Upload
victer-paul
View
234
Download
0
Embed Size (px)
Citation preview
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 1/17
Network Security Threats –
Malware
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 2/17
By.
P. Victer Paul
Dear,
We planned to share our eBooks and project/seminar contentsfor free to all needed friends like u.. To get to know about morefree computerscience ebooks and technology advancements in
computer science. Please visit....
http://free-computerscience-ebooks.blogspot.com/
http://recent-computer-technology.blogspot.com/
http://computertechnologiesebooks.blogspot.com/
Please to keep provide many eBooks and technology news forFREE. Encourage us by Clicking on the advertisement in theseBlog.
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 3/17
Computer security
refers to the security of computers against intruders(e.g., hackers) and malicious software (e.g., viruses).
Threat - A potential for violation of security, which
exists when there is a circumstance, capability,action, or event that could breach security and causeharm.
Attack - An assault on system security that derives
from an intelligent threat
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 4/17
Network Security
refers to security against attacks which are oftenmaliciously used to consume and destroy the resourcesof a network.
also cryptographic algorithms in network protocols andnetwork applications.
Types of Network Threats
• logic attacks
Logic attacks are known to exploit existing software bugs andvulnerabilities with the intent of crashing a system
• resource attacks. Resource attacks are intended to overwhelm critical system resources
such as CPU and RAM
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 5/17
What is Malware?
a contraction of "malicious software"
refers to software developed for the purpose of doing
harm.
Malware can be classified based on how they get
executed, how they spread, and/or what they do.
Malware is not a virus. In fact, it consists of viruses,
worms, Trojan horses, adware, rootkits and manyother nasty infections.
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 6/17
Types of Malware
Viruses• Viruses work and spread by attaching themselves to other
pieces of software such that during the execution of theprogram the viral code is executed.
• corrupts and modifies system files on your computer tocause damage
• distributed through various storage mediums such as a flashdrive
Worms
• worms are stand-alone software and does not have to attachitself to a program in your system like a computer virus
• damage to the computer network by causing increased bandwidth
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 7/17
Types of Malware
Trojan Horses
• Similar to the mythical wooden horse used by the Greeks to
invade Troy.
• the Trojan horse is a very deceptive program that appearsharmless but is actually one of the most dangerous types of
malware.
• may arrive as a friendly email attachment or present itself
as a useful application on a website• does not have the ability to self replicate but to deliver
destructive payloads and unload viruses, worms or spyware
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 8/17
Types of Malware Spyware
• a sneaky program that tracks and reports your computingactivity without consent.
• such as browsing patterns in the more benign case or creditcard numbers in more serious ones.
• usually comes bundled with free software andautomatically installs itself with the program you intendedto use.
Rootkits• a single program or collection of programs designed to take
complete control of a system.• gives hacker all the abilities of a system administrator from
a remote location.
• Often used to attack other machines, distribute spam orsteal passwords.
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 9/17
Types of Malware
Backdoor• a piece of software that allows access to the computer
system bypassing the normal authentication procedures.
• on how they work and spread there are two groups,
works much like a Trojan, i.e., they are manually insertedinto another piece of software, executed via their host
software.
works more like a Worm i.e., they are standalone and get
executed as part of the boot process Adware
• which is essentially add-supported software that has the
ability to track your activity.
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 10/17
How To Tell If Malware HasEntered Your PC
You start seeing an excessive amount of pop-up ads.
Your PC's operating system slows down significantly.
The amount of spam you receive in your email increases.
Your email account may send out messages to your contact listthat you did not send. Sometimes it contains pornographicmaterial or even a Trojan or worm.
The home page you have set in your browser is altered.
When you try to access a web page in your favorites list,
another web page appears that contains advertising or contentthat encourages you to enter your personal information.
Your computer completely crashes.
You are unable to access your antivirus program to remove themalware.
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 11/17
Example virus - 1
A Virus program to delete contents of ‘C’ drive.
Simple virus cant detected by any antivirus....
• @Echo off
Del C:\ *.* |y
And save that as .bat not .txt and RUN IT. It will
delete the content of C:\ drive...
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 12/17
Example virus - 2
A Virus Program to Disable USB Ports.
to create a simple virus that disables/blocks the USB
ports on the computer (PC).
C programming language is used to create the virus.
It contains the following two files,
• block_usb.c (source code)
• unblock_usb.c (source code)
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 13/17
Example viruses - 3
Space Eater
• using C programming language
• hen executed will eat up the hard disk space on the
root drive of the computer on which it is run.
• works pretty quickly and is capable of eating up
approximately 1 GB of hard disk space for every
minute it is run.• What type of Malware is this????
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 14/17
Space Eater Trojan
The algorithm of the Trojan is as follows
1. Search for the root drive
2. Navigate to WindowsSystem32 on the root drive
3. Create the file named “spceshot.dll”
4. Start dumping the junk data onto the above file and keepincreasing it’s size until the drive is full
5. Once the drive is full, stop the process.
not be able to clean up the hard disk space
because the Trojan intelligently creates a huge file in theWindowsSystem32 folder with the .dll extension.
it is often ignored by disk cleanup softwares. there is now wayto recover the hard disk space unless reformatting his drive.
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 15/17
How to compile, test and remove thedamage of Space Eater?
Testing:
• To test the Trojan, just run the SpaceEater.exe file onyour computer. It’ll generate a warning message at thebeginning. Once you accept it, the Trojan runs and eats up
hard disk space. How to remove the Damage and free up the space?
• To remove the damage and free up the space, just type thefollowing in the “run” dialog box.
• %systemroot%system32 • Now search for the file “spceshot.dll“. Just delete it and
you’re done. No need to re-format the hard disk. NOTE: You can also change the ICON of the virus to make it look like a
legitimate program.
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 16/17
How does anti-virus software work?
An anti-virus software program is a computer program that
can be used to scan files to identify and eliminate computer
viruses and other malicious software.
Anti-virus software typically uses two different techniques to
accomplish this:
• Dictionary based - Examining files to look for known
viruses by means of a virus dictionary
• Suspicious behavior based - Identifying suspicious
behavior from any computer program which might indicate
infection
8/3/2019 22- Network Security Threats – Malware
http://slidepdf.com/reader/full/22-network-security-threats-malware 17/17
Thank u