DOCSLIB.ORG

Bots and Botnets: Risks, Issues and Prevention

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Bots and Botnets: Risks, Issues and Prevention EMEA MSSD The Journey, So Far: Trends, Graphs and Statistics Martin Overton, IBM UK 20th September 2007 | Author: Martin Overton © 2007 IBM Corporation EMEA MSSD Agenda . The ‘First’ IBM PC Virus . Statistics, 80’s . Statistics, 90’s . Statistics, 00’s . Malware Myth-busting . Putting it all Together . Conclusions . Questions The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Disclaimer . Products or services mentioned in this presentation are included for information only. Products and/or services listed, mentioned or referenced in any way do not constitute any form of recommendation or endorsement by IBM or the presenter. All trademarks and copyrights are acknowledged. The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Brain . The very first malware written for the IBM PC [and clones] used ‘stealth’ to hide its presence[1]: . Here is a short extract from the description of Brain from F-Secure explaining how the stealth function it used works: . “The Brain virus tries to hide from detection by hooking into INT 13. When an attempt is made to read an infected boot sector, Brain will just show you the original boot sector instead. This means that if you look at the boot sector using DEBUG or any similar program, everything will look normal, if the virus is active in memory. This means the virus is the first "stealth" virus as well.” [1] Source : http://www.research.ibm.com/antivirus/timeline.htm [2] More data can be found here : http://www.f-secure.com/v-descs/brain.shtml The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth - Running Total (80s by year: actual) 50 Known Total Number 25 of Viruses 0 198 19 198 19 87 89 6 8 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth (Actual) (80s by year: actual) 18 16 14 12 Number 10 of new Viruses 8 6 4 2 0 1 1 1 1 9 9 9 9 8 8 8 8 7 8 9 6 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Quote: “Viruses are an 'Urban Myth', just like the alligators said to inhabit the sewers of New York.” Peter Norton 1988 The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth - Running Total (90s by year: actual and predicted) Thousands 50 Known 45 Predicted 40 35 Total 30 Number 25 of Viruses 20 15 10 5 0 1 1 1 1 1 1 1 1 1 1 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 1 2 5 6 9 0 3 4 7 8 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth (Actual) (90s by year: actual and predicted) 25000 Known Predicted 20000 Number 15000 of new Viruses 10000 5000 0 1 1 1 1 1 1 1 1 1 1 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 9 2 3 4 5 6 7 0 1 8 9 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Payload Animations The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth - Running Total (00s by year: actual and predicted) Thousands 350 Known 300 Predicted 250 Total Number 200 of 150 Viruses 100 50 0 2 2 2 2 2 2 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 2 4 5 7 0 3 6 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth (Actual) (00s by year: actual and predicted) 140000 Known 120000 Predicted 100000 Number 80000 of new Viruses 60000 40000 20000 0 2 2 2 2 2 2 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 2 3 4 5 7 6 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Other Virus Screenshots The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Swen The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD WormCharmer Statistics, 2003-2007 14000 12000 10000 2003 8000 2004 2005 6000 2006 4000 2007 2000 0 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Malware Myth-busting . Concept [aka ‘Prank’] was the first macro virus . Malware extortion started with GPCode . Apple malware appeared after IBM PC DOS malware . Mainframes can’t be infected . *NIX worms appeared after Wintel worms The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Concept [aka ‘Prank’] was the first macro virus The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Malware extortion started with GPCode The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD AIDS Disk The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Apple malware appeared after IBM PC DOS malware The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Mainframes can’t be infected The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD *NIX worms appeared after Wintel worms The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Putting it all Together – The Big Picture The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth - Running Total (by year: actual and predicted) Thousands Known 350 300 Predicted 250 Total Number 200 of 150 Viruses 100 50 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 9 9 9 9 9 9 9 9 9 9 9 9 9 9 0 0 0 0 0 0 0 0 0 0 8 8 8 8 9 9 9 9 9 9 9 9 9 9 0 0 0 0 0 0 6 3 6 9 0 3 6 7 7 8 9 0 1 2 4 5 7 8 1 2 4 5 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Virus Growth (Actual) (by year: actual and predicted) 140000 Known 120000 Predicted 100000 Number 80000 of new Viruses 60000 40000 20000 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 9 9 0 9 9 9 9 9 9 9 9 9 9 9 9 0 0 0 0 0 0 0 8 9 9 9 9 9 0 0 0 8 8 8 9 9 9 9 9 0 0 0 0 0 7 8 9 0 2 3 4 5 6 9 0 1 4 5 6 6 1 7 8 2 3 7 Year The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Viruses in the wild 1995-2005 Source: Virus Bulletin 100% 80% 60% 40% 20% 0% Jan Se M Ja S M J Sep M Jan Se M Ja S M J Sep ep an- ep an- a a ay ay ay p n- p n- y- y- - - - - - - - - - - - 9 0 0 9 9 0 9 9 0 0 97 03 5 5 7 9 9 1 1 3 5 5 File Boot Multi Macro Script The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD The Changing Face of the Threat . It was easy when everything was a . Now viruses are just one category of Malware virus… … File infectors Viruses Worms Boot infectors Trojans Multipartile (File/Boot) Backdoors Macro Bots, Zombies Script Adware Spyware Blended Threats Applications, Security/Hacking Tools Key loggers Rootkits The Journey, So Far: Trends, Graphs and Statistics | Martin Overton © 2007 IBM Corporation EMEA MSSD Conclusions . 1986 until early nineties they were the almost exclusive domain of the DOS COM, EXE file infectors and boot viruses. They became more complex and stealthy as the years passed. We also saw viruses that would attack or disable anti-virus defences. 1995-2000 Macro viruses were King, slowly spreading at first, as people exchanged infected .doc/.xls files via floppy, CD or e-mail. Later examples would be able to propagate via e-mail by reading the Outlook or Windows address book, but only after a recipient had opened the infected attachment. 2000-2003 saw Script viruses steal the crown from Macro viruses, and we also started to see 32 bit PE files becoming dominant; multi-component malware started to appear. A large proportion of malware started to use vulnerabilities in both the OS and applications. 2004 to the start of 2005, the mass-mailing worms were the Kings; resulting in many overloaded mail servers and worn-out anti-virus researchers and corporate security staff. 2005-2007 and the new Kings, were BOTs, Trojans and Spyware. Phishing grew from almost nowhere to one of the biggest security risks, aside from malware.
Load more

Recommended publications
  • Bibliography
    Bibliography [1] M Aamir Ali, B Arief, M Emms, A van Moorsel, “Does the Online Card Payment Landscape Unwittingly Facilitate Fraud?” IEEE Security & Pri- vacy Magazine (2017) [2] M Abadi, RM Needham, “Prudent Engineering Practice for Cryptographic Protocols”, IEEE Transactions on Software Engineering v 22 no 1 (Jan 96) pp 6–15; also as DEC SRC Research Report no 125 (June 1 1994) [3] A Abbasi, HC Chen, “Visualizing Authorship for Identification”, in ISI 2006, LNCS 3975 pp 60–71 [4] H Abelson, RJ Anderson, SM Bellovin, J Benaloh, M Blaze, W Diffie, J Gilmore, PG Neumann, RL Rivest, JI Schiller, B Schneier, “The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption”, in World Wide Web Journal v 2 no 3 (Summer 1997) pp 241–257 [5] H Abelson, RJ Anderson, SM Bellovin, J Benaloh, M Blaze, W Diffie, J Gilmore, M Green, PG Neumann, RL Rivest, JI Schiller, B Schneier, M Specter, D Weizmann, “Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications”, MIT CSAIL Tech Report 2015-026 (July 6, 2015); abridged version in Communications of the ACM v 58 no 10 (Oct 2015) [6] M Abrahms, “What Terrorists Really Want”,International Security v 32 no 4 (2008) pp 78–105 [7] M Abrahms, J Weiss, “Malicious Control System Cyber Security Attack Case Study – Maroochy Water Services, Australia”, ACSAC 2008 [8] A Abulafia, S Brown, S Abramovich-Bar, “A Fraudulent Case Involving Novel Ink Eradication Methods”, in Journal of Forensic Sciences v41(1996) pp 300-302 [9] DG Abraham, GM Dolan, GP Double, JV Stevens,
    [Show full text]
  • Bibliography
    Bibliography [1] M Aamir Ali, B Arief, M Emms, A van Moorsel, “Does the Online Card Payment Landscape Unwittingly Facilitate Fraud?” IEEE Security & Pri- vacy Magazine (2017) [2] M Abadi, RM Needham, “Prudent Engineering Practice for Cryptographic Protocols”, IEEE Transactions on Software Engineering v 22 no 1 (Jan 96) pp 6–15; also as DEC SRC Research Report no 125 (June 1 1994) [3] A Abbasi, HC Chen, “Visualizing Authorship for Identification”, in ISI 2006, LNCS 3975 pp 60–71 [4] H Abelson, RJ Anderson, SM Bellovin, J Benaloh, M Blaze, W Diffie, J Gilmore, PG Neumann, RL Rivest, JI Schiller, B Schneier, “The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption”, in World Wide Web Journal v 2 no 3 (Summer 1997) pp 241–257 [5] H Abelson, RJ Anderson, SM Bellovin, J Benaloh, M Blaze, W Diffie, J Gilmore, M Green, PG Neumann, RL Rivest, JI Schiller, B Schneier, M Specter, D Weizmann, “Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications”, MIT CSAIL Tech Report 2015-026 (July 6, 2015); abridged version in Communications of the ACM v 58 no 10 (Oct 2015) [6] M Abrahms, “What Terrorists Really Want”,International Security v 32 no 4 (2008) pp 78–105 [7] M Abrahms, J Weiss, “Malicious Control System Cyber Security Attack Case Study – Maroochy Water Services, Australia”, ACSAC 2008 [8] A Abulafia, S Brown, S Abramovich-Bar, “A Fraudulent Case Involving Novel Ink Eradication Methods”, in Journal of Forensic Sciences v41(1996) pp 300-302 [9] DG Abraham, GM Dolan, GP Double, JV Stevens,
    [Show full text]
  • Characteristics of a Computer Virus
    We Are The Devils Of Your Computer System A Computer Virus is a program that may disturb the normal working of a computer. CHARACTERISTICS OF A COMPUTER VIRUS: ● the ability to replicate itself. ● the ability to attach itself to another computer file. For fun Release anger Take revenge For fame Antivirus market Disrupt enemy’s information and network The term "computer virus" is often used incorrectly as a catch-all phrase to include all types of Malware such as Computer Worms, Spyware, Adware, and Root kits - all of which are slightly different than Computer Viruses. What is Malware? ● Malware is a general name for all programs that are harmful: ● Virus ● Trojan Horse ● Spyware ● Adware ● Rootkits VIRUS: A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. With an ability to replicate itself, thus continuing to spread. Also, known as Malicious Software, a program that can cause damage to a computer. •Boot sector virus •Master Boot Record (MBR) virus •File infector virus •Multipartite virus •Macro virus BOOT SECTOR VIRUS: Boot sector viruses generally hide in the boot sector, either in the bootable disk or the hard drive. It attaches itself to the primary active partition of the hard disk that is read by the computer upon boot up. MASTER BOOT RECORD VIRUS: MBR viruses are memory-resident viruses that infect disks in the same manner as boot sector viruses. However it, infects the MBR of the system, gets activated when the BIOS activates the Master boot code. MBR infectors normally save a legitimate copy of the master boot record in an different location.
    [Show full text]
  • T-AIMD-99-146 Information Security: the Melissa Computer Virus
    United States General Accounting Office Testimony GAO Before the Subcommittee on Technology, Committee on Science, House of Representatives For Release on Delivery Expected at 10 a.m. INFORMATION SECURITY Thursday, April 15, 1999 The Melissa Computer Virus Demonstrates Urgent Need for Stronger Protection Over Systems and Sensitive Data Statement of Keith A. Rhodes Technical Director for Computers and Telecommunications Accounting and Information Management Division GAO/T-AIMD-99-146 Madam Chairwoman and Members of the Subcommittee: Thank you for inviting me to participate in todays hearing on the Melissa computer virus. Although it did disrupt the operations of thousands of companies and some government agencies, this virus did not reportedly permanently damage systems and did not compromise sensitive government data. Nevertheless, it has shown us just how quickly computer viruses can spread and just how vulnerable federal information systems are to computer attacks. Moreover, Melissa has clearly highlighted the urgent and serious need for stronger agency and governmentwide protection over sensitive data. Today, I will discuss the immediate effects of the Melissa virus and variations of it as well as its broader implications. I will also discuss some critical measures that should be taken to help ensure that federal departments and agencies are better prepared for future viruses and other forms of attack. Melissa is a macro virus that can affect users of Microsofts Word 1 97 or The Melissa Virus and Word 2000. Macro viruses are computer viruses that use an applications Its Immediate Impact own macro programming language2 to reproduce themselves. Macro viruses can inflict damage to the document or to other computer software.
    [Show full text]
  • Cyber Risk – Common Threats Part 1 of 2
    Cyber Risk – Common Threats Part 1 of 2 Table of Contents Threats to Information Systems ..................................................................................................... 2 Malware .......................................................................................................................................... 4 Viruses ............................................................................................................................................. 5 Virus Examples ................................................................................................................................ 6 Worms ............................................................................................................................................. 8 Brief Virus and Worm History ......................................................................................................... 9 Downloaders ................................................................................................................................. 11 Attack Scripts ................................................................................................................................ 13 Botnet -1 ....................................................................................................................................... 15 Botnet -2 ....................................................................................................................................... 17 IRCBotnet Example ......................................................................................................................
    [Show full text]
  • Than Digital Dirt: ​ ​ ​ ​ ​ ​ Preserving Malware in Archives, Museums, and Libraries ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​
    More Than Digital Dirt: ​ ​ ​ ​ ​ ​ Preserving Malware in Archives, Museums, and Libraries ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ by Jonathan Farbowitz ​ ​ A thesis submitted in partial fulfillment ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ of the requirements for the degree of ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Master of Arts ​ ​ ​ ​ Moving Image Archiving and Preservation Program ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Department of Cinema Studies ​ ​ ​ ​ ​ ​ New York University ​ ​ ​ ​ May 2016 ​ ​ 1 Table of Contents ​ ​ ​ ​ Chapter 1: Why Collect Malware? 2 ​ ​ ​ ​ ​ ​ ​ ​ Chapter 2: A Brief History of Malware 29 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Chapter 3: A Series of Inaccurate Analogies 54 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Chapter 4: A Gap in Institutional Practice 60 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Chapter 5: Malware Preservation Strategies and Challenges 73 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Chapter 6: Metadata for Malware 100 ​ ​ ​ ​ ​ ​ ​ ​ Chapter 7: Proof of Concept — Providing Access to Malware 109 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Chapter 8: Risk Assessment Considerations for Storage and Access 119 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Chapter 9: Further Questions and Research 130 ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ Acknowledgements 135 Sources Consulted 136 ​ ​ 2 Chapter 1: Why Collect Malware?1 ​ ​ ​ ​ ​ ​ ​ ​ Computer viruses are almost as old as personal computers themselves, and their ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ evolution was only hastened by the birth of the internet. Within each code is a story about ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ ​ its author, about the time it was written, and about the state
    [Show full text]
  • WHAT IS WILD? Sarah Gordon IBM TJ Watson Research Center P.O. Box
    WHAT IS WILD? Sarah Gordon IBM TJ Watson Research Center P.O. Box 704 Yorktown Heights, NY 10598 [email protected] Abstract “In the Wild” virus detection is part of the criteria of National Computer Security Association (NCSA) Anti-virus Product Certification, SECURE COMPUTING Checkmark Certification, the proposed UK IT Security Evaluation and Certification (ITSEC) anti-virus product certification and other product review and evaluation schemes. However, companies which use “certified” products, based on “In the Wild” (ITW) detection continue to suffer the effects of viruses. This paper considers the various definitions of “In the Wild”, as well as how well the “In the Wild” criteria as defined by the individual testing organizations measure the ability of products to deliver adequate protection. Inherent problems with such approaches are discussed from both a development and user perspective. Some alternative testing, development and protection strategies are offered. Introduction There are currently over 10,000 computer viruses in existence. Most of these have little likelihood of spreading and exist only in collections; they are known as “Zoo” viruses. Even an anti-virus virus researcher would be hard pressed to list a significant percentage of these viruses, let alone provide detailed information on how they operate. Most users have only even heard of a handful of them. Yet when a virus is encountered within a company, it is usually the case that a call to an anti-virus vendor, or a search through a virus encyclopedia will provide further information on that particular virus. This is because vendors, researchers and testers have begun to focus their attention on those viruses “In the Wild”.
    [Show full text]
  • A) Answer the Following:- 1) Computer Viruses, Worms Trojan Horse Spyware
    WELLAND GOULDSMITH SCHOOL Class- VII Subject- Computer Science Topic- Malicious Software Answer Sheet:- A) Answer the following:- 1) Computer viruses, worms Trojan horse spyware. 2) Fred Cohen was an American computer scientist who walked on the defensive techniques for computer viruses. 3) Spam is unsolicited unwanted email same to many people. It may contain advertisements or may spread Malware such as virus. 4) Boot sector virus, file infector virus, and macro virus. 5) It is a set of programs that are used to detect and remove viruses and other Malware from a computer. 6) McAfee, Kaspersky ,Avast, Norton, Quick Heal malware bytes and so on. 7) A Firewall is a software program used to protect a computer from hackers, viruses and worms that try to inspect it over the internet. 8) The very first computer virus first stuff Creeper virus that was detected on ARPANET in the early 1970. B) Answer the following in details:- 1) Refer to page 22 2) Refer to page 26 3) Refer to page 22 (Did you know) C) Give two examples of each:- Worms - Code Red, Slammer Trojan horse - Crack, Acid Rain Macro Virus- Nuclear and DMV Polymorphic Virus- Marburg, Satan Bug Boot sector virus- Brain, Elk Cloner Exercise from the textbook A.1)c, 2)a, 3)c, 4)b, 5)a, 6)c B.1)F ,2)T ,3)F ,4)F ,5)T ,6)T C.1) worm 2) antivirus 3) metro 4) adware 5) Trojan 6) spam 7) sweeper 8) quarantine 9) virus D.1. boot sector virus 2. spyware 3.
    [Show full text]
  • Internet Security Adware Ad Supported Software, Often Called Adware
    Internet Security Adware Ad supported software, often called adware, is used when referencing any type of software that downloads or displays unwanted advertisement on a computer while the software is being used. Adware is often bundled in with software the computer owner wants. Adware can also be spyware; a type of malware that is considered to be privacy invasive. Antivirus Software Antivirus (or anti-virus) software is used to safeguard a computer from malware, including viruses, computer worms, and trojans. Antivirus software may also remove or prevent spyware and adware, along with other forms of malicious software. Backdoor A backdoor refers to a method in which a hacker can bypass normal authentication on a computer to gain remote access without the knowledge of the user. A backdoor is a general term that may refer to installed software or a modification to an existing program or hardware. Black Hat Hacker An individual with extensive computer knowledge whose purpose is to breach or bypass internet security. The general view is that, while hackers build things, crackers break things. Also known as a Cracker. Black Hat SEO Black hat search engine optimization refers to a backhanded method of garnering a higher ranking in search engines. The practice is understandably frowned upon by search engines, and the perpetrating sites are punished accordingly. Common techniques include spamdexing, hidden text, and cloaking. Botnets Bots, or robots, serve a command computer, carrying out automated functions at their master’s bidding. Common bot crimes include denial-of-service, extortion, identity theft, spam, and fraud. Multiple infected computers together form a botnet, with each individual computer also termed a zombie.
    [Show full text]
  • Chapter#3 2Nd Term COMPUTER VIRUSES
    St. Francis’ High School Hayatabad Peshawar Computer Viruses Chapter#3 2nd Term COMPUTER VIRUSES Objective Type Questions 1. Choose the correct one. a) A computer virus may be capable of i. Infecting executable files ii. Infecting disks by attaching itself to special programs on the hard disk, called boot records iii. Both i and ii iv. None of the above b) Which of the following are the signs of a virus attack? i. The computer runs slower than normal ii. There is a change in file size iii. The computer restarts on its own iv. All of the above c) A computer virus can spread through i. Emails ii. USB iii. Both i and ii iv. None of the above Computer Science St. Francis’ High School Hayatabad Peshawar Computer Viruses d) Program viruses infect files that have the extension i. COM ii. EXE iii. SYS iv. All of the these e) Which of the following is a boot virus? i. Michelangelo ii. Sunday iii. Acid Rain iv. None of these f) Which of the following are infected by a macro virus? i. .exe file ii. Boot records iii. Data files iv. None of these g) ___________refers to computer programs that secretly gather information about the user and relay it to other interested parties i. Worm ii. Spyware iii. Virus iv. None of these Computer Science St. Francis’ High School Hayatabad Peshawar Computer Viruses h) ____________refers to unsolicited mail. i. Spam ii. E-mail iii. Mail iv. None of these Descriptive Type Questions 2. Answer the following. a) Name a type of virus that infects data files? Ans- Macro viruses: these infect data files, such as Word documents or Excel spreadsheets, rather than programs.
    [Show full text]
  • 7Rslfv &Ryhuhg
    &RPSXWHU9LUXV 7RSLFV &RYHUHG ͻͻͻͻͻŽŵƉƵƚĞƌ sŝƌƵƐ DĂůǁĂƌĞ ͲŵĂŝů sŝƌƵƐ ZĂŶƐŽŵǁĂƌĞ sŝƌƵƐ ŶƚŝǀŝƌƵƐ WƌŽŐƌĂŵ ͻ WƌĞĐĂƵƚŝŽŶƐ ĂŐĂŝŶƐƚ ŽŵƉƵƚĞƌsŝƌƵƐ &RPSXWHU9LUXV s/Zh^ ƐƚĂŶĚƐ ĨŽƌ sŝƚĂů /ŶĨŽƌŵĂƚŝŽŶ ZĞƐŽƵƌĐĞƐ hŶĚĞƌ ^ĞŝnjĞ͘ sŝƌƵƐĞƐ ĂƌĞ ƉƌŽŐƌĂŵƐ ǁŚŝĐŚ ĂƌĞ ĐƌĞĂƚĞĚ ĚĞůŝďĞƌĂƚĞůLJ ƚŽ ĚĂŵĂŐĞ ĐƌŝƚŝĐĂů ŝŶĨŽƌŵĂƚŝŽŶ ĂŶĚ ĚĂƚĂ͘ ǀŝƌƵƐ ĐĂŶ ďĂĚůLJ ĂĨĨĞĐƚ Žƌ ŝŶĨĞĐƚ LJŽƵƌ ĐŽŵƉƵƚĞƌ ǁŝƚŚŽƵƚ LJŽƵƌ ŬŶŽǁůĞĚŐĞ ĂŶĚ ĐĂŶ ĂůƚĞƌ ŝƚƐ ǁŽƌŬŝŶŐ͘ŶŐ KŶĐĞ ĂǀŝƌƵƐŝƐŝŶLJŽƵƌĐŽŵƉƵƚĞƌ͕LJŽƵƌĨŝůĞƐĂŶĚŽƉĞƌĂƚŝŶŐƐLJƐƚĞŵŵĂLJŐĞƚĞŵŵĂLJ ĚĂŵĂŐĞĚ͘ ŽŵƉƵƚĞƌ ǀŝƌƵƐĞƐ ĚŽ ŶŽƚ ŐĞŶĞƌĂƚĞ ďLJ ĐŚĂŶĐĞ͘ dŚĞŚĞ ƉƌŽŐƌĂŵŵĞƌ ŽĨ ĂĂ ǀŝǀŝƌƵƐ͕ ŬŶŽǁŶ ĂƐ Ă ǀŝƌƵƐ ĂƵƚŚŽƌ͕ ŝŶƚĞŶƚŝŽŶĂůůLJ ǁƌŝƚĞƐ Ă ǀŝƌƵƐ ƉƌŽŐƌĂŵ ǁŝƚŚ Ă ŵŽƚŝǀĞ ƚŽ ĚĂĚĂŵĂŐĞĚĂƚĂĚĂŵĂŐĞ ĚĂƚĂ Žƌ ƉƌŽŐƌĂŵƐ ƌĞƐŝĚŝŶŐ ŝŶƚŚĞĐŽŵƉƵƚĞƌ͘tƌŝƚŝŶŐĂǀŝƌƵƐƉƌŽŐƌĂŵƵƐƵĂůůLJƌĞƋƵŝƌĞƐƐŝŐŶŝƐƵĂůůLJƌĞƋƵŝƌĞƐƐŝŐŶŝĨŝĐĂŶƚƉƌŽŐĂůůLJƌĞƋƵŝƌĞƐƐŝŐŶ ĨŝĐĂŶƚƉƌŽŐƌĂŵŵŝŶŐƐŬŝůůƐ͘ sĞƌLJĨĞǁǀŝƌƵƐĞƐĂƌĞŚĂƌŵůĞƐƐ͘dŚĞLJĚŝƐƉůĂLJŽŶůLJĂƐŝŵƉůĞŵĞƐƐĂƐƉůĂLJŽŶůLJĂƐŝŵƉůĞŵĞƐƐĂŐĞ͘ůLJĂƐŝŵƉůĞŵĞƐƐĂŐŐĞ͘ƵƚŵŽƐƚŽĨƚŚĞǀŝƌƵƐĞƐĂƌĞ ǀĞƌLJ ŚĂƌŵĨƵů͘ dŚĞLJ ĚĞƐƚƌŽLJ ĚĂƚĂ Žƌƌ ĞǀĞŶ ƚŚĞ ĞŶƚŝƌĞ ŚĂƌĚ ĚŝƐŬ͘P sŝƌƵƐĞƐ ĂƚƚĂĐŚ ƚŚĞŵƐĞůǀĞƐ ƚŽ ƉƌŽŐƌĂŵ ĨŝůĞƐ ĂŶĚ ŵŽǀĞ ǁŝƚŚ ƚŚĞŵŵ ĨƌŽŵ ĚŝƐŬ ƚŽ ĚŝƐŬ͘ ^ŽŵĞ ǀŝǀŝƌƵƐĞƐ ĂƚƚĂĐŚ ƚŚĞŵƐĞůǀĞƐ ƚŽ Ă ĨŝůĞ ĂŶĚ ůŝĞ ĚŽƌŵĂŶƚ͘ Ƶƚ ǁŚĞŶ Ă ĐĞƌƚĂŝŶĂŝŶ ĚĂƚĞ Žƌ ĞǀĞŶƚ ŽĐĐƵƌƐ͕ƚŚĞLJŐĞƚƚƌŝŐŐĞƌĞĚĂŶĚďĞĐŽŵĞƐŽĐĐƵƌƵƌ ĂĐƚŝǀĞ͘ KŶĞ ƐƵĐŚ ŶŽƚŽƌŝŽƵƐ ǀŝƌƵƐ ŝƐ ĐĂůůĞĚ &ƌŝĚĂLJ͕ ƚŚĞ ϭϯƚŚϭ sŝƌƵƐ͘ /ƚ ŝƐ ĂůƐŽ ĐĂůůĞĚ :ĞƌƵƐĂůĞŵ sŝƌƵƐ ďĞĐĂƵƐĞ ŝƚ ǁĂƐ ĨŝƌƐƚƐƚ ĚŝƐĐŽǀĞƌĞĚ Ăƚ ƚŚĞ hŶŝǀĞƌƐŝƚLJhŶŝǀĞƌƐŝƚ ŽĨ :ĞƌƵƐĂůĞŵ ŝŶ ϭϵϴϳ͘ /ƚ ŐĞƚƐ ĂĐƚŝǀĂƚĞĚ ĞǀĞƌLJ&ƌŝĚĂLJƚŚĂƚŽĐĐƵƌƐŽŶƚŚĞϭϯƚŚŽĨĂŵŽŶƚŚ͘ƌƐŽŶƚŚĞϭϯƚŚŽĨĂŵŽŶƚŚ͘ 7<3(62)9,586(6 &ŝůĞ/ŶĨĞĐƚŽƌ͗ dŚŝƐ ŝƐ ƚŚĞƚŚĞ ŵŽƐƚŵŽƐƚ ĐŽŵŵŽŶ ƚLJƉĞ ŽĨ ǀŝƌƵƐ͘ /ƚ ĂĚĚƐ ǀŝƌƵƐ ĐŽĚĞ
    [Show full text]
  • Malicious Codes in Depth Taxonomy of Malicious Code
    MMaalliicciioouuss CCooddeess iinn DDeepptthh Mohammad Heidari [email protected] Dedicated to my Grand Master - Hemmatabadi – The fine man Who left me too soon, He is truly missed. 1 The art of war teaches us to rely not on the likelihood of the enemy’s not coming but on our own readiness to receive him , not on the chance of he is not attacking , but rather on the fact that we have made our position unassailable . - The Art of War – Sun Tzu ABSTRACT Malicious code refers to a broad category of software threats to your network and systems. Perhaps the most sophisticated types of threats to computer systems are presented by malicious codes that exploit vulnerabilities in computer systems. Any code which modifies or destroys data, steals data , allows unauthorized access Exploits or damage a system, and does something that user did not intend to do, is called malicious code. This paper will briefly introduce you to the various types of malicious code you will encounter, including Viruses, Trojan horses, Logic bombs and Worms. November 13, 2004 2 Malicious codes in depth Taxonomy of malicious Code A computer program is a sequence of symbols that are caucused to achieve a desired functionality; the program is termed malicious when their sequences of instructions are used to intentionally cause adverse affects to the system. In the other words we can’t call any “bug” as a Malicious Code. Malicious codes are also called programmed threats. The following figure provides an overall taxonomy of Malicious Code. Figure 1 Malicious Code Taxonomy Malicious Code Needs Host Independent Program Trap Doors Logic Bombs Trojan Horses Viruses Worms Zombie Replicate Taxonomy is a system of classification allowing one to uniquely identify something.
    [Show full text]