Attacks on Desktop Computers - Introduction to Computer Security - Lecture Slides, Slides of Computer Security

The major points which are very useful in understanding the concept of the computer security are:Attacks on Desktop Computers, Malicious Code, Hardware Attacks, Taxonomy of Flaws, Location, Time, Genesis, System, Program Flaws, Intentional

Typology: Slides

2012/2013

Uploaded on 04/22/2013

satheesh
satheesh 🇮🇳

4.5

(11)

85 documents

1 / 28

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Attacks on Desktop Computers:
Malicious Code
Hardware attacks
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c

Partial preview of the text

Download Attacks on Desktop Computers - Introduction to Computer Security - Lecture Slides and more Slides Computer Security in PDF only on Docsity!

Attacks on Desktop Computers:

Malicious Code Hardware attacks

Program Flaws

Taxonomy of flaws:

  • how (genesis)
  • when (time)
  • where (location)

the flaw was introduced into the system

Kinds of Malicious Codes

  • Virus : a program that attaches copies of itself into other programs. Propagates and performs some unwanted function.
  • Rabbit (Bacteria) : program that consumes system resources by replicating itself.

Kinds of Malicious Code

  • Worm : a program that propagates copies of itself through the network. Usually performs some unwanted function. - Does not attach to other programs
  • Trojan Horse : secret, undocumented routine embedded within a useful program. Execution of the program results in execution of secret code.

Kinds of Malicious Code

  • Rootkits : aims to hide the presence of itself and other malicious code on the computer by corrupting detection capabilities. Usually limited to the corrupted computer.
  • Zombies and Botnets : computers under the control of a remote entity. Attackers goals: spreading virus, attacking internet communications, stealing personal data, manipulating online polls, DOS.

Virus

Virus lifecycle:

1. Dormant phase : the virus is idle. (not all viruses have this stage) 2. Propagation phase : the virus places an identical copy of itself into other programs of into certain system areas. 3. Triggering phase : the virus is activated to perform the function for which it was created. 4. Execution phase : the function is performed. The function may be harmless or damaging.

Virus Types

  • Boot Sector Viruses :
    • Infects the boot record and spreads when system is booted.
    • Gains control of machine before the virus detection tools.
    • Very hard to notice
    • Carrier files: AUTOEXEC.BAT, CONFIG.SYS,IO.SYS

Virus Types

  • Stealth virus : a form of virus explicitly designed to hide from detection by antivirus software.
  • Polymorphic virus : a virus that mutates with every infection making detection by the “signature” of the virus difficult.

How Viruses Append

Original program

virus Original program

Virus-

Virus surrounding a program

Virus-

How Viruses Append

Original program

virus

Original program

Virus-

Virus integrated into program

Virus-

Virus- Virus-

Virus Signatures

  • Storage pattern
    • Code always located on a specific address
    • Increased file size
  • Execution pattern
  • Transmission pattern
  • Polymorphic Viruses

Antivirus Approaches

  • Detection : determine infection and locate the virus.
  • Identification : identify the specific virus.
  • Removal : remove the virus from all infected systems, so the disease cannot spread further.
  • Recovery : restore the system to its original state.

Worm

  • Self-replicating (like virus)
  • Objective: system penetration (intruder)
  • Phases: dormant, propagation, triggering, and execution
  • Propagation:
    • Searches for other systems to infect (e.g., host tables)
    • Establishes connection with remote system
    • Copies itself to remote system
    • Execute

Hardware Attacks

  • Basic Input/Output System (BIOS)
  • USB Devices
  • Cell Phones
  • Physical Theft