View
46
Download
5
Category
Tags:
Preview:
DESCRIPTION
Spyware and Adware. Rick Carback 9/18/2005 http://userpages.umbc.edu/~carback1/691i. What is Adware?. Advertising supported software Goes beyond the advertising found in shareware or freeware May run without user knowledge Shows unwanted advertisements Required by terms of use. - PowerPoint PPT Presentation
Citation preview
Spyware and Adware
Rick Carback
9/18/2005http://userpages.umbc.edu/~carback1/691i
What is Adware?
• Advertising supported software
• Goes beyond the advertising found in shareware or freeware
• May run without user knowledge
• Shows unwanted advertisements
• Required by terms of use
What is Spyware?
• May be bundled or included with other software or install itself through other means
• Sends information about host computer back to a remote system or user
• Runs without user knowledge
Adware vs. Spyware
• Adware typically only annoys the user while Spyware will annoy and collect information to be sent back to the creator.
• Generally speaking Spyware is seen as more invasive and subversive Adware.
• Not all Adware and Spyware can be considered bad.
Spyware and Adware that isn’t bad? What?
• Some desirable applications, like kazaa, require the bundled adware to be running in order to work
• Monitoring child internet access
• Some people like targeted advertising
Why Adware and Spyware?
• Keeping installed software up to date
• Preventing software piracy
• Preventing illegal or unacceptable use of installed software
• Gathering of Marketing Information
• Annoying Advertisement
• Complete Privacy Invasion
• Illegal or Unacceptable use of resources
• Password, e-mail, and username harvesting
How does it get there?
• Installation required by Terms of use for other software– Embedded– Bundled
• Exploitation of browser or operating system vulnerability
• Pure deception
What does Spyware do?
• Usually hides from user once installed
• Uses central server or acts as a central server to send the information gathered
• May install other software or remove competitors software
• Targeted popup ads from observed website visits
More Spyware Operations
• Removes advertisements and replaces them with its own
• Alters search engine results
• Sends user to advertisers page instead of that requested
Spyware Operations (cont.)
• May direct machine to participate in a coordinated DOS or other attack
• Any information entered may be tracked– Extortion– Identity Theft
Effects of Spyware
• Complete Security breach
• Abuse of computer resources– Computer becomes unreliable (slows down
or crashes)– Computational power may be sold by
spyware author– Download, store, and serve illegal or
unwanted content
Examples of Adware/Spyware
Security Implications of Adware/Spyware
• Insecurities in Adware/Spyware applications mean the user is at risk
• Spyware can give an attacker complete control
Symptoms of Infected machines
• Unusually long browser startup times• Reset homepage on browser• Computer and Internet response is sluggish• Unexplained popup messages• Ads of competitors on the visited website• System instability
Removing Spyware
• Clicking remove almost never works• Customized tools for specific spyware applications• More general Anti-spyware Tools are available that
work much like Anti-virus software.
Avoiding Adware and Spyware
• Purchasing Adware free version
• Using free software
• Use Anti-Virus, Anti-Spyware, and Firewall applications
Stopping Spyware
• Internet Service Provider monitoring and blocking tools (WebTap)
• Better Operating System Design– Mac OS X and Linux are mostly adware free– SE Linux could prevent it altogether (processes do
NOT have the same privileges as the user running them)
• Rise of the Internet generation
References
• Adware and Spyware: A growing privacy and security problem, David Saurino, SANS GSEC 2004.
Recommended