15 - Lecture #15 SS G513 Network Security Cryptography and...

Info iconThis preview shows pages 1–14. Sign up to view the full content.

View Full Document Right Arrow Icon
Lecture #15 SS G513 Network Security
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown
Background image of page 2
Chapter 19 – Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature: Awaiting the blow. On War, Carl Von Clausewitz
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Viruses and Other Malicious Content computer viruses have got a lot of publicity one of a family of malicious software effects usually obvious have figured in news reports, fiction, movies (often exaggerated) getting more attention than deserve are a concern though
Background image of page 4
Malicious Software
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Trapdoors secret entry point into a program allows those who know access bypassing usual security procedures have been commonly used by developers a threat when left in production programs allowing exploited by attackers very hard to block in O/S requires good s/w development & update
Background image of page 6
Logic Bomb one of oldest types of malicious software code embedded in legitimate program activated when specified conditions met eg presence/absence of some file particular date/time particular user when triggered typically damage system modify/delete files/disks
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Trojan Horse program with hidden side-effects which is usually superficially attractive eg game, s/w upgrade etc when run performs some additional tasks allows attacker to indirectly gain access they do not have directly often used to propagate a virus/worm or install a backdoor or simply to destroy data
Background image of page 8
Zombie program which secretly takes over another networked computer then uses it to indirectly launch attacks often used to launch distributed denial of service (DDoS) attacks exploits known flaws in network systems
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Viruses a piece of self-replicating code attached to some other code cf biological virus carries code to make copies of itself as well as code to perform some covert task
Background image of page 10
Virus Operation virus phases: dormant – waiting on trigger event propagation – replicating to programs/disks triggering – by event to execute payload execution – of payload details usually machine/OS specific exploiting features/weaknesses
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Virus Structure program V := {goto main; 1234567; subroutine infect-executable := {loop: file := get-random-executable-file; if (first-line-of-file = 1234567) then goto loop else prepend V to file; } subroutine do-damage := {whatever damage is to be done} subroutine trigger-pulled := {return true if some condition holds} main: main-program := {infect-executable; if trigger-pulled then do-damage; goto next;} next: }
Background image of page 12
Types of Viruses can classify on basis of how they attack parasitic virus memory-resident virus boot sector virus stealth polymorphic virus macro virus
Background image of page 13

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 14
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 49

15 - Lecture #15 SS G513 Network Security Cryptography and...

This preview shows document pages 1 - 14. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online