Download pptx - CIS 442: Chapter 2

Transcript
Page 1: CIS 442: Chapter 2

CIS 442: Chapter 2

Viruses

Page 2: CIS 442: Chapter 2

Malewares

• Maleware classifications and types• Viruses• Logical and time bombs• Trojan horses and backdoors• Worms• Spam• Spyware

Page 3: CIS 442: Chapter 2

Operating systems tasks

• Booting and resetting• Managing volumes and files• Managing executable programs and processes• Managing memory• Handling interrupts

Page 4: CIS 442: Chapter 2

Viruses

• Definition and history• Viruses for mainframe and PCs• Propagation or infection• Payload or damage• Trigger• Replication• Virus polymorphism

Page 5: CIS 442: Chapter 2

Virus writers

• Reasons for writing, using or distributing viruses

• General profile

Page 6: CIS 442: Chapter 2

Virus propagation

• From file to file and from computer to another.

• Looking for executable, and similar files• Memory resident viruses• Infected software, email attachement

Page 7: CIS 442: Chapter 2

Macro viruses

• Differences from typical viruses• Document files

Page 8: CIS 442: Chapter 2

Virus classification methods

• By Infection• By Damage• By trigger• By Platform

Page 9: CIS 442: Chapter 2

Classification

• File infector viruses• Shell viruses• Non-overwriting viruses• Overwriting viruses• Intrusive viruses• Boot sector viruses• Multipartitie viruses

Page 10: CIS 442: Chapter 2

• Memory resident viruses• BSI Boot sector viruses• Differences between BSI and file infectors• Bootstrap loader and virus hiding methods

Page 11: CIS 442: Chapter 2

File infector viruses infection methods

• Shell viruses• Overwriting• Non-overwriting• Intrusive• File attributes: Size, CRC(hash), MAC, code

inside, access permissions

Page 12: CIS 442: Chapter 2

Companion-multipartitie Viruses

• File association• DOS execution sequence (com, bat, exe).• Multi-File infector and BSI viruses: advantages

and challenges

Page 13: CIS 442: Chapter 2
Page 14: CIS 442: Chapter 2

Macro and Script Viruses• Macros programs, examples• Examples and characteristics of Macro Viruses• Protection against Macro viruses.

Page 15: CIS 442: Chapter 2

Infected images and acrobat

• Buffer overflow problems

Page 16: CIS 442: Chapter 2

Virus life cycle

• Signature• Infection• Damage• Trigger or Activation: Bombs

Page 17: CIS 442: Chapter 2

Virus Payloads

• Types and levels of payloads

Page 18: CIS 442: Chapter 2

Virus organization

• Infection marker• Infector• Trigger check• Manipulation

Page 19: CIS 442: Chapter 2

Virus naming

• Based on type• Based on creator• Macro viruses• Based on environment

Page 20: CIS 442: Chapter 2

Virus hiding methods

• Hiding methods• Stealth techniques

Page 21: CIS 442: Chapter 2

Interrupts and viruses

• Relation between interrupts and viruses – trigger and activation

• Trapdoors


Recommended