Embed Size (px)
DESCRIPTION
CIS 442: Chapter 2. Viruses. Malewares. Maleware classifications and types Viruses Logical and time bombs Trojan horses and backdoors Worms Spam Spyware. Operating systems tasks. Booting and resetting Managing volumes and files Managing executable programs and processes - PowerPoint PPT Presentation
Citation preview
CIS 442: Chapter 2
Viruses
Malewares
• Maleware classifications and types• Viruses• Logical and time bombs• Trojan horses and backdoors• Worms• Spam• Spyware
Operating systems tasks
• Booting and resetting• Managing volumes and files• Managing executable programs and processes• Managing memory• Handling interrupts
Viruses
• Definition and history• Viruses for mainframe and PCs• Propagation or infection• Payload or damage• Trigger• Replication• Virus polymorphism
Virus writers
• Reasons for writing, using or distributing viruses
• General profile
Virus propagation
• From file to file and from computer to another.
• Looking for executable, and similar files• Memory resident viruses• Infected software, email attachement
Macro viruses
• Differences from typical viruses• Document files
Virus classification methods
• By Infection• By Damage• By trigger• By Platform
Classification
• File infector viruses• Shell viruses• Non-overwriting viruses• Overwriting viruses• Intrusive viruses• Boot sector viruses• Multipartitie viruses
• Memory resident viruses• BSI Boot sector viruses• Differences between BSI and file infectors• Bootstrap loader and virus hiding methods
File infector viruses infection methods
• Shell viruses• Overwriting• Non-overwriting• Intrusive• File attributes: Size, CRC(hash), MAC, code
inside, access permissions
Companion-multipartitie Viruses
• File association• DOS execution sequence (com, bat, exe).• Multi-File infector and BSI viruses: advantages
and challenges
Macro and Script Viruses• Macros programs, examples• Examples and characteristics of Macro Viruses• Protection against Macro viruses.
Infected images and acrobat
• Buffer overflow problems
Virus life cycle
• Signature• Infection• Damage• Trigger or Activation: Bombs
Virus Payloads
• Types and levels of payloads
Virus organization
• Infection marker• Infector• Trigger check• Manipulation
Virus naming
• Based on type• Based on creator• Macro viruses• Based on environment
Virus hiding methods
• Hiding methods• Stealth techniques
Interrupts and viruses
• Relation between interrupts and viruses – trigger and activation
• Trapdoors
