Cryptography presentation
Download as PPTX, PDF0 likes33 views
This document defines and describes different types of malicious software programs. It begins by defining a malicious program as a set of instructions that runs on a computer without the user's consent to perform unauthorized actions. It then categorizes malicious programs into those that need a host program and those that are independent. Specific types of malicious programs discussed include trap doors, logic bombs, Trojan horses, zombies, viruses, and worms. For each type, details are provided about how they function, spread, and the harm they can cause systems.
Cryptography presentation
- 1. K.M Riajul Islam 1 University of Rajshahi
- 3. Malicious Program? 3 • A Malicious Program is a set of instructions that run on your computer and make your system do something that an attacker wants to do.
- 4. Taxonomy of Malicious Programs 4 Malicious Programs Needs host program Independent Trap door Logic bombs Trojan horse Viruses Worm Zombie Replicate
- 5. Trap Doors • Single entry point into a program. • Allows those who know access bypassing usual security procedures. • Have been commonly used by developers. • The backdoor is code that recognizes some special sequence of input or is triggered by being run from a certain user ID or by an unlikely sequence of events. • Backdoors become threats when unscrupulous programmers use them to gain unauthorized access.
- 6. Logic Bomb • One of oldest types of malicious software. • Code embedded in legitimate program. • Activated when specified conditions met. • Presence/absence of some file. • Particular date/time. • Particular user. • When triggered typically damage system. • Modify/delete files/disks, halt machine etc.
- 7. Trojan Horse • Program with hidden side-effects. • Which is usually superficially attractive. • For example, game, s/w upgrade etc. • When run performs some additional tasks. • Allows attacker to indirectly gain access which they do not have directly. • Often used to propagate a virus/worm or to install a backdoor. • Or simply to destroy data.
- 8. Zombie • Program which secretly takes over another networked computer. • Then uses it to indirectly launch attacks. • Often used to launch distributed denial of service (DDoS) attacks. • Exploits known flaws in network systems.
- 9. Virus • A virus is a program that can infect other programs by modifying them. • A computer virus carries in its instructional code the recipe for making perfect copies of itself like biological virus. • Lodged in a host computer, the typical virus takes temporary control of the computer’s disk operating system. • Whenever the infected computer comes into contact with an uninfected piece of software, a fresh copy of the virus passes into the new program.
- 10. Phases of Virus Lifetime • The virus is idle and waiting Dormant • The virus places a copy of itself into other programs Propagation • Virus is activated to perform function for which it was intended Trigger • Virus function is performed Execution
- 11. Types of Virus • Parasitic virus: Attaches itself to executable files and replicates when the infected program is executed. • Memory-resident virus: Resides in main memory as part of a resident system program. This virus infects every program that executes. • Boot-sector virus: Infects a master boot record or boot record and spreads when a system is booted from the disk containing virus. • Stealth virus: A form of virus that hides itself from detection by antivirus software. • Polymorphic virus: A virus that mutates with every infection, making detection by the “signature: of the virus impossible
- 12. Worms A worm is a program that can replicate itself and send copies from computer to computer across network connections but not infecting program. Can run independently. Self replicating – usually very quickly. Usually performs some unwanted function. Actively seeks out more machines to infect.
- 13. Network Vehicles of Worms Electronic mail facility A worm mails a copy of itself to another systems. Remote execution capability A worm executes a copy of itself on another system remotely. Remote login capability Logs onto a remote system as a user and then uses commands to copy itself from one system to the other.
- 14. Thank You 14
Editor's Notes
- #2: AA. This is SM. I welcome all of you for being here.
- #3: Today my presentation topic is about Malicious Software. This is a chapter from CANSPP book written by William stallings.
- #4: Now lets see the first topic …what is malicious program?
- #6: A backdoor, or trapdoor, is a secret entry point into a program that allows someone that is aware of it to gain access without going through the usual security access procedures. Have been used legitimately for many years to debug and test programs, but become a threat when left in production programs, allowing intruders to gain unauthorized access. It is difficult to implement operating system controls for backdoors. Security measures must focus on the program development and software update activities.
- #7: legal
- #8: A Trojan horse is a useful, or apparently useful, program or command procedure containing hidden code that, when invoked, performs some unwanted or harmful function.