SlideShare uma empresa Scribd logo

Program and System Threats

Transferir como PPTX, PDF
Reddhi Basu
Reddhi Basu
EducaçãoTecnologia
1 de 35
- Reddhi Sekhar Basu(559) PROGRAM AND SYSTEM THREATS
Trojan Horse  A Trojan horse is a code segment that misuses its environment.  A Trojan, is a type of malware that masquerades as a legitimate file or helpful program possibly with the purpose of granting a hacker unauthorized access to a computer.  According to a survey conducted by BitDefender from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world."
Trojan Horse • Long search paths, such as are common on UNIX systems, exacerbate the Trojan horse problem. For instance, the use of “.” character in a search path, tells the shell to include the current directory in the search. So, if an user A has “.” in his search path, has set his current directory to user B’s directory, and enters a normal system command, the command would be executed from user B’s directory instead. The program would run on user B’s domain, allowing the program to do anything that the user is allowed to do, including deleting files.
Popular Trojan Horses • Netbus • Subseven or Sub7 • Y3K Remote Administration Tool • Back Orifice • Beast • Zeus • The Blachhole Exploit Kit • Flashback Trojan
Login Emulator An unsuspecting user logs in at a terminal and notices that he has apparently mistyped his password. He tries again and is successful. What has happened is that his authentication key and password have been stolen by the login emulator that was left running on the terminal by the thief. The emulator stored away the password, printed out a login error message, and exited; the user was then provided with a genuine login prompt.
A Trojan may give a hacker remote access to a targeted computer system. Operations that could be performed by a hacker on a targeted computer system may include: – Use of the machine as part of a botnet (e.g. to perform automated spamming or to distribute Denial-of-Service attacks) – Electronic Money theft – Data Theft(e.g. retrieving passwords or credit card information) – Installation of software, including third-party malware – Downloading or uploading of files on the user's computer – Modification deletion of files – Crashing the Computer – Anonymizing Internet Viewing
Trapdoor • Trap Door is a type of security breach where the designer of a program or a system leaves a hole in the software that only he is capable of using. • A Trap Door is a secret entry point into a program that allows someone to gain access without normal methods of access authentication.
Example of a trapdoor Programmers have been arrested for embezzling from banks by including rounding errors in heir code, and having the occasional half cents credited to their accounts. This account crediting can add up to a large sum of money, considering the number of transactions that a large bank executes.
Trapdoors • Trapdoors can be included in the compiler as well. The compiler could generate standard object code as well as a trapdoor, regardless of the source code being compiled. • Trapdoors pose a difficult problem since to detect them we have to analyze all the source code for all components of a system.
Stack and Buffer Overflow • Stack or buffer overflow is the most common way for an attacker outside of the system, on a network or dial-up connection to gain unauthorized access to the target system. This be used by the unauthorised user for privilege escalation. • Buffer overflow attacks are especially pernicious as it can be run within a system and travel over allowed communications channels. They can even bypass the security added by firewalls.
• The attacker exploits a bug in the program. The bug can be a simple case of poor programming, in which the programmer neglected to code bounds checking on an input field. In this case, the attacker sends more data than the program was expecting. Using trial and error, or by examination of the source code of the attacked program if it is available, the attacker determines the vulnerability and writes a program to do the following: 1. Overflow an input field, command line argument, of input buffer until it writes into the stack. 2. Overwrite the current return address on the stack with the address of the exploit code loaded in the next step. 3. Write a simple setoff code for the next space in the stack that includes the commands that the attacker wishes to execute (e.g. spawn a shell)
Worm • A worm is a process that uses the spawn mechanism to clobber system performance. • The worm spawns copies of itself, using up system resources and perhaps locking out system use by all other processes.
Worms Spread  independently of human action  usually by utilizing a security hole in a piece of software  by scanning a network for another machine that has a specific security hole and copies itself to the new machine using the security hole
Morris Worm • Robert Tappan Morris is an American computer scientist, best known for creating the Morris Worm in 1988, considered the first computer worm on Internet - and subsequently becoming the first person convicted under Computer Fraud and Abuse Act.
Morris Worm Disk containing the source code for the Morris Worm held at the Boston Museum of Science
Working of the Morris Worm
Morris Worm  Once in place, the main program undertook systematic attempts to discover user passwords. This happened in 3 stages: 1. Trying simple cases of no passwords or passwords constructed of account user name combinations. 2. Using comparisons with an internal dictionary of 432 password choices. 3. Trying each word in the online UNIX dictionary This elaborate and efficient 3-stage password cracking algorithm enabled the worm to gain further access to other user accounts on the infected system.  With each new access the worm searched for already active copies of itself. If it found one the new copy exited except for every seventh instance.
Computer Viruses A virus is a fragment of code embedded in a legitimate program unlike a worm which is structured as a complete, standalone program.
Spread of Viruses • Viruses are spread by users downloading viral programs from public bulletin boards or exchanging disks containing an infection. • Exchange of Microsoft Office documents are a common form of virus transmission these days because these documents contain so-called macros which are Visual Basic programs.
Classification of Viruses NON-RESIDENT VIRUSES • Non-resident viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file. RESIDENT VIRUSES • The virus loads the replication module into memory when it is executed instead and ensures that this module is executed each time the operating system is called to perform a certain operation.
Classification (contd.) POLYMORPHIC VIRUS • Change virus’s signature each time. • It’s designed to avoid detection by antivirus software. • It acts like a chameleon. STEALTH VIRUS • It use some tactics to avoid detection such as altering its file size, concealing itself in memory, and Modifies parts of the system that can be used to detect it.
Creeper Virus The Creeper virus was first detected on ARPANET. Creeper was an experimental selfreplicating program written by Bob Thomas at BBN Technologies in 1971. Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.
Michelangelo Virus On March 6, 1992, the 517th birthday of Michelangelo, the Michelangelo virus was scheduled to erase infected hard disk files. But because of the extensive popularity surrounding the virus, most sites had detected and destroyed the virus before it was activated, so it caused little or no damage.
Love Bug Virus • In 2000, the Love Bug became very widespread. It appeared to be a love note sent by the friend of the receiver. Once invoked, by opening the Virtual Basic script, it propagated by sending itself to the first users in user’s email contact list. It just clogged user’s inbox and email systems, but was relatively harmless.
Protection against Viruses • The problem of viruses can be dealt with by using antivirus software. They work by searching all the programs on a system for the specific pattern of instructions known to make up a virus. When they find a known pattern, they remove the instructions, disinfecting the program. • The best protection against virus is the method of safe computing : purchasing unopened software from vendor and avoiding free or pirated copies from public sources or disk exchange.
Worms v/s Viruses WORMS  rely little or not at all on humans to spread VIRUSES  dependent upon a host file  spread across a network  need the help of humans to spread  spread rapidly  take a while to spread
Denial of Service  Denial of service does not involve stealing of resources or gaining information, but rather disabling legitimate use of a system or facilty.  It is easier than breaking into a machine.  They are network based.  They fall into 2 categories: 1. An attack that uses so many facility resources that, in essence, no work can be done.  2. An attack that disrupts the network facility of the computer.  It is impossible to prevent Denial of Service attacks. Frequently it is difficult to determine if a system slowdown is due to surge in use or an attack.
ANY QUESTIONS ?

Recomendados

Password sniffing
Password sniffingPassword sniffing
Password sniffingSRIMCA
 
Program Threats
Program ThreatsProgram Threats
Program Threatsguestab0ee0
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identificationsandeep shergill
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer SecurityDamian T. Gordon
 
Computer worms viruses and Prevention
Computer worms viruses and PreventionComputer worms viruses and Prevention
Computer worms viruses and PreventionPratimesh Pathak
 
CSI-503 - 11.Distributed Operating System
CSI-503 - 11.Distributed Operating SystemCSI-503 - 11.Distributed Operating System
CSI-503 - 11.Distributed Operating Systemghayour abbas
 
Malicious software
Malicious softwareMalicious software
Malicious softwaremsdeepika
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 

Recomendados

Password sniffing
Password sniffingPassword sniffing
Password sniffingSRIMCA
 
Program Threats
Program ThreatsProgram Threats
Program Threatsguestab0ee0
 
Malicious Software Identification
Malicious Software IdentificationMalicious Software Identification
Malicious Software Identificationsandeep shergill
 
Operating Systems: Computer Security
Operating Systems: Computer SecurityOperating Systems: Computer Security
Operating Systems: Computer SecurityDamian T. Gordon
 
Computer worms viruses and Prevention
Computer worms viruses and PreventionComputer worms viruses and Prevention
Computer worms viruses and PreventionPratimesh Pathak
 
CSI-503 - 11.Distributed Operating System
CSI-503 - 11.Distributed Operating SystemCSI-503 - 11.Distributed Operating System
CSI-503 - 11.Distributed Operating Systemghayour abbas
 
Malicious software
Malicious softwareMalicious software
Malicious softwaremsdeepika
 
Introduction To Computer Security
Introduction To Computer SecurityIntroduction To Computer Security
Introduction To Computer SecurityVibrant Event
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Malicious
MaliciousMalicious
MaliciousKhyati Rajput
 
Program security
Program securityProgram security
Program securityG Prachi
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
Ransomware
RansomwareRansomware
RansomwareAkshita Pillai
 
Computer Virus ppt.pptx
Computer Virus ppt.pptxComputer Virus ppt.pptx
Computer Virus ppt.pptxPragatiKachhi1
 
Fragmentaton
Fragmentaton Fragmentaton
Fragmentaton sanjana mun
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
CyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurityCyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurityHome
 
Concurrent programming
Concurrent programmingConcurrent programming
Concurrent programmingRahul Singh
 
spyware
spywarespyware
spywareNamanKikani
 
Ransomware
RansomwareRansomware
RansomwareChaitali Sharma
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks Anuradha Moti T
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 
Malware
MalwareMalware
MalwareAnoushka Srivastava
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Spyware
SpywareSpyware
SpywareKardan university, kabul , Afghanistan
 
Treatment sheet
Treatment sheetTreatment sheet
Treatment sheetAdam Skinner
 
system Security
system Security system Security
system Security Gaurav Mishra
 

Mais conteúdo relacionado

Mais procurados

Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Program security
Program securityProgram security
Program securityG Prachi
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber securitySelf-employed
 
Computer Virus ppt.pptx
Computer Virus ppt.pptxComputer Virus ppt.pptx
Computer Virus ppt.pptxPragatiKachhi1
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-MalwareArpit Mittal
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virussumitra22
 
CyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurityCyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurityHome
 
Concurrent programming
Concurrent programmingConcurrent programming
Concurrent programmingRahul Singh
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasuresNoushin Ahson
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 

Mais procurados (20)

Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Malicious
MaliciousMalicious
Malicious
 
Program security
Program securityProgram security
Program security
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
Ransomware
RansomwareRansomware
Ransomware
 
Computer Virus ppt.pptx
Computer Virus ppt.pptxComputer Virus ppt.pptx
Computer Virus ppt.pptx
 
Fragmentaton
Fragmentaton Fragmentaton
Fragmentaton
 
Malware & Anti-Malware
Malware & Anti-MalwareMalware & Anti-Malware
Malware & Anti-Malware
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Torjan horse virus
Torjan horse virusTorjan horse virus
Torjan horse virus
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
CyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurityCyberSecurity and Importance of cybersecurity
CyberSecurity and Importance of cybersecurity
 
Concurrent programming
Concurrent programmingConcurrent programming
Concurrent programming
 
spyware
spywarespyware
spyware
 
Ransomware
RansomwareRansomware
Ransomware
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks
 
Common malware and countermeasures
Common malware and countermeasuresCommon malware and countermeasures
Common malware and countermeasures
 
Malware
MalwareMalware
Malware
 
Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptx
 
Spyware
SpywareSpyware
Spyware
 

Destaque

National parks of india
National parks of indiaNational parks of india
National parks of indiaGaurav Mishra
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksjayussuryawan
 
Advanced cfg bypass on adobe flash player 18 defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23Advanced cfg bypass on adobe flash player 18 defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23DefconRussia
 
Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11BarrBoy
 
Threats To The System
Threats To The SystemThreats To The System
Threats To The SystemSteven Cahill
 
COMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMCOMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMfaraz hussain
 
Operating system security
Operating system securityOperating system security
Operating system securityRachel Jeewa
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5AfiqEfendy Zaen
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating Systemsohaildanish
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating systemAbou Bakr Ashraf
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)ainizbahari97
 
Enabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using VirtualizationEnabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using Virtualizationamiable_indian
 

Destaque (17)

Treatment sheet
Treatment sheetTreatment sheet
Treatment sheet
 
system Security
system Security system Security
system Security
 
National parks of india
National parks of indiaNational parks of india
National parks of india
 
Chapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networksChapter 3 security part i auditing operating systems and networks
Chapter 3 security part i auditing operating systems and networks
 
Advanced cfg bypass on adobe flash player 18 defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23Advanced cfg bypass on adobe flash player 18 defcon russia 23
Advanced cfg bypass on adobe flash player 18 defcon russia 23
 
Writing For The Web
Writing For The WebWriting For The Web
Writing For The Web
 
Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11Understanding operating systems 5th ed ch11
Understanding operating systems 5th ed ch11
 
Threats To The System
Threats To The SystemThreats To The System
Threats To The System
 
Chapter 14 - Protection
Chapter 14 - ProtectionChapter 14 - Protection
Chapter 14 - Protection
 
COMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEMCOMPUTER SECURITY AND OPERATING SYSTEM
COMPUTER SECURITY AND OPERATING SYSTEM
 
Operating system security
Operating system securityOperating system security
Operating system security
 
Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5Virus and Malicious Code Chapter 5
Virus and Malicious Code Chapter 5
 
System protection in Operating System
System protection in Operating SystemSystem protection in Operating System
System protection in Operating System
 
Ch02 System Threats and Risks
Ch02 System Threats and RisksCh02 System Threats and Risks
Ch02 System Threats and Risks
 
Security & protection in operating system
Security & protection in operating systemSecurity & protection in operating system
Security & protection in operating system
 
Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)Computer virus (Microsoft Powerpoint)
Computer virus (Microsoft Powerpoint)
 
Enabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using VirtualizationEnabling Worm and Malware Investigation Using Virtualization
Enabling Worm and Malware Investigation Using Virtualization
 

Semelhante a Program and System Threats

Security and ethics
Security and ethicsSecurity and ethics
Security and ethicsArgie242424
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9koolkampus
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network SecurityDushyant Singh
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilitiesricharddxd
 
Computer virus
Computer virusComputer virus
Computer virussajeena81
 
Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & preventionKhaleel Assadi
 
Presentation2
Presentation2Presentation2
Presentation2Jeslynn
 
presentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxpresentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxAadityaRauniyar1
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkgUmang Gupta
 

Semelhante a Program and System Threats (20)

Mitppt
MitpptMitppt
Mitppt
 
Security and ethics
Security and ethicsSecurity and ethics
Security and ethics
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
Final malacious softwares
Final malacious softwaresFinal malacious softwares
Final malacious softwares
 
Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9Intruders and Viruses in Network Security NS9
Intruders and Viruses in Network Security NS9
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilities
 
Thur Venture
Thur VentureThur Venture
Thur Venture
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Venture name Basics
Venture name BasicsVenture name Basics
Venture name Basics
 
Regression
RegressionRegression
Regression
 
Sangeetha Venture
Sangeetha VentureSangeetha Venture
Sangeetha Venture
 
Computer virus
Computer virusComputer virus
Computer virus
 
Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & prevention
 
Codigo Malicioso
Codigo MaliciosoCodigo Malicioso
Codigo Malicioso
 
Presentation2
Presentation2Presentation2
Presentation2
 
System_security.pptx
System_security.pptxSystem_security.pptx
System_security.pptx
 
presentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptxpresentation_security_1510578971_320573.pptx
presentation_security_1510578971_320573.pptx
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
23 network security threats pkg
23 network security threats pkg23 network security threats pkg
23 network security threats pkg
 

Mais de Reddhi Basu

Exception Handling
Exception HandlingException Handling
Exception HandlingReddhi Basu
 
Software Engineering - Software Models
Software Engineering - Software ModelsSoftware Engineering - Software Models
Software Engineering - Software ModelsReddhi Basu
 
Storage Class Specifiers in C++
Storage Class Specifiers in C++Storage Class Specifiers in C++
Storage Class Specifiers in C++Reddhi Basu
 
Storage Class Specifiers
Storage Class SpecifiersStorage Class Specifiers
Storage Class SpecifiersReddhi Basu
 

Mais de Reddhi Basu (6)

Exception Handling
Exception HandlingException Handling
Exception Handling
 
Software Engineering - Software Models
Software Engineering - Software ModelsSoftware Engineering - Software Models
Software Engineering - Software Models
 
Storage Class Specifiers in C++
Storage Class Specifiers in C++Storage Class Specifiers in C++
Storage Class Specifiers in C++
 
Storage Class Specifiers
Storage Class SpecifiersStorage Class Specifiers
Storage Class Specifiers
 
Big Data
Big DataBig Data
Big Data
 
System Security
System SecuritySystem Security
System Security
 

Último

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 

Último (20)

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 

Program and System Threats

  • 1. - Reddhi Sekhar Basu(559) PROGRAM AND SYSTEM THREATS
  • 2.
  • 3. Trojan Horse  A Trojan horse is a code segment that misuses its environment.  A Trojan, is a type of malware that masquerades as a legitimate file or helpful program possibly with the purpose of granting a hacker unauthorized access to a computer.  According to a survey conducted by BitDefender from January to June 2009, "Trojan-type malware is on the rise, accounting for 83-percent of the global malware detected in the world."
  • 4. Trojan Horse • Long search paths, such as are common on UNIX systems, exacerbate the Trojan horse problem. For instance, the use of “.” character in a search path, tells the shell to include the current directory in the search. So, if an user A has “.” in his search path, has set his current directory to user B’s directory, and enters a normal system command, the command would be executed from user B’s directory instead. The program would run on user B’s domain, allowing the program to do anything that the user is allowed to do, including deleting files.
  • 5. Popular Trojan Horses • Netbus • Subseven or Sub7 • Y3K Remote Administration Tool • Back Orifice • Beast • Zeus • The Blachhole Exploit Kit • Flashback Trojan
  • 6. Login Emulator An unsuspecting user logs in at a terminal and notices that he has apparently mistyped his password. He tries again and is successful. What has happened is that his authentication key and password have been stolen by the login emulator that was left running on the terminal by the thief. The emulator stored away the password, printed out a login error message, and exited; the user was then provided with a genuine login prompt.
  • 7. A Trojan may give a hacker remote access to a targeted computer system. Operations that could be performed by a hacker on a targeted computer system may include: – Use of the machine as part of a botnet (e.g. to perform automated spamming or to distribute Denial-of-Service attacks) – Electronic Money theft – Data Theft(e.g. retrieving passwords or credit card information) – Installation of software, including third-party malware – Downloading or uploading of files on the user's computer – Modification deletion of files – Crashing the Computer – Anonymizing Internet Viewing
  • 8.
  • 9. Trapdoor • Trap Door is a type of security breach where the designer of a program or a system leaves a hole in the software that only he is capable of using. • A Trap Door is a secret entry point into a program that allows someone to gain access without normal methods of access authentication.
  • 10. Example of a trapdoor Programmers have been arrested for embezzling from banks by including rounding errors in heir code, and having the occasional half cents credited to their accounts. This account crediting can add up to a large sum of money, considering the number of transactions that a large bank executes.
  • 11. Trapdoors • Trapdoors can be included in the compiler as well. The compiler could generate standard object code as well as a trapdoor, regardless of the source code being compiled. • Trapdoors pose a difficult problem since to detect them we have to analyze all the source code for all components of a system.
  • 12.
  • 13. Stack and Buffer Overflow • Stack or buffer overflow is the most common way for an attacker outside of the system, on a network or dial-up connection to gain unauthorized access to the target system. This be used by the unauthorised user for privilege escalation. • Buffer overflow attacks are especially pernicious as it can be run within a system and travel over allowed communications channels. They can even bypass the security added by firewalls.
  • 14. • The attacker exploits a bug in the program. The bug can be a simple case of poor programming, in which the programmer neglected to code bounds checking on an input field. In this case, the attacker sends more data than the program was expecting. Using trial and error, or by examination of the source code of the attacked program if it is available, the attacker determines the vulnerability and writes a program to do the following: 1. Overflow an input field, command line argument, of input buffer until it writes into the stack. 2. Overwrite the current return address on the stack with the address of the exploit code loaded in the next step. 3. Write a simple setoff code for the next space in the stack that includes the commands that the attacker wishes to execute (e.g. spawn a shell)
  • 15.
  • 16. Worm • A worm is a process that uses the spawn mechanism to clobber system performance. • The worm spawns copies of itself, using up system resources and perhaps locking out system use by all other processes.
  • 17. Worms Spread  independently of human action  usually by utilizing a security hole in a piece of software  by scanning a network for another machine that has a specific security hole and copies itself to the new machine using the security hole
  • 18. Morris Worm • Robert Tappan Morris is an American computer scientist, best known for creating the Morris Worm in 1988, considered the first computer worm on Internet - and subsequently becoming the first person convicted under Computer Fraud and Abuse Act.
  • 19. Morris Worm Disk containing the source code for the Morris Worm held at the Boston Museum of Science
  • 20. Working of the Morris Worm
  • 21. Morris Worm  Once in place, the main program undertook systematic attempts to discover user passwords. This happened in 3 stages: 1. Trying simple cases of no passwords or passwords constructed of account user name combinations. 2. Using comparisons with an internal dictionary of 432 password choices. 3. Trying each word in the online UNIX dictionary This elaborate and efficient 3-stage password cracking algorithm enabled the worm to gain further access to other user accounts on the infected system.  With each new access the worm searched for already active copies of itself. If it found one the new copy exited except for every seventh instance.
  • 22.
  • 23. Computer Viruses A virus is a fragment of code embedded in a legitimate program unlike a worm which is structured as a complete, standalone program.
  • 24. Spread of Viruses • Viruses are spread by users downloading viral programs from public bulletin boards or exchanging disks containing an infection. • Exchange of Microsoft Office documents are a common form of virus transmission these days because these documents contain so-called macros which are Visual Basic programs.
  • 25. Classification of Viruses NON-RESIDENT VIRUSES • Non-resident viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file. RESIDENT VIRUSES • The virus loads the replication module into memory when it is executed instead and ensures that this module is executed each time the operating system is called to perform a certain operation.
  • 26. Classification (contd.) POLYMORPHIC VIRUS • Change virus’s signature each time. • It’s designed to avoid detection by antivirus software. • It acts like a chameleon. STEALTH VIRUS • It use some tactics to avoid detection such as altering its file size, concealing itself in memory, and Modifies parts of the system that can be used to detect it.
  • 27. Creeper Virus The Creeper virus was first detected on ARPANET. Creeper was an experimental selfreplicating program written by Bob Thomas at BBN Technologies in 1971. Creeper used the ARPANET to infect DEC PDP-10 computers running the TENEX operating system. Creeper gained access via the ARPANET and copied itself to the remote system where the message, "I'm the creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.
  • 28. Michelangelo Virus On March 6, 1992, the 517th birthday of Michelangelo, the Michelangelo virus was scheduled to erase infected hard disk files. But because of the extensive popularity surrounding the virus, most sites had detected and destroyed the virus before it was activated, so it caused little or no damage.
  • 29. Love Bug Virus • In 2000, the Love Bug became very widespread. It appeared to be a love note sent by the friend of the receiver. Once invoked, by opening the Virtual Basic script, it propagated by sending itself to the first users in user’s email contact list. It just clogged user’s inbox and email systems, but was relatively harmless.
  • 30. Protection against Viruses • The problem of viruses can be dealt with by using antivirus software. They work by searching all the programs on a system for the specific pattern of instructions known to make up a virus. When they find a known pattern, they remove the instructions, disinfecting the program. • The best protection against virus is the method of safe computing : purchasing unopened software from vendor and avoiding free or pirated copies from public sources or disk exchange.
  • 31.
  • 32. Worms v/s Viruses WORMS  rely little or not at all on humans to spread VIRUSES  dependent upon a host file  spread across a network  need the help of humans to spread  spread rapidly  take a while to spread
  • 33.
  • 34. Denial of Service  Denial of service does not involve stealing of resources or gaining information, but rather disabling legitimate use of a system or facilty.  It is easier than breaking into a machine.  They are network based.  They fall into 2 categories: 1. An attack that uses so many facility resources that, in essence, no work can be done.  2. An attack that disrupts the network facility of the computer.  It is impossible to prevent Denial of Service attacks. Frequently it is difficult to determine if a system slowdown is due to surge in use or an attack.