computer Virus
Computer VirusComputer Virus
Computer Virus
 
Software security
Software securitySoftware security
Software security
 
Compter virus and its solution
Compter virus and its solutionCompter virus and its solution
Compter virus and its solution
 
Logic bomb virus
Logic bomb virusLogic bomb virus
Logic bomb virus
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
 
Malwares and ways to detect and prevent them
Malwares and ways to detect and prevent themMalwares and ways to detect and prevent them
Malwares and ways to detect and prevent them
 
Malicious Software and Virus
Malicious Software and Virus Malicious Software and Virus
Malicious Software and Virus
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File Inclusion
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and Threats
 
Malware
MalwareMalware
Malware
 

Viewers also liked

Ict - Computer Ethics
Ict - Computer EthicsIct - Computer Ethics
Ict - Computer Ethicsaleeya91
 
Computer Ethics Presentation
Computer Ethics PresentationComputer Ethics Presentation
Computer Ethics Presentationkatespeach
 
Ethical Issues In ICT
Ethical Issues In ICTEthical Issues In ICT
Ethical Issues In ICT
kelly kusmulyono
 
Legal, Ethical, and Social Issues in Educational Computing
Legal, Ethical, and Social Issues in Educational ComputingLegal, Ethical, and Social Issues in Educational Computing
Legal, Ethical, and Social Issues in Educational Computingsappingtonkr
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal IssuesKak Yong
 
Computer Ethics Presentation
Computer Ethics PresentationComputer Ethics Presentation
Computer Ethics Presentationguest65a1c4
 
Computer ethics
Computer ethicsComputer ethics
Computer ethicsJagan Nath
 
Legal, Ethical and Social Issues in Technology
Legal, Ethical and Social Issues in TechnologyLegal, Ethical and Social Issues in Technology
Legal, Ethical and Social Issues in Technology
Rachel Farnese
 
State of the Word 2011
State of the Word 2011State of the Word 2011
State of the Word 2011
photomatt
 

Viewers also liked (10)

Ict - Computer Ethics
Ict - Computer EthicsIct - Computer Ethics
Ict - Computer Ethics
 
Computer Ethics Presentation
Computer Ethics PresentationComputer Ethics Presentation
Computer Ethics Presentation
 
Ethical Issues In ICT
Ethical Issues In ICTEthical Issues In ICT
Ethical Issues In ICT
 
Computer Ethics
Computer EthicsComputer Ethics
Computer Ethics
 
Legal, Ethical, and Social Issues in Educational Computing
Legal, Ethical, and Social Issues in Educational ComputingLegal, Ethical, and Social Issues in Educational Computing
Legal, Ethical, and Social Issues in Educational Computing
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal Issues
 
Computer Ethics Presentation
Computer Ethics PresentationComputer Ethics Presentation
Computer Ethics Presentation
 
Computer ethics
Computer ethicsComputer ethics
Computer ethics
 
Legal, Ethical and Social Issues in Technology
Legal, Ethical and Social Issues in TechnologyLegal, Ethical and Social Issues in Technology
Legal, Ethical and Social Issues in Technology
 
State of the Word 2011
State of the Word 2011State of the Word 2011
State of the Word 2011
 

Similar to Final malacious softwares

Presentation2
Presentation2Presentation2
Presentation2Jeslynn
 
Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan Backdoors
JauwadSyed
 
System_security.pptx
System_security.pptxSystem_security.pptx
System_security.pptx
SusmitaSaha812194
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES
Sagilasagi1
 
Presentation24190
Presentation24190Presentation24190
Presentation24190KRT395
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
CAS
 
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horseintroduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horseSpandan Patnaik
 
Module 5.Malware
Module 5.MalwareModule 5.Malware
Module 5.Malware
Sitamarhi Institute of Technology
 
Itc lec 15 Computer security risks
Itc lec 15 Computer security risksItc lec 15 Computer security risks
Itc lec 15 Computer security risks
AnzaDar3
 
Unit - 5.ppt
Unit - 5.pptUnit - 5.ppt
Unit - 5.ppt
DHANABALSUBRAMANIAN
 
Virus
VirusVirus
Virus
dddaou
 
Codigo Malicioso
Codigo MaliciosoCodigo Malicioso
Codigo Malicioso
Jose Manuel Acosta
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
Argie242424
 
Computer viruses and antiviruses
Computer viruses and antivirusesComputer viruses and antiviruses
Computer viruses and antiviruses
Sanguine_Eva
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPT
Eva Harshita
 
Viruses & Malware
Viruses & MalwareViruses & Malware
Viruses & MalwareT.J. Schiel
 
Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & prevention
Khaleel Assadi
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System ThreatsReddhi Basu
 

Similar to Final malacious softwares (20)

Presentation2
Presentation2Presentation2
Presentation2
 
Trojan Backdoors
Trojan BackdoorsTrojan Backdoors
Trojan Backdoors
 
System_security.pptx
System_security.pptxSystem_security.pptx
System_security.pptx
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPES MALWARE AND ITS TYPES
MALWARE AND ITS TYPES
 
Ch19
Ch19Ch19
Ch19
 
Presentation24190
Presentation24190Presentation24190
Presentation24190
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
introduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horseintroduction to malwares,virus,trojan horse
introduction to malwares,virus,trojan horse
 
Module 5.Malware
Module 5.MalwareModule 5.Malware
Module 5.Malware
 
Module 5.pdf
Module 5.pdfModule 5.pdf
Module 5.pdf
 
Itc lec 15 Computer security risks
Itc lec 15 Computer security risksItc lec 15 Computer security risks
Itc lec 15 Computer security risks
 
Unit - 5.ppt
Unit - 5.pptUnit - 5.ppt
Unit - 5.ppt
 
Virus
VirusVirus
Virus
 
Codigo Malicioso
Codigo MaliciosoCodigo Malicioso
Codigo Malicioso
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
 
Computer viruses and antiviruses
Computer viruses and antivirusesComputer viruses and antiviruses
Computer viruses and antiviruses
 
Computer viruses and antiviruses PPT
Computer viruses and antiviruses PPTComputer viruses and antiviruses PPT
Computer viruses and antiviruses PPT
 
Viruses & Malware
Viruses & MalwareViruses & Malware
Viruses & Malware
 
Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & prevention
 
Program and System Threats
Program and System ThreatsProgram and System Threats
Program and System Threats
 

Recently uploaded

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 

Recently uploaded (20)

DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 

Final malacious softwares

  • 1. Presented By: Mirza Adnan Baig Naheed Afzal Aamir Husnain
  • 2.  Software deliberately designed to harm computer systems.  Malicious software program causes undesired actions in information systems.  Spreads from one system to another through: 1. E-mail (through attachments) 2. Infected floppy disks 3. Downloading / Exchanging of corrupted files 4. Embedded into computer games
  • 3. Malicious Software Viruses Trapdoor WormsSpywareTrojan HorseHoaxesRabbit Time Bomb Logic BombBoot Viruses File Viruses
  • 4.
  • 5. These are the programs that spread to other software in the system .i.e., program that incorporates copies of itself into other programs. Two major categories of viruses: 1. Boot sector virus : infect boot sector of systems. become resident. activate while booting machine 2. File virus : infects program files. activates when program is run.
  • 6.  Dormant phase - the virus is idle  Propagation phase - the virus places an identical copy of itself into other programs  Triggering phase – the virus is activated to perform the function for which it was intended  Execution phase – the function is performed Henric Johnson 6
  • 7. Polymorphic Virus  Produces modified & fully operational code.  Produces new & different code every time when virus is copied & transmitted to a new host.  Difficult to detect & remove. Stealth Virus  Programming tricks make the tracing and understanding the code difficult.  Complex programming methods used to design code, so difficult to repair infected file. Armored Virus  Hides modifications it has made to files or to the disk.  Reports false values to programs as they read files or data from storage media. Companion Virus  Creates new program instead of modifying existing program.  Contains all virus code.  Executed by shell, instead of original program.
  • 8. Identifying Viruses :  A virus is a unique program.  It as a unique object code.  The pattern of object code and where it is inserted provides a signature to the virus program.  This virus signature can be used by virus scanners to identify and detect a particular virus.  Some viruses try to hide or alter their signature:  Random patterns in meaningless places.  Self modifying code – metamorphic, polymorphic viruses.  Encrypt the code, change the key frequently.
  • 9. Effect of Virus attack on computer system  Virus may affect user’s data in memory – overwriting.  Virus may affect user’s program – overwriting.  Virus may also overwrite system’s data or programs – corrupting it – disrupts normal operation of system.  “Smashing the Stack” – Buffer overflow due to execution of program directed to virus code.
  • 10.  prevention - ideal solution but difficult  realistically need: ◦ detection ◦ identification ◦ removal  if detect but can’t identify or remove, must discard and replace infected program
  • 11.  virus & antivirus tech have both evolved  early viruses simple code, easily removed  as become more complex, so must the countermeasures  generations first - signature scanners second - heuristics third - identify actions fourth - combination packages
  • 12.  runs executable files through GD scanner: CPU emulator to interpret instructions virus scanner to check known virus signatures emulation control module to manage process  lets virus decrypt itself in interpreter  periodically scan for virus signatures  issue is long to interpret and scan tradeoff chance of detection vs time delay
  • 13.
  • 14.  Rabbit : This malicious software replicates itself without limits. Depletes some or all the system’s resources.  Re-attacks the infected systems – difficult recovery.  Exhausts all the system’s resources such as CPU time, memory, disk space.  Depletion of resources thus denying user access to those resources.
  • 15.  Hoaxes : False alerts of spreading viruses.  e.g., sending chain letters.  message seems to be important to recipient, forwards it to other users – becomes a chain.  Exchanging large number of messages (in chain) floods the network resources – bandwidth wastage.  Blocks the systems on network – access denied due to heavy network traffic.
  • 16.  A Trojan horse (or Trojan) is a malware program that appears to perform some useful task, but which also does something with negative consequences (e.g., launches a keylogger).  Trojan horses can be installed as part of the payload of other malware but are often installed by a user or administrator, either deliberately or accidentally. 6/13/2014Malware 16
  • 17.  Time Bomb  Logic Bomb
  • 18.  A "time bomb" is simply a Trojan horse set to trigger at a particular time/date.
  • 19.  one of oldest types of malicious software  code embedded in legitimate program  activated when specified conditions met ◦ eg presence/absence of some file ◦ particular date/time ◦ particular user  when triggered typically damage system ◦ modify/delete files/disks, halt machine, etc
  • 20.  Trojans currently have largest infection potential ◦ Often exploit browser vulnerabilities ◦ Typically used to download other malware in multi-stage attacks 6/13/2014Malware 20 Source: Symantec Internet Security Threat Report, April 2009
  • 21. 1. Remote access Trojan takes full control of your system and passes it to the hacker. 2. The data-sending Trojan sends data back to the hacker by means of e-mail. e.g., Key-loggers – log and transmit each keystroke.
  • 22. 3. The destructive Trojan has only one purpose: to destroy and delete files. Unlikely to be detected by anti-virus software. 4. The denial-of-service (DOS) attack Trojans combines computing power of all computers/systems it infects to launch an attack on another computer system. Floods the system with traffic, hence it crashes. 5. The proxy Trojans allows a hacker to turn user’s computer into HIS (Host Integration Server) server – to make purchases with stolen credit cards and run other organized criminal enterprises in particular user’s name.
  • 23. 6. The FTP Trojan opens port 21 (the port for FTP transfer) and lets the attacker connect to your computer using File Transfer Protocol (FTP). 7. The security software disabler Trojan is designed to stop or kill security programs such as anti-virus software, firewalls, etc., without you knowing it.
  • 24.  Transmitting medium : 1. spam or e-mail 2. a downloaded file 3. a disk from a trusted source 4. a legitimate program with the Trojan inside.  Trojan looks for your personal information and sends it to the Trojan writer (hacker). It can also allow the hacker to take full control of your system.
  • 25.  For example, you download what appears to be a movie or music file, but when you click on it, you unleash a dangerous program that erases your disk, sends your credit card numbers and passwords to a stranger, or lets that stranger hack your computer to commit illegal Denial of service attacks .
  • 26. 1. Clean Re-installation: Back up your entire hard disk, format the disk, re-install the operating system and all your applications from original CDs.
  • 27. 2. Anti-Virus Software: Anti-virus software is always going to be playing catch up with active virus on the system. Make sure your computer has an anti virus program on it and update it regularly. If you have an auto- update option included in your anti-virus program you should turn it on; that way if you forget to update your software you can still be protected from threats Anti-Trojan Programs: These programs are the most effective against Trojan horse attacks, because they specialize in Trojans instead of general viruses.
  • 28. NEVER download blindly from people or sites which you aren't 100% sure about Even if the file comes from a friend, you still must be sure what the file is before opening it NEVER use features in your programs that automatically get or preview files Never blindly type commands that others tell you to type, or go to web addresses mentioned by strangers, or run pre-fabricated programs or scripts
  • 29. A simple example of a trojan horse would be a program named “waterfalls.scr" claiming to be a free waterfall screensaver which, when run, instead would allow access to the user's computer remotely. AIDS(trojanhorse) AIDS, also known as Aids Info Disk or PC Cyborg Trojan, is a trojan horse that replaces the AUTOEXEC.BAT file, which would then be used by AIDS to count the number times the computer has booted. Once this boot count reaches 90, AIDS hides directories and encrypts the names of all files on drive C: (rendering the system unusable).
  • 30.  Spyware :  Spyware programs explore the files in an information system.  Information forwarded to an address specified in Spyware.  Spyware can also be used for investigation of software users or preparation of an attack.
  • 31.  Trapdoor :  Secret undocumented entry point to the program.  An example of such feature is so called back door, which enables intrusion to the target by passing user authentication methods.  A hole in the security of a system deliberately left in place by designers or maintainers.  Trapdoor allows unauthorized access to the system.  Only purpose of a trap door is to "bypass" internal controls. It is up to the attacker to determine how this circumvention of control can be utilized for his benefit.
  • 32. Types of Trapdoor Undetectable Trapdoor Virtually undetectable. Hardware Trapdoor Security-related hardware flaws.
  • 33.  Worms :  program that spreads copies of itself through a network.  Does irrecoverable damage to the computer system.  Stand-alone program, spreads only through network.  Also performs various malicious activities other than spreading itself to different systems e.g., deleting files.
  • 34. 1. Deleting files and other malicious actions on systems. 2. Communicate information back to attacker e.g., passwords, other proprietary information. 3. Disrupt normal operation of system, thus denial of service attack (DoS) – due to re- infecting infected system. 4. Worms may carry viruses with them.
  • 35. Means of spreading Infection by Worms :  Infects one system, gain access to trusted host lists on infected system and spread to other hosts.  Another method of infection is penetrating a system by guessing passwords.  By exploiting widely known security holes, in case, password guessing and trusted host accessing fails. e.g., A well-known example of a worm is the ILOVEYOU worm, which invaded millions of computers through e-mail in 2000.
  • 36.
  • 37.  Code Red ◦ July 2001 exploiting MS IIS bug ◦ probes random IP address, does DDoS attack  Code Red II variant includes backdoor  SQL Slammer ◦ early 2003, attacks MS SQL Server  Mydoom ◦ mass-mailing e-mail worm that appeared in 2004 ◦ installed remote access backdoor in infected systems  Warezov family of worms ◦ scan for e-mail addresses, send in attachment
  • 38.  multiplatform  multi-exploit  ultrafast spreading  polymorphic  metamorphic  transport vehicles  zero-day exploit
  • 39.  first appeared on mobile phones in 2004 target smartphone which can install s/w  they communicate via Bluetooth or MMS  to disable phone, delete data on phone, or send premium-priced messages  CommWarrior, launched in 2005 replicates using Bluetooth to nearby phones and via MMS using address-book numbers
  • 40.  overlaps with anti-virus techniques  once worm on system A/V can detect  worms also cause significant net activity  worm defense approaches include: signature-based worm scan filtering filter-based worm containment payload-classification-based worm containment threshold random walk scan detection rate limiting and rate halting
  • 41.
  • 42.
  • 43. Conclusion: Preventing infection by malicious software :  Use only trusted software, not pirated software.  Test all new software on isolated computer system.  Regularly take backup of the programs.  Use anti-virus software to detect and remove viruses.  Update virus database frequently to get new virus signatures.  Install firewall software, which hampers or prevents the functionality of worms and Trojan horses.  Make sure that the e-mail attachments are secure.  Do not keep a floppy disk in the drive when starting a program, unless sure that it does not include malicious software, else virus will be copied in the boot sector.
  • 44.  Webopedia.com. Trojan Horse. Retrieved Nov 8, 2003 from website: http://www.webopedia.com/TERM/T/Trojan_horse.html  Staffordshire University, Information & Security Team (Jun 8, 2002). Information Systems Security Guidelines. Retrieved Nov 10, 2003 from website: http://www.staffs.ac.uk/services/information_technology/regs/security7.shtm  M.E.Kabay, Norwich University, VT (2002). Malicious Software. Retrieved Nov 9, 2003 from website: http://www2.norwich.edu/mkabay/cyberwatch/09malware.htm  Computer Emergency Response Team (CERT), Information Security (Jul 2, 2002). Malicious Software – general. Retrieved Nov 10, 2003 from website: http://www.ficora.fi/englanti/tietoturva/haittaohj.htm