View
0
Download
0
Category
Preview:
Citation preview
MALWARE
By
Farhan Ahmad
farhanahmad@uet.edu.pk
Department of Chemical Engineering,
University of Engineering & Technology Lahore
Introduction : Malwares in brief
Danger of attack
Virus Attacks and Ethics
Economic Impact of Viruses
Example of Computer Viruses
Conclusion
2
Contents
3
malicious software
Computer and macro viruses of any kind
Internet and mass-mailing worms
Trojan horses, backdoors and rootkits
Other computer exploits, bots, zombies
Spyware, adware, and other software installed on a computer
without the user’s knowledge or informed consent
And then there are the “hoax viruses”
Introduction
4
Three key points in malware attacks
Attacker
Victim
Purpose
Attacker: individual or group
Victim: individual or group
Purpose: where ethics lies
Components
5
Not a one-time damage, keeps increasing
Damage in money
Difficult to be contained
Hard to capture the attacker
Danger of attack
6
Labor costs for analyzing and repairing infected systems
Loss of user productivity
Loss of income
Huge investments in anti-malware technology
Secondary costs, e.g. stealing private info
Economic Impact
7
8
“Viruses” appeared in early 1980s
Very soon after first personal computers
They spread by floppy disks, later via “bootleg”
They often weren’t meant to be destructive
Internet “worms” arrived in late 1980s
“There may be a virus loose on the internet.” - Andy Sudduth of
Harvard University, 34 minutes past midnight, November 3, 1988
History
9
First mass-mailing worm came in 1999
Usually called the “Melissa virus”
It was also a “macro virus”
Infected file had to be opened in MS Word
Spyware hits the scene around 2000
“Adware” claims to be legitimate, legal
“Browser hijacking” is common symptom
Other exploits, Trojans, backdoors<
Have been around for a long time
Hackers target entities for malicious attack, or may want “free”
computing resources
History
10
Virus: program that copies itself into other programs
Could be transferred through infected disks
Rate dependent on human use
Worm: a virus that uses the network to copy itself onto other computers
Worms propagate faster than viruses
Large # of computers to infect
Connecting is fast (milliseconds)
Definitions
11
Examples of how worms affect operation of entire Internet
First Worm: Morris Worm (1988)
Code Red (2001)
Nimda (2001)
Blaster (2003)
SQL Slammer (2003)
Example of malwares
12
Damage: 6000 computers in just few hours
Extensive network traffic by worm propagating
What: just copied itself; didn’t touch data
Morris Worm:
13
Examples
ILOVEYOU Virus (2001)
• Spreads through emails and chat clients
• Affects web development and media files ( JPEGs, MP3s <)
• Estimated damage of 10 to 15 billion dollars
14
malware Year Estimated Damage
CIH 1998 20M to 80M $
Melissa 1999 300M to 600M $
Code Red 2001 2.6B $
SQL
Slammer
2003 shut down South Korea's online capacity for 12 hours
Blaster 2003 2B to 10B $
Sobig.F 2003 5B to 10B $
MyDoom 2004 At its peak, slowed global Internet performance by 10 percent
and Web load times by up to 50 percent
Sasser 2004 Tens of millions of dollars
CodeRed
Sobig.F Sasser
Blaster
15
Sluggishness
One or more unexpected restarts
Frequent system crashes
Constant hard disk activity
Generalized “strange behavior”
Symptoms
16
propagate rapidly, exploit common vulnerabilities and cause
widespread damage
Prevention
Eliminate Buffer Overflows (Programmers)
Don’t open email attachments
Disable unnecessary functionality
Patch systems regularly
Detection
Update scanners with latest definitions
Use auto-updating scanners when possible
Employ programs
Preventions
Recommended