Monitoring history and content of browsing activity i

This preview shows page 31 - 36 out of 36 pages.

Monitoring history and content of browsing activity I Redirecting certain Web page requests to fake sites I Dynamically modifying data exchanged between the browser and certain Web sites of interest
Image of page 31

Subscribe to view the full document.

Payload – Information Theft: Phishing I Exploits social engineering to leverage the user’s trust by masquerading as communication from a trusted source I Include a URL in a spam e-mail that links to a fake Web site that mimics the login page of a banking, gaming, or similar site I Suggests that urgent action is required by the user to authenticate their account I Attacker exploits the account using the captured credentials I Spear-phishing I Recipients are carefully researched by the attacker I E-mail is crafted to specifically suit its recipient, often quoting a range of information to convince them of its authenticity
Image of page 32
Payload – Stealthing: Backdoor I Also known as a trapdoor I Secret entry point into a program allowing the attacker to gain access and bypass the security access procedures I Maintenance hook is a backdoor used by programmers to debug and test programs I Difficult to implement operating system controls for backdoors in applications
Image of page 33

Subscribe to view the full document.

Payload – Stealthing Rootkit I Set of hidden programs installed on a system to maintain covert access to that system I Hides by subverting the mechanisms that monitor and report on the processes, files, and registries on a computer I Gives administrator (or root) privileges to attacker I Can add or change programs and files, monitor processes, send and receive network traffic, and get backdoor access on demand
Image of page 34
Payload – Currently Popular I Crypto-mining I Ransomware
Image of page 35

Subscribe to view the full document.

Summary I Types of malicious software (malware) I Terminology for malicious software I Viruses – infected content I Infection mechanism, trigger, payload I Dormant, propagation, triggering, and execution phases I Boot sector infector, file infector, macro virus, and multipartite virus I Encrypted, stealth, polymorphic, and metamorphic viruses I Worms – vulnerability exploit I Replicates via remote systems I E-mail, file sharing, remote execution, remote file access, remote login capability I Scanning/fingerprinting I Spam e-mail/trojans – social engineering Payload – system corruption Data destruction, real world damage Ransomware, logic bomb Payload – attack agent Bots Remote control facility Payload – information theft Credential theft, keyloggers, spyware Phishing, identity theft Payload – stealthing Backdoor/trapdoor Rootkit Kernel mode rootkits Virtual machine/external rootkits
Image of page 36
  • Spring '18
  • Computer virus

{[ snackBarMessage ]}

Get FREE access by uploading your study materials

Upload your study materials now and get free access to over 25 million documents.

Upload now for FREE access Or pay now for instant access
Christopher Reinemann
"Before using Course Hero my grade was at 78%. By the end of the semester my grade was at 90%. I could not have done it without all the class material I found."
— Christopher R., University of Rhode Island '15, Course Hero Intern

Ask a question for free

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern