This document discusses various types of malware and network intrusions, as well as strategies for protection. It describes different types of malware like viruses, worms, trojans, and bots. It also outlines social engineering attacks and technical intrusions like DDoS attacks and input validation vulnerabilities. Finally, it provides recommendations for anti-malware strategies like using updated antivirus software, email/file scanning, and security patches.

1. PROTECTION FROM HACKING
ATTACKS
By Sugirtha Jasmine M (ME Cyber Security)
Information Security Analyst

2. 1.MALWARES
• Malware is a collective term for any
malicious software which enters
system without authorization of user
of the system.
• The term is created from merging
the words malicious and softwares

3. Types of Malwares
• VIRUS (VITAL INFORMATION RESOURCES
UNDER SEIZE)
• A Virus is computer program that executes
when an infected program is executed.
• On MS-DOS system, these files usually have
the extensions .exe, .com, .bat, .sys
• Virus always needs a trigger to execute itself
and after execution itself and after execution
they leave the memory part.

4. • Types of Virus
Boot sector Virus
File infecting Viruses
Polymorphic viruses
Stealth Viruses
Multi Partite Viruses

5. • Boot sector Viruses
Boot sector viruses are those that
infect the boot sector on a computer
system
• File infecting Viruses
are unsurprisingly viruses that infect
files. Sometime these viruses are
memory resident

6. • Polymorphic Viruses
it change their appearance with each
infection. Such encryption viruses are usually
difficult to detect because they are better at
hiding themselves from antivirus software.
• Stealth Viruses
it attempt to hide from both the operating
system and anti-virus software.
• Multi partite viruses
it infects both boot sector files and
executable files.

7. HOW VIRUSES SPREAD?

8. WORMS
• Worms are constructed to infiltrate
legitimate data processing programs
and alter or destroy the data.
• It do not replicate themselves

9. TROJAN HORSES
• A trojan horse is a destructive
program that has been concealed
in an innocuous piece of software
• It is not viruses because they do
not reproduce themselves and
spread as viruses do.

10. LOGIC BOMBS
• Writing a logic bomb program is
similar to trojan horses.
• It depends on time and date

11. BOTS AND BOTNETS
• A bot is a program that operates
automatically as an agent for a user or
another program
• Hackers forward bots to the victim
system
• It also used for mass spam mailings,
installing key logging software that can
steal victims password and data.

12. VULNERABILITY TO MALWARE
• Use of the same operating system
• Software bugs
• Over privileged users
• Unconfirmed code

13. ANTI-MALWARE STRATERGIES
• Anti viruses and Anti malware
software
• Website Security Scans
• Eliminating Over Privileged Scan

14. MALWARE DETECTION TECHNIQUES
• Signature based malware detection
techniques
• Specification based detection
• Behavior based detection

15. COUNTER MEASURES
• Vaccine Software and Keep it Up-to-date
• Email attachment File Should be scanned
• Downloaded file should be scanned
• For application utilize security functions
• Security patches should be applied
• Symptoms of Virus infection must be
Overlooked
• Incase of emergency data should be Backed
up

16. NETWORK INTRUSION
• Computer Networks that are
currently to the internet are
vulnerable to a variety of exploits
that can compromise their intended
operations.

17. TYPES OF INTRUSION
• Non Technical
Social Engineering attack
Pretexting
Phishing
Smishing
Vishing
Tabnabbing

18. • Technical Intrusion
DOS
Input Validation
Keyloggers
Sniffing

19. Non Technical Intrusion
• Social Engineering Intrusion
As humans we are bound by both nature
and nurture to the social contract which, like
many contracts, might be twisted to our
disadvantage. Such twisting is called Social
Engineering.

20. • Common types of social Engineering
Human Based
Impersonation
Important User
Dumpster Diving
Shoulder Surfing

21. • Computer Based
Popup Windows
Mail Attachments
Spam
Websites

22. • Pretexting
Pretexting is an act of creating and using
an invented scenario to obtain information
from the target, usually over the telephone.

23. • Phishing
it uses both social engineering and
technical activities to to steals consumers
personal identity data and financial account
credentials.

24. • Smishing
Smishing is the cell phone equivalent to
“Phishing” , text messages that lead you to a
counterfeit web site trying to get your
personal information using SMS.

25. • Vishing
VoIP Phishing is an electronic fraud tactic
in which individuals are tricked in to revealing
critical financial or personal information to
unauthorized entities

26. TECHNICAL INTRUSION
• DOS
To make service unavailable.
Types
Ping of Death
LAND attack
Tear drop attack
SYN flood attack
ICMP flood attack
Smurf attack

27. • Ping of Death
An attacker sends an ICMP echo request
packet that is larger than the maximum packet
size.Since the received ICMP echo packet is
larger than the normal IP packet size. The
target cant reassemble the packets. So the OS
crashes or reboot

28. • LAND Attack
When the attacker initiates a SYN
Flood attack using the IP address of the
victim as source and destination IP
address, then it is said that the attacker
has launched a LAND ATTACK.

29. • Tear Drop Attack
This type of attack deals with
fragmentation and reassembly of IP Packets.
The IP header contains the necessary fields to
handle fragmentation issues

30. • SYN Flood Attack
An attacker could deliberately flood the
server with TCP SYN segments without
acknowledging back the server SYN response.

31. • ICMP Flood Attack
Similar to the SYN flood attack, an ICMP
flood attack takes place when an attacker
overloads its victim with huge number of
ICMP echo request with spoofed source IP
address.

32. Smurf attack
it is a type of network level DOS attack
using ICMP echo replies from computer in the
same broadcast network by sending forged
ICMP echo request

33. • DDOS Attack
the attacks come from multiple host or
system

34. • Input Validation
Input Validation Attacks are where an
attacker intentionally sends unusual input in
the hopes of confusing the application.
SQL Injection
SQL injection is an attack in which
malicious code is inserted in to strings that are
later passed to an instance of SQL Server.
Manual or Using Tools

35. • Blind SQL Injection
It is used when a web application is
vulnerable to an SQL injection but the results
of the injection are not visible to the attacker.

36. • XSS Cross site scripting
is generally believed to be one of the most
common application layer hacking techniques.
In general cross site scripting refers to that
hacking techniques that leverages
vulnerabilities in the code of the web
application to allow an attacker to send
malicious content from an end user and
collect some type of data from the victim

37. • BUFFER OVERFLOW
– An Buffer overflow occurs when a progress or
program running on your computer system uses
more memory than it was allocated and has to
store the extra data in the temporary location
called a buffer overflow

38. • KEY LOGGER
This is the one of the simplest method for
hacking the computer. A keylogger is a piece
of hardware or software that logs everything
someone types.

39. • SNIFFING
Sniffing is observing packets passing by on the
network. It is a popular way to steal data from the
network, usually in form of passwords, ID Names,
etc

40. • SESSION HIJACKING
– It is the exploitation of a valid computer session ,
sometimes called a session key. To gain
unauthorized access to information or services in
a computer system

41. PASSWORD INTRUSION
• Any attack designed to allow an unauthorized
user access to an authorized password
Types of password attacks
Default password
Dictionary Password
Bruteforce Password

42. BACKDOOR
• A secret or underhand means of access (to a
place or a position) or an undocumented way
to get access to a computer system

43. ROOTKITS
• A rootkits is a collection of programs that
enable administrator-level access to a
computer or computer network.

44. MONITORING TOOLS
• The term monitoring or network monitoring
describes the use of a system that constantly
monitors a computer network for slow or
failing components and that notifies the
network administrator.

45. ART OF GOOGLING
• Google search or Google web search is a web
search engine owned by Google.
• And it is the most used search engine on the
web.
• Google receives several hundred million
queries each day through its various services.
• Biggest database

46. • GOOGLE SEARCH
• I’M FEELING LUCKING
• ADVANCED SEARCH
• PREFERENCES
• LANGUAGE TOOL
• GOOGLE AS A PROXY SERVER

47. SEARCHING TECHNIQUES
• Basic Search Technique
• Advance search Technique

48. BASIC SEARCH TECHNIQUES
• Basic Keyword Search
• Phrase Search “jbbub”
• Operator Search + or –
• Range Search eg: jdk 1.3.1.6

49. ADVANCE SEARCHING TECHNIQUES
• Site Operator .gov .com
• InTitle Operator intitle: index of master name
• Inurl operator inurl:etc/passwd
• File type Operator
• Link Operator
• Cache operator
• Phonebook Operator

50. THANK YOU