CS283 - Lecture 6 - Part 5 - Additional Topics - Malware

CS283 - Lecture 6 - Part 5 - Additional Topics - Malware -...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
12/05/09 CS283- 172/Fall06/GWU/Vora/Identity GWU CS 172/283 Autumn 2009 Draws extensively from Memon’s notes, Brooklyn Poly And Pfleeger text, Chapter 3 Lecture 6 Part 5 - Additional Topics – Malware
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Program Security Secure Programs: behave as expected Unexpected behavior is a “program security flaw” Happens because of an existing “vulnerability” IEEE Terminology Human error Fault (incorrect code, internal, professional’s view) Failure (incorrect system behavior; external, user’s/lay person’s view) GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 5 - Rev 20091117
Background image of page 2
3 Patching One way of addressing faults: test, discover faults, patch them Problems: No guarantee all faults are found No guarantee the patch does not add another fault Time pressure leads to hurried patches Because the entire system cannot be redesigned, there’s a limit to how much a single patch can fix because it is constrained not to affect the rest of the system (for example, a definition of a variable that is passed on to several different modules, but creates a fault only in one) System performance provides pragmatic limits GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 5 - Rev 20091117
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Faults will always exist A result of Human error Complexity of the system The study of security finds more possibilities for flaws while software engineering proceeds to find new software development/production techniques i.e. neither field is done with what they are doing, so that that the other can be expected to address it completely. Non-malicious and malicious faults GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 5 - Rev 20091117
Background image of page 4
5 Malicious Logic Pfleeger definition: “ Hardware, software, or firmware capable of performing an unauthorized function on an information system. NSTISSI 4009 Bishop definition: “ a set of instructions that cause a site’s policy to be violated Also known as malicious code or malware Unintentionally faulty code can cause the same/similar effects GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 5 - Rev 20091117
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Types of malicious logic (existing since at least 1970) Trojan Horses Bishop definition: “a program with an overt (documented or known) effect and a covert (undocumented or unexpected) effect A Propagating/replicating Trojan Horse: one that creates a copy of itself Might modify the compiler to insert itself into programs, including future versions of the compiler GWU CS 172/283 - Autumn 2009 Holmblad - Lecture 06 – Part 5 - Rev 20091117
Background image of page 6
7 Types of malicious logic (existing since at least 1970) Virus (Vital Information Resources Under Siege ) Type of Trojan Horse: propagates freely Bishop definition: “a program that inserts itself into one or more files and then performs some (possibly null) action” Self replicating code, parasitic (attaches to “good”
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This document was uploaded on 12/05/2009.

Page1 / 45

CS283 - Lecture 6 - Part 5 - Additional Topics - Malware -...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online