Understanding Malicious Software and Its Impact on Computer Systems

Malicious software, commonly known as malware, poses a serious threat to computer systems by exploiting vulnerabilities. This content covers various terminologies, categories, and types of malware, including viruses, worms, rootkits, spyware, and adware. It also delves into how malware can cause damage, spread, and the different tools used by hackers. Understanding these aspects is crucial for safeguarding computer systems against malicious attacks.

• Malware
• Computer Security
• Cyber Threats
• Virus
• Spyware

bess_wyn Follow

Uploaded on Sep 07, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Malicious Software

2. Index Introduction Terminologies Categories Backdoors Logic Bomb Trojan Horse Nimda attack Important questions

3. Introduction Malicious software also known commonly as malware refers to a more sophisticated type of threat to the computer system which are presented by programs that exploit vulnerabilities in computing systems.

4. More about Malware Malware is a software designed to cause damage to or use up the resources of a target computer It is concealed within or masquerades as legitimate software In some cases it spreads itself via email or infected floppy disks

5. Terminologies Virus: malware that when executed tries to replicate itself into another executable code , this code is said to be infected .when the infected code is executed the virus also executes. Worm: a program that can run independently and propagate a working version of itself onto other hosts.

6. Mobile code: software that can be shipped to a collection of platforms and execute with identical semantics. Auto-rooter: malicious hacker tools used to break into new machines remotely. Kit : set of tools to generate virus automatically. Spammer programs : used to send large volumes of unwanted emails. Flooder : used to attack networked computer with a large volume of traffic to carry out a denial of service attack.

7. Root kit : set of tools used after attacker has broken into a system and gained root level control. Zombie ,bot :program activated on infected machine that is further activated to launch attacks on other machines. Spyware : software that collects information from a computer and transmits it into another system. Adware : advertising that is integrated into software that can result in pop ups or redirection of a browser onto a commercial site.

8. Categories Of Malware Referred to as parasitic Essential fragments of programs which cannot exists independently Ex viruses ,logic bombs ,back doors Needs a host Self contained programs that can be run on the o.s Ex worms , bot programs Independent

9. ..Also classified into Do not replicate Do When executed may produce one or more copies of itself and can be activated on same systems replicate Activated by a trigger Ex logic bombs ,back doors , bot programs Ex viruses and worms

10. Backdoors It is a secret entry point into a program that allows to gain access without going through usual security procedures . It is a threat when unscrupulous programmers use them for unauthorized access. Programmers use backdoors legitimately to debug and test programs such a backdoor is called maintenance hook .This is usually done when programmers develop application that has an authorization procedure in it. To secure the backdoor the security measures should focus on the program development and software update activities.

11. Logic Bombs This is one of the oldest type of program threat . Logic bomb is basically a program embedded into a software by an intruder ,which lies dormant until a predefined condition is met after which the program then triggers an unauthorized act.

12. Trojan horse It is a program or a command procedure containing a hidden code that when invoked performs some unwanted or harmful function. Trojan horse can be used to change the file permission for the file to be shared within many users. It can be also used for destroying the file when it seems to be doing a particular task.

13. Nimda Attack Referred to as a simple worm , it uses four distribution methods which are as follows: Email: a user on a host opens an infected email attachment , nimda looks for email addresses on the host and sends copies of itself to these addresses. Windows shares : it scans hosts for unsecured file shares and infects the files on that host , so as when a user runs an infected file , which will activate nimda on that host.

14. Web Servers : Nimda scans web serves and if it finds a vulnerable server ,it attempts to transfer a copy of itself and infect it. Web Clients : if a vulnerable web client visits a web server that has been infected by Nimda the workstation of the web client will become infected.

15. Important Questions What is malicious software ? What are the categories of malicious software? Define : virus , worm , bot programs ,mobile code ,flooder , root kit , spyware , adware. Write short notes on backdoors , logic bomb , trojan horse. Explain in detail nimda attack.

16. The end Thank You Referred from operating systems internals and design principles by William Stallings(sixth edition) Page no.(647-651) -By Rusha Lawande 411127