This lecture discusses common methods of cyberattack and types of malware. Some methods of attack explored include packet sniffing to intercept internet traffic, software attacks like trojans and viruses, and social engineering through phishing and hoaxes. Common types of malware described are trojans, viruses, worms, rootkits, adware, spyware, and ransomware. Social engineering methods used by cybercriminals like phishing are also explained.
The document provides an overview of cyber security and vulnerability scanning. It discusses the history of cyber security including early computer worms like Creeper and Reaper. The CIA triad of confidentiality, integrity and availability is introduced as a model for security policies. Types of attacks and how cyber security is implemented are covered. Vulnerability scanners are defined as tools that assess vulnerabilities across systems and networks. Their benefits, limitations, architecture and types including network-based and host-based are outlined.
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
Network breaches are on the rise, and the consequences are getting more dire. Needless to say, you don't want to be the next Target.You've invested in security tools like firewalls and IPS systems. But today's stealthy attacks can still get through. When you suspect an attack, you need your insurance policy—network forensics.
In this seminar, you'll learn how network forensics—network recording along with powerful search and analysis tools—can enable your in-house security team to track down, verify, and characterize attacks.
You'll also learn about the requirements for effective forensics on today's 10G and 40G networks.
And you'll learn some best practices for configuring captures to help you and your team pinpoint and remediate anomalous behavior that could signal an attack.
This document discusses computer security and provides information on viruses, hackers, and protection strategies. It defines computer security and outlines common security measures like data encryption and passwords. It describes different types of viruses like time bombs, logical bombs, worms, and trojans. It also defines different types of hackers like white hats, black hats, and script kiddies. The document concludes by emphasizing that computer security requires ongoing efforts as hackers evolve their techniques in response to increased protections.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
This document discusses various web application security topics including SQL injection, cross-site request forgery (CSRF), cross-site scripting (XSS), session tokens, and cookies. It provides examples of each type of attack, how they work, their impact, and strategies for prevention. Specific topics covered include SQL injection examples using single quotes, comments, and dropping tables; CSRF examples using bank transfers and router configuration; and XSS examples using persistent, reflected, and DOM-based techniques.
The document discusses insider threat and solutions from the US Department of Defense perspective. It defines insider threat, discusses motivations and past cases like Edward Snowden. It outlines government measures including the National Insider Threat Task Force and requirements around user activity monitoring. Technical solutions discussed include user and entity behavior analytics using machine learning, extensive logging and forensic capabilities, and combining internal monitoring with external threat protection.
Virus and its CounterMeasures -- Pruthvi Monarch Pruthvi Monarch
This document discusses viruses and countermeasures against them. It begins by defining viruses and their operation modes and structure. It describes different types of viruses like macro viruses, email viruses, and Trojan horses. It then discusses recent malicious attacks like Code Red and Nimda. The document outlines various virus countermeasures like prevention, detection, and reaction techniques. It describes advanced techniques like digital immune systems, behavioral blocking software, and antivirus software programs. It concludes by emphasizing the importance of installing antivirus applications, regularly scanning for viruses, gaining knowledge about how viruses work, and using basic internet security applications.
The document provides an overview of cyber security and vulnerability scanning. It discusses the history of cyber security including early computer worms like Creeper and Reaper. The CIA triad of confidentiality, integrity and availability is introduced as a model for security policies. Types of attacks and how cyber security is implemented are covered. Vulnerability scanners are defined as tools that assess vulnerabilities across systems and networks. Their benefits, limitations, architecture and types including network-based and host-based are outlined.
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
Network breaches are on the rise, and the consequences are getting more dire. Needless to say, you don't want to be the next Target.You've invested in security tools like firewalls and IPS systems. But today's stealthy attacks can still get through. When you suspect an attack, you need your insurance policy—network forensics.
In this seminar, you'll learn how network forensics—network recording along with powerful search and analysis tools—can enable your in-house security team to track down, verify, and characterize attacks.
You'll also learn about the requirements for effective forensics on today's 10G and 40G networks.
And you'll learn some best practices for configuring captures to help you and your team pinpoint and remediate anomalous behavior that could signal an attack.
This document discusses computer security and provides information on viruses, hackers, and protection strategies. It defines computer security and outlines common security measures like data encryption and passwords. It describes different types of viruses like time bombs, logical bombs, worms, and trojans. It also defines different types of hackers like white hats, black hats, and script kiddies. The document concludes by emphasizing that computer security requires ongoing efforts as hackers evolve their techniques in response to increased protections.
Slides for a college course at City College San Francisco. Based on "Hands-On Ethical Hacking and Network Defense, Third Edition" by Michael T. Simpson, Kent Backman, and James Corley -- ISBN: 9781285454610.
Instructor: Sam Bowne
Class website: https://samsclass.info/123/123_S17.shtml
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
This document discusses various web application security topics including SQL injection, cross-site request forgery (CSRF), cross-site scripting (XSS), session tokens, and cookies. It provides examples of each type of attack, how they work, their impact, and strategies for prevention. Specific topics covered include SQL injection examples using single quotes, comments, and dropping tables; CSRF examples using bank transfers and router configuration; and XSS examples using persistent, reflected, and DOM-based techniques.
The document discusses insider threat and solutions from the US Department of Defense perspective. It defines insider threat, discusses motivations and past cases like Edward Snowden. It outlines government measures including the National Insider Threat Task Force and requirements around user activity monitoring. Technical solutions discussed include user and entity behavior analytics using machine learning, extensive logging and forensic capabilities, and combining internal monitoring with external threat protection.
Virus and its CounterMeasures -- Pruthvi Monarch Pruthvi Monarch
This document discusses viruses and countermeasures against them. It begins by defining viruses and their operation modes and structure. It describes different types of viruses like macro viruses, email viruses, and Trojan horses. It then discusses recent malicious attacks like Code Red and Nimda. The document outlines various virus countermeasures like prevention, detection, and reaction techniques. It describes advanced techniques like digital immune systems, behavioral blocking software, and antivirus software programs. It concludes by emphasizing the importance of installing antivirus applications, regularly scanning for viruses, gaining knowledge about how viruses work, and using basic internet security applications.
This document discusses various types of malicious software including viruses, worms, and malware. It provides definitions and examples of different viruses and worms, how they spread and replicate on systems. It also summarizes approaches for detecting, identifying and removing viruses and worms, as well as proactive containment strategies for worms.
Malware is malicious software designed to harm or access a computer system without consent. It includes viruses, worms, trojan horses, spyware, and other unwanted programs. Malware was originally written as experiments or pranks, but is now often used for criminal purposes like identity theft or installing botnets for spam or denial of service attacks. It spreads through the internet and removable media. Malware authors aim to conceal the malware and prevent its removal through techniques like rootkits.
This document discusses various computer security risks and precautions users can take. It defines different types of threats like hackers, crackers, and cybercriminals. It also explains different attacks like cyberterrorism and how viruses can spread. The document recommends precautions like not opening unexpected email attachments, using antivirus software, and updating signatures regularly to help safeguard against malware infections.
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVEric Vanderburg
There are several categories of attackers, including hackers, crackers, script kiddies, spies, employees, and cyberterrorists. Common attacks include password guessing, which attempts to learn a user's password through various means, and denial of service attacks, which flood a server or device with requests to make it unavailable. Malicious software, or malware, consists of computer programs intentionally created to harm systems and includes viruses, worms, logic bombs, Trojan horses, and back doors.
This document discusses operating system security and roles. It covers system survivability, threats like attacks, failures and accidents. It describes unintentional and intentional intrusions like viruses, worms, Trojans, denial of service attacks and social engineering. It also discusses system protection methods like antivirus software, firewalls, encryption, authentication and passwords. Finally, it touches on ethics and educating users on ethical computer use.
The document discusses various types of computer attacks including:
- Executing malicious email attachments or accessing infected websites which can introduce viruses, worms or malware.
- Social engineering tricks users into providing sensitive information.
- Denial of service (DoS) attacks aim to crash systems by overloading resources, while distributed DoS (DDoS) uses multiple compromised systems.
- Other attacks include backdoors/trapdoors, logic bombs, Trojan horses, SQL injection, man-in-the-middle, session hijacking and replay attacks.
Computer crime involves illegal activities related to computers and networks. Crimes can involve actively using computers to commit offenses like hacking or sabotage, or passively using computers for crimes like recording illegal weapons dealings. Some computer crimes are old crimes transformed, like espionage or theft, while others are new like hacking into networks. Reasons for underreporting computer crimes include fear of bad publicity, lack of confidence in authorities, and public perception that computer crimes are not serious. Computer abuse involves sending offensive messages, while computer fraud aims to manipulate systems for illicit gain through activities like credit card or telecommunications fraud. Hackers may break into systems for challenges, money or sabotage using techniques like password guessing. Viruses, worms, Tro
Malicious activities (malcodes) are self replicating
malware and a major security threat in a network environment.
Timely detection and system alert flags are very essential to
prevent rapid malcodes spreading in the network. The difficulty
in detecting malcodes is that they evolve over time. Despite the fact
that signature-based tools, are generally used to secure systems,
signature-based malcode detectors neglect to recognize muddled
and beforehand concealed malcode executables. Automatic signature
generation systems has likewise been use to address the issue
of malcodes, yet there are many works required for good detection.
Base on the behavior way of malcodes, a behavior approach is
required for such detection. Specifically, we require a dynamic
investigation and behavior Rule Base system that distinguishes
malcodes without erroneously block legitimate traffic or increase
false alarms. This paper proposed and discussed the approach
using Machine learning and Indicators of Compromise (IOC) to
analyze intrusion in a network, to identify the cause of the attack
and to provide future detection. This paper proposed the use of
behaviour malware analysis framework to analyze intrusion data,
apply clustering algorithm on the analyzed data and generate IOC
from the clustered data for IOCRule, which will be implemented
into Snort Intrusion Detection System (IDS) for malicious code
detection.
This document outlines an infrastructure penetration testing training workshop. It discusses the typical phases of a penetration test including reconnaissance, scanning, exploitation, post-exploitation, and reporting. During the reconnaissance phase, tools like ping, whois, and host are demonstrated to find the IP address and domain information of the target machine. Nmap and Nessus are shown for port scanning and vulnerability scanning. Exploitation involves using tools like telnet and rlogin to exploit known vulnerabilities like rlogin and gaining access. Netcat is demonstrated for maintaining backdoor access. The document emphasizes learning additional tools and techniques for deeper understanding.
This document discusses various types of cyber attackers and threats. It describes traditional hackers who are motivated by thrill-seeking and reputation. It also discusses script kiddies who use pre-written scripts to launch attacks despite having low technical skills. Additionally, the document outlines the anatomy of a hack, including reconnaissance, exploiting vulnerabilities, and using botnets to launch distributed denial of service attacks. Social engineering tactics like phishing emails are also summarized.
This document discusses various types of cyber crimes including crimes against individuals, property, organizations and society. It describes causes of cyber crimes such as passion of youngsters, desire for recognition or money, and security issues. It then focuses on specific cyber crimes like unauthorized access, viruses, trojans, hacking, social engineering techniques like phishing and baiting, and spam. Common hacking tools are also outlined. Throughout, methods of prevention and popular examples are provided for each topic.
This document outlines Barratt & Associates' information security policy regarding malware and virus protection. It describes how viruses can infect the company's network via email, removable media, or downloaded files. The policy assigns responsibilities to both the IT department and users. The IT department is responsible for implementing antivirus software on servers and workstations, maintaining firewalls, scanning incoming internet traffic, and routinely updating virus definitions. Users are responsible for reporting any suspected virus infections. The goal is to prevent viruses from spreading and causing damage on the company's network.
The document discusses 5 of the most costly network security threats faced by enterprises: 1) botnets, 2) phishing, 3) malware, 4) distributed denial of service (DDoS) attacks, and 5) increasingly sophisticated attacks. It recommends implementing key layers of control through network perimeter protections, cloud-based security services, mobile device security, and endpoint compliance to effectively prevent and mitigate these threats. Outsourcing security functions to a managed security services provider can help organizations do more with less by avoiding in-house technology and staffing costs.
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...IJERA Editor
Client side attacks are those which exploits the vulnerabilities in client side applications such as browsers, plug-ins etc. The remote attackers execute the malicious code in end user’s system without his knowledge. Here in this research, we propose to detect and measure the drive by download class of malware which infect the end user’s system through HTTP based propagation mechanism. The purpose of this research is to introduce a class of technology known as client honeypot through which we execute the domains in a virtual machine in more optimized manner. Those virtual machines are the controlled environment for the execution of those URLs. During the execution of the websites, the PE files dropped into the system are logged and further analyzed for categorization of malware. Further the critical analysis has been performed by applying some reverse engineering techniques to categories the class of malware and source of infections performed by the malware.
This document discusses various types of program and system threats including Trojan horses, trapdoors, buffer overflows, worms, viruses, and denial of service attacks. A Trojan horse masquerades as legitimate software to gain unauthorized access. Trapdoors are secret vulnerabilities built into programs by designers. Buffer overflows occur when more data is input than a program expects, potentially allowing code execution. Worms self-replicate to spread while viruses require host files or human action. Examples like the Morris worm and Love Bug virus are provided. Protection involves antivirus software and safe computing practices. The key differences between worms and viruses are also outlined.
1. Trapdoors are secret entry points into a system that bypass normal security procedures, commonly used by developers in compilers. Logic bombs are malicious programs that are triggered when specified conditions are met, such as a particular date or user, and typically damage the system.
2. Trojan horses appear to have a normal function but have hidden malicious effects that violate security policies. Viruses are self-replicating code that alters normal programs to include infected versions and can have hidden payloads.
3. Worms propagate fully functioning copies of themselves across networks to infect other computers. Notable worms include Morris, Code Red, Nimda, Slammer, and Conficker which exploited software vulnerabilities to spread rapidly and
orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.
This document discusses various topics related to security testing, including:
1) The goals of computer security are to protect assets from corruption, unauthorized access, and denial of access through physical access controls, hardware/software mechanisms, and secure coding practices.
2) Security architectures should be validated through threat modeling to identify vulnerabilities in a system's security design.
3) Malware comes in various forms like viruses, worms, and Trojan horses that have malicious intents like theft, vandalism, or denial of service. Antivirus software aims to detect malware through signature matching.
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
This document discusses various types of malicious software including viruses, worms, and malware. It provides definitions and examples of different viruses and worms, how they spread and replicate on systems. It also summarizes approaches for detecting, identifying and removing viruses and worms, as well as proactive containment strategies for worms.
Malware is malicious software designed to harm or access a computer system without consent. It includes viruses, worms, trojan horses, spyware, and other unwanted programs. Malware was originally written as experiments or pranks, but is now often used for criminal purposes like identity theft or installing botnets for spam or denial of service attacks. It spreads through the internet and removable media. Malware authors aim to conceal the malware and prevent its removal through techniques like rootkits.
This document discusses various computer security risks and precautions users can take. It defines different types of threats like hackers, crackers, and cybercriminals. It also explains different attacks like cyberterrorism and how viruses can spread. The document recommends precautions like not opening unexpected email attachments, using antivirus software, and updating signatures regularly to help safeguard against malware infections.
Understanding computer attacks and attackers - Eric Vanderburg - JURINNOVEric Vanderburg
There are several categories of attackers, including hackers, crackers, script kiddies, spies, employees, and cyberterrorists. Common attacks include password guessing, which attempts to learn a user's password through various means, and denial of service attacks, which flood a server or device with requests to make it unavailable. Malicious software, or malware, consists of computer programs intentionally created to harm systems and includes viruses, worms, logic bombs, Trojan horses, and back doors.
This document discusses operating system security and roles. It covers system survivability, threats like attacks, failures and accidents. It describes unintentional and intentional intrusions like viruses, worms, Trojans, denial of service attacks and social engineering. It also discusses system protection methods like antivirus software, firewalls, encryption, authentication and passwords. Finally, it touches on ethics and educating users on ethical computer use.
The document discusses various types of computer attacks including:
- Executing malicious email attachments or accessing infected websites which can introduce viruses, worms or malware.
- Social engineering tricks users into providing sensitive information.
- Denial of service (DoS) attacks aim to crash systems by overloading resources, while distributed DoS (DDoS) uses multiple compromised systems.
- Other attacks include backdoors/trapdoors, logic bombs, Trojan horses, SQL injection, man-in-the-middle, session hijacking and replay attacks.
Computer crime involves illegal activities related to computers and networks. Crimes can involve actively using computers to commit offenses like hacking or sabotage, or passively using computers for crimes like recording illegal weapons dealings. Some computer crimes are old crimes transformed, like espionage or theft, while others are new like hacking into networks. Reasons for underreporting computer crimes include fear of bad publicity, lack of confidence in authorities, and public perception that computer crimes are not serious. Computer abuse involves sending offensive messages, while computer fraud aims to manipulate systems for illicit gain through activities like credit card or telecommunications fraud. Hackers may break into systems for challenges, money or sabotage using techniques like password guessing. Viruses, worms, Tro
Malicious activities (malcodes) are self replicating
malware and a major security threat in a network environment.
Timely detection and system alert flags are very essential to
prevent rapid malcodes spreading in the network. The difficulty
in detecting malcodes is that they evolve over time. Despite the fact
that signature-based tools, are generally used to secure systems,
signature-based malcode detectors neglect to recognize muddled
and beforehand concealed malcode executables. Automatic signature
generation systems has likewise been use to address the issue
of malcodes, yet there are many works required for good detection.
Base on the behavior way of malcodes, a behavior approach is
required for such detection. Specifically, we require a dynamic
investigation and behavior Rule Base system that distinguishes
malcodes without erroneously block legitimate traffic or increase
false alarms. This paper proposed and discussed the approach
using Machine learning and Indicators of Compromise (IOC) to
analyze intrusion in a network, to identify the cause of the attack
and to provide future detection. This paper proposed the use of
behaviour malware analysis framework to analyze intrusion data,
apply clustering algorithm on the analyzed data and generate IOC
from the clustered data for IOCRule, which will be implemented
into Snort Intrusion Detection System (IDS) for malicious code
detection.
This document outlines an infrastructure penetration testing training workshop. It discusses the typical phases of a penetration test including reconnaissance, scanning, exploitation, post-exploitation, and reporting. During the reconnaissance phase, tools like ping, whois, and host are demonstrated to find the IP address and domain information of the target machine. Nmap and Nessus are shown for port scanning and vulnerability scanning. Exploitation involves using tools like telnet and rlogin to exploit known vulnerabilities like rlogin and gaining access. Netcat is demonstrated for maintaining backdoor access. The document emphasizes learning additional tools and techniques for deeper understanding.
This document discusses various types of cyber attackers and threats. It describes traditional hackers who are motivated by thrill-seeking and reputation. It also discusses script kiddies who use pre-written scripts to launch attacks despite having low technical skills. Additionally, the document outlines the anatomy of a hack, including reconnaissance, exploiting vulnerabilities, and using botnets to launch distributed denial of service attacks. Social engineering tactics like phishing emails are also summarized.
This document discusses various types of cyber crimes including crimes against individuals, property, organizations and society. It describes causes of cyber crimes such as passion of youngsters, desire for recognition or money, and security issues. It then focuses on specific cyber crimes like unauthorized access, viruses, trojans, hacking, social engineering techniques like phishing and baiting, and spam. Common hacking tools are also outlined. Throughout, methods of prevention and popular examples are provided for each topic.
This document outlines Barratt & Associates' information security policy regarding malware and virus protection. It describes how viruses can infect the company's network via email, removable media, or downloaded files. The policy assigns responsibilities to both the IT department and users. The IT department is responsible for implementing antivirus software on servers and workstations, maintaining firewalls, scanning incoming internet traffic, and routinely updating virus definitions. Users are responsible for reporting any suspected virus infections. The goal is to prevent viruses from spreading and causing damage on the company's network.
The document discusses 5 of the most costly network security threats faced by enterprises: 1) botnets, 2) phishing, 3) malware, 4) distributed denial of service (DDoS) attacks, and 5) increasingly sophisticated attacks. It recommends implementing key layers of control through network perimeter protections, cloud-based security services, mobile device security, and endpoint compliance to effectively prevent and mitigate these threats. Outsourcing security functions to a managed security services provider can help organizations do more with less by avoiding in-house technology and staffing costs.
Client Honeypot Based Drive by Download Exploit Detection and their Categoriz...IJERA Editor
Client side attacks are those which exploits the vulnerabilities in client side applications such as browsers, plug-ins etc. The remote attackers execute the malicious code in end user’s system without his knowledge. Here in this research, we propose to detect and measure the drive by download class of malware which infect the end user’s system through HTTP based propagation mechanism. The purpose of this research is to introduce a class of technology known as client honeypot through which we execute the domains in a virtual machine in more optimized manner. Those virtual machines are the controlled environment for the execution of those URLs. During the execution of the websites, the PE files dropped into the system are logged and further analyzed for categorization of malware. Further the critical analysis has been performed by applying some reverse engineering techniques to categories the class of malware and source of infections performed by the malware.
This document discusses various types of program and system threats including Trojan horses, trapdoors, buffer overflows, worms, viruses, and denial of service attacks. A Trojan horse masquerades as legitimate software to gain unauthorized access. Trapdoors are secret vulnerabilities built into programs by designers. Buffer overflows occur when more data is input than a program expects, potentially allowing code execution. Worms self-replicate to spread while viruses require host files or human action. Examples like the Morris worm and Love Bug virus are provided. Protection involves antivirus software and safe computing practices. The key differences between worms and viruses are also outlined.
1. Trapdoors are secret entry points into a system that bypass normal security procedures, commonly used by developers in compilers. Logic bombs are malicious programs that are triggered when specified conditions are met, such as a particular date or user, and typically damage the system.
2. Trojan horses appear to have a normal function but have hidden malicious effects that violate security policies. Viruses are self-replicating code that alters normal programs to include infected versions and can have hidden payloads.
3. Worms propagate fully functioning copies of themselves across networks to infect other computers. Notable worms include Morris, Code Red, Nimda, Slammer, and Conficker which exploited software vulnerabilities to spread rapidly and
orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.orientation of CS awareness.
This document discusses various topics related to security testing, including:
1) The goals of computer security are to protect assets from corruption, unauthorized access, and denial of access through physical access controls, hardware/software mechanisms, and secure coding practices.
2) Security architectures should be validated through threat modeling to identify vulnerabilities in a system's security design.
3) Malware comes in various forms like viruses, worms, and Trojan horses that have malicious intents like theft, vandalism, or denial of service. Antivirus software aims to detect malware through signature matching.
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
The document discusses various topics in computer security testing including the goals of security, common security mechanisms, approaches to validating software security, security architecture, threat modeling, and types of malware such as viruses, worms, trojan horses, backdoors, and polymorphic viruses. It provides examples and explanations of how these security topics work.
list of Deception as well as detection techniques for malewareAJAY VISHKARMA
This document is a thesis presentation that discusses the use of deception techniques in malware attacks and defense mechanisms. It is presented by Ajay Kumar Vishkarma to fulfill the requirements for a Master of Technology degree in Computer Science. The presentation contains 4 chapters: (1) Malware, which defines malware and discusses different types like viruses, worms, Trojans etc. and their effects; (2) Malware detection techniques; (3) Deception techniques used by attackers; and (4) Deception techniques used by defenders.
Malware comes in many forms and can damage computers in several ways. It is designed to spread without permission and perform unwanted tasks. Common types of malware include viruses, trojans, worms, spyware, and ransomware. Malware spreads through emails, websites, removable drives, and social networks. It can steal personal information, encrypt files until payment is made, and turn computers into bots. Users should protect themselves by installing antivirus software, practicing caution online, and scanning for malware regularly.
External threats to information systems include malicious software and computer crimes. Malicious software, such as viruses, worms, trojans, and spyware, can steal data, delete files, and slow down computer performance. Computer crimes involve hackers monitoring online activity or committing identity theft and fraud. Common types of attacks include ransomware, SQL injection, and virus backdoors that aim to compromise systems and access sensitive information.
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
Computer viruses, worms, Trojan horses, spyware, and other malware can harm computer systems in various ways. Anti-virus software, firewalls, and other security measures help protect against malware threats. Digital certificates, digital signatures, strong passwords also help secure computer systems and networks from unauthorized access.
The document discusses the threat landscape and network security measures. It defines key terms related to threats such as APTs, botnets, exploits, and vulnerabilities. It describes the evolving nature of adversaries from attention seekers to organized crime groups. It outlines the goals of different threat actors and provides examples of major network attacks. It then discusses network security measures that aim to break the advanced threat lifecycle through tools like IPS, firewalls, sandboxing, and unified threat management. The document emphasizes that security must continuously evolve to address the increasing skills of hackers.
This document discusses information system security. It defines information system security as collecting activities to protect information systems and stored data. It outlines four components of an IT security policy framework: policies, standards, procedures, and guidelines. It also discusses vulnerabilities, threats, attacks, and trends in attacks. Vulnerabilities refer to weaknesses, while threats use tools and scripts to launch attacks like reconnaissance, access, denial of service, and viruses/Trojans. Common attacks trends include malware, phishing, ransomware, denial of service, man-in-the-middle, cryptojacking, SQL injection, and zero-day exploits.
Ransomware is a type of malicious software that encrypts a victim's files and demands ransom payment to regain access. It has become a lucrative attack method for cyber criminals. The document discusses what ransomware is, how it affects users, examples of ransomware attacks on hospitals, and recommendations if a user becomes a victim. General tips to defend against ransomware include maintaining consistent data backups, keeping software updated, and educating users about security best practices.
Cyber crimes involve illegal activities using computers and the internet, such as hacking and data theft. Cyber security aims to protect networks, computers, programs and data from attacks through technologies, processes and practices. There are five key principles of cyber security: confidentiality, integrity, availability, accountability, and auditability. Cyber threats can originate from a variety of sources and be classified by the attacker's resources, organization, and funding. Common cyber attacks include advanced persistent threats, backdoors, man-in-the-middle attacks, and denial-of-service attacks.
This document provides an introduction to cyber security, including definitions of key concepts. It discusses cyber crimes and security, principles of security, and common threats. Cyber security aims to protect against crimes committed using computers and networks, and its principles are confidentiality, integrity, availability, accountability, and auditability. Threats can come from various sources and be classified by the attacker's resources, organization, and funding. Examples of threats, attacks, and malicious codes are also outlined.
Ransomware has become one of the most widespread and damaging threats that internet users face. Since the infamous CryptoLocker first appeared in 2013, we’ve seen a new era of file-encrypting ransomware variants delivered through spam messages and Exploit Kits, extorting money from home users and businesses alike.
This document contains information from multiple chapters about malware. It defines malware as malicious software that can disrupt computer operation, gather sensitive information, or gain unauthorized access. It describes different types of malware like viruses, Trojan horses, worms, spyware, and ransomware. It also discusses how malware spreads, potential symptoms, damages caused, and methods to protect computers like installing anti-malware software and practicing caution online.
This document provides an overview of health informatics. It defines key terms like information management, information systems, and informatics. It describes the basic theoretical concept underlying informatics practice and defines biomedical and health informatics as fields of study. It outlines the learning objectives which include describing informatics areas of application, summarizing drivers and trends, and identifying professional roles and skills of health informaticians in processing data into information and knowledge to improve patient care. It then discusses the skills, tools, and domains of health informaticians and their roles in academic, research, and health care delivery environments.
Evolution of and Trends in Health Care - Lecture DCMDLearning
The document describes Lecture d of a course on the evolution of and trends in health care in the U.S. It discusses the patient-centered medical home model of care coordination, including characteristics like having a personal physician, team-based care, and quality/safety measures. It also introduces Accountable Care Organizations as a new model of care coordination promoted by the Affordable Care Act. Finally, it provides references for Lecture d.
Evolution of and Trends in Health Care - Lecture CCMDLearning
This lecture defined healthcare quality and gave examples of quality indicators such as process measures and outcome measures. It described approaches to quality improvement like the "Plan, Do, Study, Act" (PDSA) cycle. Comparative Effectiveness Research (CER) was introduced as a way to compare benefits and harms of alternative healthcare methods using evidence from studies. CER aims to help patients and physicians choose between treatment options.
Evolution of and Trends in Health Care - Lecture BCMDLearning
This lecture defines clinical practice guidelines and describes their purpose in helping clinicians and patients make appropriate healthcare decisions. It discusses the U.S. Preventive Services Task Force (USPSTF), an independent panel that issues evidence-based recommendations on clinical preventive services using a grading system (A to I) based on certainty of net benefit. The lecture also briefly introduces the Grading of Recommendations Assessment, Development and Evaluation (GRADE) framework for assessing evidence quality in clinical guidelines.
Evolution of and Trends in Health Care - Lecture ACMDLearning
This document discusses key concepts in evidence-based medicine and trends in the U.S. healthcare system. It defines evidence-based medicine as using the best available evidence from research to inform patient care decisions. Clinical practice guidelines and clinical decision support systems aim to promote evidence-based practices. The hierarchy of evidence ranks study types to determine the strength of evidence. Systematic reviews systematically analyze the literature on a topic.
The document discusses topics covered in Lecture c of Public Health, Part 2. It describes the importance of chronic diseases as leading causes of mortality in the US. Behavior modification is discussed as the main public health focus for prevention through education. The World Health Organization's STEPwise Framework for chronic disease prevention and policy is also presented. Environmental public health topics are reviewed, including overlap with chronic and communicable diseases. Air and water quality, hazardous waste management, and topics like smoking and urban planning are discussed.
This document discusses terrorism and public health in three parts. It begins by introducing four main categories of terrorism: bioterrorism, agricultural terrorism, chemical terrorism, and nuclear/radiation terrorism. It then discusses bioterrorism in more detail, including a history of bioterrorism incidents in the US and the CDC's categorization of bioterrorism agents. It concludes by describing the Laboratory Response Network and providing an overview of the public health response and challenges for the other categories of terrorism.
This document discusses communicable diseases and public health activities related to communicable disease prevention and control. It provides examples of communicable disease categories and historic public health triumphs in eradicating smallpox and bringing polio under control. The document also outlines public health investigations of disease outbreaks and monitoring/surveillance efforts at the federal, state, and local levels to control communicable diseases.
The document provides an overview of key concepts from Lecture c of Public Health, Part 1. It discusses the radical improvements public health has made to population health, including examples of successes in communicable disease control. It also reviews some historical highlights of public health in the US, noting how life expectancy has increased 30 years since 1900 due largely to public health initiatives. Major causes of death in 2014 are listed, with all but one being chronic or injury-related.
This document provides an overview of key concepts in public health from Lecture b, including:
- Defining important public health terminology like endemic, epidemic, morbidity, and mortality.
- Illustrating the general organization of public health agencies in the United States at the local, state, and federal levels.
- Explaining several roles of public health like education, policy, monitoring and surveillance, and regulating reportable diseases.
The document provides an overview of public health in the United States through a series of lectures. It begins with distinguishing between private health, which focuses on treating individuals, and public health, which aims to maintain population health through education, policy, and other measures. Next, it reviews the history of public health in the US from the 1700s to present, highlighting milestones like the establishment of the CDC and responses to health crises. The document concludes with learning objectives and references for further information.
The document discusses regulating health care in the United States. It covers several topics: the role of clinical documentation in health records to support patient safety, quality of care, and as a legal record; the importance of compliance programs to ensure adherence to laws and regulations regarding issues like fraud, abuse, and privacy; and the functions of organizations that oversee healthcare quality and standards like accreditation bodies. Thorough and complete clinical documentation is necessary to protect healthcare providers from legal risks while also supporting patient care, reimbursement, and organizational operations.
The document discusses key aspects of regulating health care in the United States as covered in Lecture d. It describes the Health Insurance Portability and Accountability Act (HIPAA) which establishes requirements for protecting patient health information and applies to covered entities like health care providers, health plans, and clearinghouses. It also discusses efforts by organizations like The Joint Commission and Agency for Health Care Research and Quality to improve patient safety and reduce medical errors through initiatives and research.
This lecture discusses how health care is regulated in the United States. It covers laws related to the Affordable Care Act, standards of care, informed consent, medical malpractice, and fraud/abuse. Providers must follow numerous complicated laws, obtain informed consent from patients, meet reasonable standards of care, and avoid fraudulent billing practices. The system is changing rapidly due to reforms like the Affordable Care Act and tort law proposals.
Lecture a discusses how health care in the US is regulated through accreditation, regulatory bodies, and professional associations. The Joint Commission is a major nonprofit accrediting body that establishes standards and accredits hospitals and other organizations through reviews and core measure reporting. Other accrediting organizations include URAC and the National Committee for Quality Assurance. Regulatory agencies like the Food and Drug Administration enforce standards to protect consumers. Professional associations represent various health professions and promote quality through certification, education, and advocacy.
This lecture discusses how the US legal system regulates health care. It describes the three branches of government - legislative, executive, and judicial - and how the court system is divided into trial courts that hear evidence and appellate courts that review cases. The lecture outlines the main sources of law and different types of laws, such as civil/private laws that govern relationships between people/organizations and public laws that govern relationships between people and the government. It provides examples of how civil cases involve private parties and criminal cases involve the government and a defendant.
The document discusses factors contributing to rising health care expenditures in the United States. It identifies increased demand from chronic disease and an aging population, new medical technologies, high pharmaceutical costs, and administrative inefficiencies compared to other countries as key drivers. While the uninsured account for some costs, evidence shows their emergency department utilization has not increased and is not a primary cause of overcrowding. Overall rising medical costs are challenging to curb due to demand for new, often expensive treatments and an inability to control utilization.
This document discusses reimbursement methodologies used by insurers to pay healthcare providers. It describes fee-for-service reimbursement, where separate payments are made for each service provided, and episode-of-care reimbursement, where one sum is paid for all services during an illness. Specific fee-for-service methods covered include traditional retrospective reimbursement using fee schedules, self-pay, and prospective payment models like capitation, per diem, case rates, and diagnosis-related groups. The document also reviews the revenue cycle of submitting claims and receiving reimbursement.
This document discusses the revenue cycle and billing process in healthcare. It describes how healthcare organizations capture charges for services provided, code diagnoses and procedures, and submit claims to insurers for reimbursement. Accurate coding using standardized code sets like ICD-10-CM, ICD-10-PCS, CPT and HCPCS is essential for reimbursement. The revenue cycle involves registration of patient information, charge capture, coding, claims submission, and payment receipt.
This document discusses methods for controlling rising health care costs in the United States. It explores how increased use of health information technology, evidence-based medicine, and new models of primary care such as the patient-centered medical home can improve efficiency and reduce expenditures. Alternative delivery methods like urgent care clinics and greater use of nurse practitioners and physician assistants may also lower costs. While concierge medicine provides enhanced services, there is no data showing it contains overall spending. Tort reform aims to curb defensive medicine practices that drive up healthcare costs.
Dr. David Greene R3 stem cell Breakthroughs: Stem Cell Therapy in CardiologyR3 Stem Cell
Dr. David Greene, founder and CEO of R3 Stem Cell, is at the forefront of groundbreaking research in the field of cardiology, focusing on the transformative potential of stem cell therapy. His latest work emphasizes innovative approaches to treating heart disease, aiming to repair damaged heart tissue and improve heart function through the use of advanced stem cell techniques. This research promises not only to enhance the quality of life for patients with chronic heart conditions but also to pave the way for new, more effective treatments. Dr. Greene's work is notable for its focus on safety, efficacy, and the potential to significantly reduce the need for invasive surgeries and long-term medication, positioning stem cell therapy as a key player in the future of cardiac care.
Can coffee help me lose weight? Yes, 25,422 users in the USA use it for that ...nirahealhty
The South Beach Coffee Java Diet is a variation of the popular South Beach Diet, which was developed by cardiologist Dr. Arthur Agatston. The original South Beach Diet focuses on consuming lean proteins, healthy fats, and low-glycemic index carbohydrates. The South Beach Coffee Java Diet adds the element of coffee, specifically caffeine, to enhance weight loss and improve energy levels.
Michigan HealthTech Market Map 2024. Includes 7 categories: Policy Makers, Academic Innovation Centers, Digital Health Providers, Healthcare Providers, Payers / Insurance, Device Companies, Life Science Companies, Innovation Accelerators. Developed by the Michigan-Israel Business Accelerator
Rate Controlled Drug Delivery Systems, Activation Modulated Drug Delivery Systems, Mechanically activated, pH activated, Enzyme activated, Osmotic activated Drug Delivery Systems, Feedback regulated Drug Delivery Systems systems are discussed here.
Hypertension and it's role of physiotherapy in it.Vishal kr Thakur
This particular slides consist of- what is hypertension,what are it's causes and it's effect on body, risk factors, symptoms,complications, diagnosis and role of physiotherapy in it.
This slide is very helpful for physiotherapy students and also for other medical and healthcare students.
Here is summary of hypertension -
Hypertension, also known as high blood pressure, is a serious medical condition that occurs when blood pressure in the body's arteries is consistently too high. Blood pressure is the force of blood pushing against the walls of blood vessels as the heart pumps it. Hypertension can increase the risk of heart disease, brain disease, kidney disease, and premature death.
International Cancer Survivors Day is celebrated during June, placing the spotlight not only on cancer survivors, but also their caregivers.
CANSA has compiled a list of tips and guidelines of support:
https://cansa.org.za/who-cares-for-cancer-patients-caregivers/
Chandrima Spa Ajman is one of the leading Massage Center in Ajman, which is open 24 hours exclusively for men. Being one of the most affordable Spa in Ajman, we offer Body to Body massage, Kerala Massage, Malayali Massage, Indian Massage, Pakistani Massage Russian massage, Thai massage, Swedish massage, Hot Stone Massage, Deep Tissue Massage, and many more. Indulge in the ultimate massage experience and book your appointment today. We are confident that you will leave our Massage spa feeling refreshed, rejuvenated, and ready to take on the world.
Visit : https://massagespaajman.com/
Call : 052 987 1315
KEY Points of Leicester travel clinic In London doc.docxNX Healthcare
In order to protect visitors' safety and wellbeing, Travel Clinic Leicester offers a wide range of travel-related health treatments, including individualized counseling and vaccines. Our team of medical experts specializes in getting people ready for international travel, with a particular emphasis on vaccines and health consultations to prevent travel-related illnesses. We provide a range of travel-related services, such as health concerns unique to a trip, prevention of malaria, and travel-related medical supplies. Our clinic is dedicated to providing top-notch care, keeping abreast of the most recent recommendations for vaccinations and travel health precautions. The goal of Travel Clinic Leicester is to keep you safe and well-rested no matter what kind of travel you choose—business, pleasure, or adventure.
Unlocking the Secrets to Safe Patient Handling.pdfLift Ability
Furthermore, the time constraints and workload in healthcare settings can make it challenging for caregivers to prioritise safe patient handling Australia practices, leading to shortcuts and increased risks.
Healthy Eating Habits:
Understanding Nutrition Labels: Teaches how to read and interpret food labels, focusing on serving sizes, calorie intake, and nutrients to limit or include.
Tips for Healthy Eating: Offers practical advice such as incorporating a variety of foods, practicing moderation, staying hydrated, and eating mindfully.
Benefits of Regular Exercise:
Physical Benefits: Discusses how exercise aids in weight management, muscle and bone health, cardiovascular health, and flexibility.
Mental Benefits: Explains the psychological advantages, including stress reduction, improved mood, and better sleep.
Tips for Staying Active:
Encourages consistency, variety in exercises, setting realistic goals, and finding enjoyable activities to maintain motivation.
Maintaining a Balanced Lifestyle:
Integrating Nutrition and Exercise: Suggests meal planning and incorporating physical activity into daily routines.
Monitoring Progress: Recommends tracking food intake and exercise, regular health check-ups, and provides tips for achieving balance, such as getting sufficient sleep, managing stress, and staying socially active.
Letter to MREC - application to conduct studyAzreen Aj
Application to conduct study on research title 'Awareness and knowledge of oral cancer and precancer among dental outpatient in Klinik Pergigian Merlimau, Melaka'
Cold Sores: Causes, Treatments, and Prevention Strategies | The Lifesciences ...The Lifesciences Magazine
Cold Sores, medically known as herpes labialis, are caused by the herpes simplex virus (HSV). HSV-1 is primarily responsible for cold sores, although HSV-2 can also contribute in some cases.
LGBTQ+ Adults: Unique Opportunities and Inclusive Approaches to CareVITASAuthor
This webinar helps clinicians understand the unique healthcare needs of the LGBTQ+ community, primarily in relation to end-of-life care. Topics include social and cultural background and challenges, healthcare disparities, advanced care planning, and strategies for reaching the community and improving quality of care.
LGBTQ+ Adults: Unique Opportunities and Inclusive Approaches to Care
Security & Privacy - Lecture B
1. Introduction to Computer Science
Security and Privacy
Lecture b
This material (Comp 4 Unit 7) was developed by Oregon Health & Science University, funded by the Department
of Health and Human Services, Office of the National Coordinator for Health Information Technology under
Award Number 90WT0001.
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International
License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/4.0
2. Security and Privacy
Learning Objectives - 1
• Define cybercrime and cybersecurity
(Lecture a)
• List common information technology (IT)
security and privacy concerns (Lecture a)
• List hardware components that are usually
attacked by the hackers (Lecture a)
• Explain some of the common methods of
attack (Lecture b)
2
3. Security and Privacy
Learning Objectives - 2
• Describe common types of malware
(Lecture b)
• Explain social engineering methods used
by cybercriminals (Lecture b)
• Describe methods and tools available for
protection against cyberattacks (Lecture c)
• Describe practices designed to minimize
the risk of successful cyberattack (Lecture
d)
3
4. Security and Privacy
Learning Objectives - 3
• Address specifics of wireless device
security (Lecture d)
• Explain security and privacy concerns
associated with EHRs (Lecture e)
• Describe security safeguards used for
health care applications (Lecture e)
• Provide the basics of ethical behavior
online (Lecture e)
4
5. Some of the Hackers’ Methods
• Packet sniffers can intercept Internet traffic
– Internet traffic consists of data “packets”,
which can be “sniffed”
– Usernames, passwords, sensitive information
• Software attacks
– e.g. Trojans, Viruses, Worms, Rootkits
• Guess at usernames and passwords
• Social Engineering
– Phishing, hoaxes
5
6. Malware - 1
• “Malware, short for malicious software, is
any software used to disrupt computer
operations, gather sensitive information,
gain access to private computer systems,
or display unwanted advertising”
(Wikipedia, 2016)
6
8. Trojan Horse - 1
• Name comes from the analogy with the
Trojan Horse from Greek mythology
• Malware program that is usually disguised
as useful and harmless software
• User tricked into installing it
– Misleading description or ad
– Trojan is injected into otherwise legitimate
software
8
9. Trojan Horse - 2
• Trojan Horse can
– Have an immediate or delayed effect
– Destroy and/or steal sensitive data
– Install other unwanted software
– Display unsolicited advertisements
– Transmit passwords, key strokes, etc. back to
the attacker.
9
10. Viruses - 1
• A program that, when executed,
replicates itself into
– Other computer programs
– Operating system files
– Data files
– Boot sector of the hard drive
– Attached drive (external HDD, flash drive,
etc.)
10
11. Viruses - 2
• Computer can get infected with a virus
from:
– Another computer in the same network
– Infected external drive
– Email attachment
11
12. Viruses - 3
• A virus can
– Reformat your hard drive
– Corrupt data
– Access private information
– Spam your contacts
– Log your keystrokes
– Consume infected computer’s resources:
CPU time or hard disk space
12
13. Viruses - 4
• A virus can
– Display advertisement and redirect web browsers
– In extreme cases, render the computer useless
• Majority of viruses target computers running
Microsoft Windows
• Removal may involve formatting the hard disk
and reinstalling the operating system or
restoring from a virus-free backup
13
14. Macro Viruses - 1
“Macro language is a special-purpose
command language used to automate
sequences within an application such as a
spreadsheet or word processor”
www.yourdictionary.com
• Microsoft Office applications commonly
use macros written in the Visual Basic for
Applications (VBA) macro language
14
15. Macro Viruses - 2
• Macro viruses target Microsoft Office
applications
– Written in a macro language such as VBA (Visual
Basic for Applications)
– Take advantage of MS Office applications
allowing for macro programs to be embedded in
documents, spreadsheets, or even email
– Activated when user opens a file in which the
macro virus resides
• Don’t even click on email from unknown sender
15
16. Worms
• Standalone malware program
– Uses a computer network to propagate
– Install a backdoor on the computer making it a
bot – computer under full control of a hacker
o Networks of bots referred to as botnets
o Commonly used for sending junk email or
attacking other computers or websites
– May cause significant harm to a network by
consuming bandwidth
16
18. Rootkits - 1
• Malware that actively conceals its actions
and presence
• Concealment occurs through:
– Removing evidence of original attack and
activity that led to rootkit installation
– Gaining control of the system
– Installing additional malicious tools to widen
scope of the attack
– Hiding files, processes, network connections
18
19. Rootkits - 2
• Removal
– Can be complicated
– May require
o Reformatting the hard drive
o Reinstalling the operating system
o Reinstalling all application software
19
20. Adware - 1
• Downloads and displays unsolicited ads
• Redirects searches to certain advertising
websites
• Collects information used for targeted
marketing without the user's knowledge
– Types and frequency of websites user visits
– User’s web searches
• Usually downloaded and installed without
user’s knowledge
20
21. Adware - 2
• Computer can get infected by:
– Visiting an infected website
– Adware embedded in legitimate applications
– Hacker technologies
• Adware that operates without user’s
consent is considered malicious
21
22. Spyware - 1
• Covertly collects information and
transmits.
• Common targets:
– User logins (usernames, passwords)
– Bank or credit account information
– Email contacts and addresses
– Keystrokes (also called keylogger)
– User’s surfing habits
22
23. Spyware - 2
• Can assert control over a computer
– Change computer and software settings
– Install additional software
• Can result in
– Slow Internet connection speed
– Unusual web browser behavior
23
24. Ransomware - 1
• Restricts access to files by:
– Locking the system
– Encryption
• Attacker demands payment to remove the
restriction
• User may have to reformat the hard drive
and reinstall the operating system and
application software
24
25. Ransomware - 2
• Some ransomware displays fake warnings
from law enforcement claiming:
– Computer has been used for illegal activity
– Stores inappropriate material, such as
pornography
– Runs a non-genuine version of Microsoft
Windows
25
26. Scareware
• Pop-up messages
claiming computer
is infected
• The pop-ups
cannot be closed
• In some cases
scareware makes
computer files
inaccessible
• Manipulates users
to purchase fake
security software –
frequently malware
(FBI, 2011, PD-US)
26
27. Personal Information Attacks - 1
• Phishing – fishing for sensitive information
– Attempt to trick user into revealing personal
information
– Typical phishing email appears asking to login
for verification purposes – do NOT respond
– Email link brings user to site that looks like
real web site of impersonated institution
– Remember: no reputable organization will
ever ask you to verify your log in credentials
27
28. Personal Information Attacks - 2
• Immediately report the phishing attempt to
the organization being impersonated
• Some email programs move suspicious
email to a quarantined Junk folder
– Removing email from the Junk folder also
takes it out of quarantine
28
29. False Information - 1
• Hoax
– Attempt to convince user of something false
– Usually come in form of an email
o IRS “official” notice
o Request to send money to facilitate inheritance
processing
o Request contributions
• Exercise common sense
– Search for email’s text, include the word hoax
29
30. False Information - 2
• Uncloak a hoax
– Use trusted Internet sites to detect hoaxes
o Snopes.com - http://www.snopes.com/
o Urban Legends Online -
http://urbanlegendsonline.com/
• Never forward email chains without
verifying their source
30
31. Security and Privacy
Summary – Lecture b
• Explored some of the common methods of
attack used by computer hackers
• Described common types of malware
• Explained some of the social engineering
methods used by cybercriminals
31
32. Security and Privacy
References – Lecture b
References
Macro language - computer definition. (n.d.). Retrieved July 10, 2016, from
http://www.yourdictionary.com/macro-language
Malware. (n.d.). In Wikipedia. Retrieved July 10, 2016, from
https://en.wikipedia.org/wiki/Malware
Images
Slide 17: Screenshot of Beast 2.07 malware. (n.d.). Turkcebilgi. Retrieved from
https://www.turkcebilgi.com/kötücül_yazılım_(malware) [Turkish]. This file is licensed
through the GNU Free Documentation License.
Slide 26: Scareware image. (2011, June 22). In ‘Scareware’ Distributors Targeted.
Federal Bureau of Investigation. Retrieved April 18, 2016, from
https://www.fbi.gov/news/stories/scareware-distributors-targeted.
32
33. Introduction to Computer Science
Security and Privacy
Lecture b
This material was developed by Oregon
Health & Science University, funded by the
Department of Health and Human Services,
Office of the National Coordinator for Health
Information Technology under Award
Number 90WT0001.
33
Editor's Notes
Welcome to the Introduction to Computer Science: Security and Privacy. This is Lecture b.
The component, Introduction to Computer Science, provides a basic overview of computer architecture; data organization, representation and structure; the structure of programming languages; and networking and data communication. It also includes the basic terminology of computing.
The objectives for this unit, Security and Privacy, are to:
Define cybercrime and cybersecurity
List common information technology, or IT, security and privacy concerns
List the hardware components that are usually attacked by hackers
Explain some of the common methods of attack
Describe common types of malware
Explain social engineering methods used by cybercriminals
Describe methods and tools available for protection against cyberattacks
Describe practices designed to minimize the risk of successful cyberattack
Address specifics of wireless device security
Explain security and privacy concerns associated with Electronic Health Records, or EHRs
Describe security safeguards used for health care applications
And, provide the basics of ethical behavior online
In this lecture, we will explore some of the hackers more commonly used methods of attack, describe common types of malware, and explain some of the social engineering methods used by cybercriminals.
Hackers use software known as a packet sniffer to read Internet traffic. An attacker lurking in a wireless café may be able to view all Internet traffic on that wireless network by using a packet sniffer. The hacker could capture the usernames and passwords of everyone in the café, which would be especially devastating if someone logged into their bank or credit card account while using the café’s wireless.
Another hackers’ method is to infect computers with malware such as adware, spyware, Trojans, viruses, worms, and rootkits.
Hackers also try to guess usernames and passwords and use social engineering techniques such as phishing to obtain sensitive information. We will talk more about each of these later in this lecture.
Malware is a broad term for software that is used by hackers and criminals. There is some overlap in the definitions and functionalities of some malware types.
According to Wikipedia, “Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, gain access to private computer systems, or display unwanted advertising”.
Most computer users likely have experience with some form of malware. You may have inadvertently clicked on a file which, in turn, forced installation of some software on your computer. Although you didn’t approve the installation, it happened anyway. Or maybe you visited a web page and clicked on a link or button on the page that automatically installed software on your computer without your knowledge or consent. Everyone finds this experience frustrating so everyone must be mindful when opening email attachments, opening unfamiliar files, and clicking any links and buttons when surfing the web.
Types of malware include Trojan horses, viruses, macro viruses, worms, rootkits, adware, spyware, ransomware, and scareware. We will examine each of these in the following slides.
The name “Trojan” is based on an analogy with the Trojan Horse from Greek mythology. Just like in that story, this type of Trojan horse is not what it seems to be.
Trojan horses, or simply Trojans, are malware programs disguised as useful and harmless software.
The user gets tricked to installing a Trojan by a misleading description or advertisement.
Sometimes Trojans get onto your computer as malicious code injected in otherwise legitimate software.
An installed Trojan may start acting immediately, or it may wait a certain amount of time set by the hacker who created the Trojan. Delaying a Trojan’s activation makes it more difficult to control or prevent damage.
Many Trojans steal sensitive data for use by the hacker in blackmail schemes. Other Trojans destroy data found in the machine it’s installed on or across entire networks.
Some Trojans install other unwanted software. Others display unsolicited advertisements. Sensitive information such as bank accounts, passwords, or even key strokes can be transmitted back to the attacker from the Trojan.
When executed, a virus replicates by inserting copies of itself into other computer programs, operating system files, data files, boot sectors of the hard drive, or any other drive attached to the computer.
Viruses can be transmitted to your computer from another computer on the same network, from an infected external drive that got connected to your computer, or from opening a malicious email attachment.
Viruses can do a number of nasty things to your computer, including:
Reformatting your hard drive
Corrupting data
Accessing private information
Spamming your contacts
Logging your keystrokes
And consuming infected computer’s resources, such as CPU time or hard disk space
Viruses can also:
Display unwanted advertisements and redirect web browsers away from the site you were trying to access.
In extreme cases, viruses can render a computer completely useless. For example, some viruses disable important operating system functionality such as the ability to back up a hard disk. Some viruses will reformat a hard disk.
The majority of the existing viruses are designed to infect computers running the Microsoft Windows operating system.
When trying to remove a virus, you must be sure to eliminate all replicas of that virus. If even a single replica remains, the computer is still infected.
Often, the best option for getting rid of a virus is to format the hard disk and reinstall the operating system or restore from a virus-free backup.
According to the online version of PC Magazine, “macro language is a special-purpose command language used to automate sequences within an application such as a spreadsheet or word processor”.
Microsoft Office applications commonly use macros written in the Visual Basic for Applications, or VBA, macro language for good purposes.
Macro viruses can take advantage of Microsoft Office applications because those applications allow programs written in a macro language to be embedded in Microsoft Office documents, spreadsheets, or even email.
A macro virus gets activated when a computer user clicks a file in which the macro virus resides. Once installed, macro viruses can be as harmful as any other malware.
It is important to be aware of those risks when receiving files and/or emails from an untrusted source. If the sender is not known or trusted, it is best not to even click on the email or its attachment because that simple act may activate the macro.
Some email programs quarantine suspicious email, preventing it from doing harm to the system.
Unlike a macro virus or a Trojan, a worm is a standalone malware program. A worm spreads itself through computer networks by exploiting security vulnerabilities.
Worms install a backdoor on the infected computer. A backdoor is a stealthy method of bypassing normal computer system authentication. The worm gains complete control of the computer and turns it into a zombie, or bot.
Networks of such computers are referred to as botnets and are commonly used by spammers for sending unsolicited email. Botnets are also used for attacking other computers or websites.
Worms can create a lot of network traffic, and merely by their presence may cause significant harm to a network by consuming bandwidth.
This is a screen shot from the graphical user interface, or GUI, of Beast. Beast is a Windows-based backdoor Trojan, commonly known in the hacking community as a Remote Administration Tool or a RAT.
This Trojan remains harmless until it is opened. When opened, it uses the code injection method to inject itself into other applications. Once that happens, it gives the hacker full control over the infected computer.
A rootkit is malware that actively conceals its actions and presence.
Rootkits conceal themselves by:
Removing the evidence of the original attack and activity that led to the rootkit’s installation
Gaining control over the system
Installing additional malware
And hiding the files, processes, and network connections that it uses.
Removal of a rootkit can be extremely difficult and frequently it is more time and cost efficient to reformat the hard drive and reinstall the operating system and all application software.
Adware does what its name suggests: it downloads and displays unsolicited ads.
It can also redirect web search requests to certain advertising websites.
Some adware collect data that can be used for targeted marketing, such as the types of online purchases you make, which websites you visit and how often you visit them, or the content of your web searches.
Based on this information, customized advertisements can be displayed.
Usually adware is downloaded and installed without the user's knowledge.
A computer can get infected with adware by
Visiting an infected website that results in unauthorized installation of adware
Adware being embedded in otherwise legitimate applications
And use of hacker technologies
Strictly speaking, not all adware is considered malware; only adware that installs and operates without user’s consent is regarded as malicious.
Spyware covertly collects information about a person or organization and transmits that information in the background to another entity. Spyware can collect almost any type of data. Data that is commonly targeted includes:
User logins
Bank or credit account information
Email contacts and addresses
Keystrokes
and user’s surfing habits
Spyware can also assert control over a computer without the user's knowledge. It can change computer and software settings and install additional software. This can result in slow Internet connection speeds and unusual behavior of Internet browsers.
Ransomware blocks access to files on the infected computer. The motivation for doing this is to coerce the victim into paying a ransom to get the files released.
Restricting access to a computer’s data can be achieved in a number of ways, among them:
Locking the computer system
And encrypting the files
If the victim pays the ransom, the ransomware operator may or may not remove the restriction.
In some cases, there is no choice but reformat the hard drive and reinstall the operating system and application software to get rid of the ransomware.
Some versions of the ransomware display fake warnings that impersonate law enforcement agencies. These warnings may claim that the computer has been used for illegal activities, contains inappropriate material such as pornography, or runs a non-genuine version of Microsoft Windows.
Again, the user is forced to pay off the hacker or face having to do a lot of reformatting and reinstalling.
Scareware produces pop-up messages falsely claiming the computer is infected with a virus. These warnings are persistent and the pop-ups usually can’t be closed easily.
The pop-ups often tell users to click a provided link to buy their anti-virus software, which is “guaranteed” to clean the computer.
In some cases, scareware behaves similarly to ransomware by blocking access to files on the computer until the user buys the advertised anti-virus software. Unfortunately, that software often mimics legitimate security software but is useless in the best case, and frequently is itself malware.
Personal information attacks are accomplished through an activity called phishing.
Phishing is an attempt to trick a user into revealing personal information to an attacker so that they can impersonate the user.
For example, the attacker will send an email that appears to be from the user’s bank, commonly used internet purchasing sites such as Amazon and eBay, or even from a corporation’s CEO. The message asks the user to log in to verify a transaction or to verify a username and password.
Clicking a link that appears in a phishing email will open a website that looks very similar to the website belonging to the institution that the phishing email is trying to impersonate. Gullible users will type in their credentials for the site and, by doing so, give away valuable information.
Never respond to such an email request and never click links contained therein. Banks or financial institutions―indeed, any reputable Internet merchant―would never send an email asking for such actions.
If you are the subject of a phishing attack, contact the institution being impersonated by an attacker and report the incident immediately so that they can investigate.
Most email software, such as Microsoft Outlook, monitors for phishing activity and moves suspicious email to a non-functional folder called “Junk Email.” The email is quarantined and isolated from the rest of the computer system and is not actionable as long as it remains in the Junk email folder. Be wary of moving email out of the Junk email folder. Doing so takes it out of quarantine.
Hoaxes are attempts to convince a user of something that is not true. They usually come in the form of an email. Some hoaxes ask users to send money to someone in another part of the world. Others ask users to contribute to find missing children.
In some cases, emails requesting funds for missing children are valid, but in most cases they are not. Unfortunately, there are always stories of people who respond to email requests for money from another part of the world and are scammed out of their money. For example, an email may read “Send us $10,000 and we’ll send you $50,000.” It may be hard to believe, but people do fall prey to these types of scams. If these types of attacks were not successful, they would cease to exist.
If an email appears to be a hoax, use a search engine to determine whether the email’s message is real. For example, if the subject line of the email contains, “Missing Child” in some city, enter the text of the subject line in a search engine, adding the word “hoax” to the end. The search results will usually indicate whether the email is a hoax.
It is important to use trusted Internet sites to detect hoaxes. Therefore, when running a search, look for results from reputable sites. Snopes and Urban Legends Online are two such sites. They display an image of the email on their site and share whether their investigation reveals it to be a hoax.
Never forward email chain letters, which are typically hoaxes, without verifying their source and identifying them as true.
This concludes lecture b of Security and Privacy. In summary, this lecture
Explored the common methods of attack used by computer hackers
Described common types of malware
And explained social engineering methods used by cybercriminals