3. Malicious Program
⢠Malicious programs refers to a broad
category of programs that can cause
damage or undesirable effects to computer
networks.
⢠The other words for this is Malware
(Malicious Software), Badware, Rouge
Program (a form of internet fraud using
internet)
⢠Besides malicious programs there are
non-malicious programs as well.
4. Malicious program contâŚ
⢠Malicious program is not a new concept, it
was officially defined by Cohen in 1984,
but the behaviour of the viruses was first
observed in 1970.
⢠The damages caused because of
malicious code are:
Potential damage can include modifying.
Destroying or stealing data.
5. Gaining or allowing unauthorised access to
a system
Executing functions that a user never
intended.
7. Viruses:
⢠Viruses: A hidden self-replicating
section of computer software,
usually malicious code that
propagates by infecting (i.e.
inserting a copy into becoming a
part of) another program or
system memory.
The viruses can damage your
hardware, software or files and
replicate themselves.
8. Categories of Viruses
1. Boot sector virus :
⢠infect boot sector of systems.
⢠become resident.
⢠activate while booting machine
2. File virus :
⢠infects program files.
⢠activates when program is run.
9. Types of Viruses
⢠Can classify on basis of how they
attack
⢠Parasitic virus
⢠Memory-resident virus
⢠Boot sector virus
⢠Stealth
⢠Polymorphic virus
⢠Macro virus
10. Transient Virus is active only when its host
program is active.
Resident virus establishes itself in the computerâs
memory & can remain active without its host.
Macro Virus attached to some data file
Email Virus spread using email with attachment
containing a macro virus
11. Properties of Viruses
ďź Virus program should be hard to detect by
anti-virus software.
ďź Viruses should be hard to destroy or deactivate.
ďź Spread infection widely.
ďź Should be easy to create.
ďź Be able to re-infect.
ďź Should be machine / platform independent, so
that it can spread on different hosts.
13. Worms:
⢠Worms: Reproducing programs that run
independently and travel across network
connections.
⢠âFamousâ worms are:
- Morris Internet Worm(1988)
- Code Red : had triggered time for Denial of
Service attacks.
- Code Red 2 : had backdoor installed to allow
remote control.
- Nimba : use multiple infection i.e.email,share,
web clients, etc.
15. This dialog box appears
after the
PIKACHUPOKEMON.EXE
file has been activated. Worm:
⢠Accesses Outlook Address Book
⢠Embeds code to delete Windows
and Windows Subfolders upon
Restart.
⢠+: Does ask for permission to
delete files with a âYâ command.
16. Virus v/s. Worms:
⢠Viruses require interaction whereas
worms act on there own.
⢠Viruses has to relay on users
transferring to infect files / programs
while worms can use a network to
replicate itself .
⢠Speed of worms is more
than viruses.
17. Trojan Horse:
⢠Trojan Horse:
â A Trojan horse is a program in
which malicious or harmful code is
present in such a way that it can
get a control over the system & use
to do its chosen form of damage.
âTrojans are not viruses since they do
not replicate, but Trojan horse
programs can be just as destructive.
18. ContinuedâŚ
⢠Trojan Horses appear to be useful or
interesting to an unsuspecting user, but
are actually harmful.
⢠A Trojan horse can be attached to any
useful software by a cracker & can be
spread by tricking users into believing that
it is a useful program.
19. Damages caused by Trojans
⢠Erasing or overwriting data on a computer.
⢠Corrupting files.
⢠Installing a backdoor on a computer.
⢠Spreading other malware, such as viruses,
hence they are also known as âdropperâ.
⢠Logging keystrokes to steal information
such as passwords & credit card numbers
(known as key loggers).
20. Attack of Trojan Horse
⢠Trojan horse attacks any system in the
following manner.
22. Logic Bomb:
⢠Logic Bomb: A logic bomb is a
type of Trojan Horse that executes
when specific conditions occur.
â Triggers for logic bombs can include
change in a file, by a particular series of
keystrokes, or at a specific time or date.
â Suppose a programmer may hide a
piece of code that starts deleting files.
23. Spyware
⢠A spyware is a computer
software which is installed
automatically when you surf
internet or when you install
free software.
⢠Spyware is known to
change computer settings.
24. ⢠Spyware collects various types of
information like:
ďźInternet surfing habits.
ďźVisited sites.
ďźInterfere in installing additional software.
ďźRedirect web browser activity.
25. Spyware is a legal programâŚ..
⢠Here it is in the form of virus alerts.
26. Adware
⢠Adware is any software package which
automatically plays, displays or downloads
advertisements to a computer after the
software is installed on it or while the
application is being used.
⢠Itâs a legal program.
⢠Well known adware program is
â123 Messengerâ
27. 123 MessengerâŚ.
⢠Is in the form of popups & unexplained
advertising programs in your computer.
28. ⢠Advertising companies
hope to generate
money from customers
who receive the popups
or unexplained programs
on their computers
29. How to detect that your computer has a
spyware or adware??
ďźContinuous popups.
ďźPersistent change
in your homepage.
ďźSlower computer
processing, takes
the computer longer
to process or startup.
30. Software Security
⢠Only install necessary and trusted
software.
⢠Beware of *free* games, screen savers,
and graphics.
⢠Keep a hard copy of the copyright
release for all âfreeâ products!
⢠Run and UPDATE anti-virus software!!